Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/B-IzhwSKXhHkz88nSETOGD9yRG4.roa
File: B-IzhwSKXhHkz88nSETOGD9yRG4.roa (raw, json)
Hash identifier: YnLpp9fGmyMsduAjb3ebFR0Lsy/94n7A+dxRiyz9BXo=
Subject key identifier: 07:E2:33:87:04:8A:5E:11:E4:CF:CF:27:48:44:CE:18:3F:72:44:6E
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019422FB61E027AE39B989DB596DBA075B72
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/B-IzhwSKXhHkz88nSETOGD9yRG4.roa
Signing time: Wed 01 Jan 2025 17:48:07 +0000
ROA not before: Wed 01 Jan 2025 17:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209115
IP address blocks: 94.247.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:61:e0:27:ae:39:b9:89:db:59:6d:ba:07:5b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jan 1 17:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07e23387048a5e11e4cfcf274844ce183f72446e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:23:74:fc:2f:75:91:e6:7b:b8:64:48:2e:27:
51:cc:00:19:1d:a4:d5:82:03:f0:84:61:7e:50:3d:
f6:3d:8d:d1:7b:2b:46:66:e1:5f:54:f4:a8:18:a3:
60:38:e2:ca:52:b7:83:48:ca:47:0c:ee:82:ce:ac:
55:ef:0a:9c:47:75:d9:c0:4f:48:0e:95:b8:05:67:
92:21:df:a8:d2:49:a7:74:be:34:7a:d8:7e:0f:0c:
c6:e2:d9:c2:9f:cd:fc:4a:52:6b:38:22:c3:b6:11:
5d:81:da:ee:15:24:0a:31:7c:87:8c:85:32:08:ee:
56:bd:a9:81:e2:82:ff:1f:47:04:e5:4f:ab:7b:af:
9c:a2:95:4d:8a:82:50:34:b0:30:47:2d:1c:01:59:
d1:4d:66:62:03:1f:48:62:72:a8:0f:50:79:5c:2b:
dd:5c:0a:16:af:f8:3e:09:16:48:17:04:63:25:9d:
bf:16:ff:37:5e:db:dd:35:12:85:44:38:ac:8b:9a:
0e:52:fd:82:23:ce:e9:50:e7:30:7f:29:df:e8:ff:
b4:43:21:d1:77:f5:e4:2b:9f:1c:ca:a1:47:8a:d0:
97:37:96:71:a3:2b:d3:f6:c2:aa:10:5b:c7:cb:50:
cf:60:17:12:36:0c:29:a9:47:07:c2:ef:9d:00:f4:
aa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E2:33:87:04:8A:5E:11:E4:CF:CF:27:48:44:CE:18:3F:72:44:6E
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/B-IzhwSKXhHkz88nSETOGD9yRG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.228.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:fc:57:0c:56:1d:53:d6:2d:c9:1d:23:62:74:9f:58:5f:96:
a2:5b:7e:96:6a:34:9e:bb:04:f3:b7:d0:7a:5e:6b:6e:92:6b:
bb:cd:36:2d:c8:33:0f:4d:1b:04:79:47:4a:be:c4:a8:12:86:
4c:12:bb:d3:da:73:bf:1b:0e:08:64:b5:08:dc:ce:ef:03:5e:
06:14:e9:10:58:f2:39:84:3a:5d:1d:dc:de:64:09:29:e0:c4:
dd:14:1e:20:f7:0c:8e:8b:b5:ea:dc:e7:ef:d1:d6:db:d4:2d:
59:16:ed:82:2d:f4:75:16:87:f0:1a:b7:64:04:91:fc:aa:46:
a7:e8:d7:5b:39:d1:0b:22:52:fe:ce:d0:3f:88:92:a7:03:2d:
34:e4:e1:c4:91:f0:77:9b:95:e6:6e:4a:b7:1a:74:be:a4:b6:
55:e4:41:3c:e8:bb:9b:51:d1:42:e0:55:7d:d0:8d:87:8f:94:
79:3e:99:76:62:52:bb:dc:99:11:a5:9e:4c:8a:7a:35:f4:43:
9e:c1:7f:0c:9a:d1:d2:cc:48:f8:f1:0d:5e:18:e4:c6:1b:ba:
ad:52:4e:6e:f8:4d:ce:ac:a2:b2:2c:dc:14:49:d9:af:05:79:
39:cf:3d:33:89:74:d0:2b:4a:81:e5:8a:ba:c8:ae:5a:e9:56:
58:45:61:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2HgJ645uYnbWW26B1tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwMTAxMTc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2UyMzM4NzA0OGE1ZTExZTRjZmNmMjc0ODQ0Y2UxODNmNzI0NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iN0/C91keZ7uGRILidRzAAZHaTV
ggPwhGF+UD32PY3ReytGZuFfVPSoGKNgOOLKUreDSMpHDO6CzqxV7wqcR3XZwE9I
DpW4BWeSId+o0kmndL40eth+DwzG4tnCn838SlJrOCLDthFdgdruFSQKMXyHjIUy
CO5WvamB4oL/H0cE5U+re6+copVNioJQNLAwRy0cAVnRTWZiAx9IYnKoD1B5XCvd
XAoWr/g+CRZIFwRjJZ2/Fv83XtvdNRKFRDisi5oOUv2CI87pUOcwfynf6P+0QyHR
d/XkK58cyqFHitCXN5ZxoyvT9sKqEFvHy1DPYBcSNgwpqUcHwu+dAPSquQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfiM4cEil4R5M/PJ0hEzhg/ckRuMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvQi1Jemh3U0tYaEhrejg4blNFVE9HRDl5Ukc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvfkMA0G
CSqGSIb3DQEBCwUAA4IBAQBr/FcMVh1T1i3JHSNidJ9YX5aiW36WajSeuwTzt9B6
Xmtukmu7zTYtyDMPTRsEeUdKvsSoEoZMErvT2nO/Gw4IZLUI3M7vA14GFOkQWPI5
hDpdHdzeZAkp4MTdFB4g9wyOi7Xq3Ofv0dbb1C1ZFu2CLfR1FofwGrdkBJH8qkan
6NdbOdELIlL+ztA/iJKnAy005OHEkfB3m5Xmbkq3GnS+pLZV5EE86LubUdFC4FV9
0I2Hj5R5Ppl2YlK73JkRpZ5Mino19EOewX8MmtHSzEj48Q1eGOTGG7qtUk5u+E3O
rKKyLNwUSdmvBXk5zz0ziXTQK0qB5Yq6yK5a6VZYRWEV
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:44 2025 by rpki-client