Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/CqoX7DJIz6T-m3NHJ01LCtyGJFE.roa
File: CqoX7DJIz6T-m3NHJ01LCtyGJFE.roa (raw, json)
Hash identifier: 32gG2ZUMfd1jjxqZY90ktdKNZmqWxjZXungJm+FeL3s=
Subject key identifier: 0A:AA:17:EC:32:48:CF:A4:FE:9B:73:47:27:4D:4B:0A:DC:86:24:51
Certificate issuer: /CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Certificate serial: 01942520C1B77CF23486A9904D375B6FEA6F
Authority key identifier: A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/CqoX7DJIz6T-m3NHJ01LCtyGJFE.roa
Signing time: Thu 02 Jan 2025 03:48:11 +0000
ROA not before: Thu 02 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212801
IP address blocks: 193.108.164.0/24 maxlen: 24
2001:67c:58c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:c1:b7:7c:f2:34:86:a9:90:4d:37:5b:6f:ea:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Validity
Not Before: Jan 2 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aaa17ec3248cfa4fe9b7347274d4b0adc862451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:04:89:68:e4:56:55:71:00:87:6e:91:c1:
ce:f1:21:d7:e3:6d:2c:ef:63:d8:9b:3a:9b:36:15:
53:13:5d:a4:38:49:02:da:48:34:ad:e6:94:ca:f9:
a2:69:c2:bf:93:22:b5:89:c0:68:b7:68:1f:85:9b:
7b:9a:d9:5e:82:a8:0d:b1:c8:f4:0d:c4:b4:34:bc:
16:0c:f0:ee:7f:09:43:4e:64:fe:94:15:dc:0a:35:
29:3c:34:fd:30:61:c2:7a:83:0f:4b:ce:aa:74:46:
6d:db:91:48:ae:49:ff:df:90:02:3d:50:86:37:4d:
29:87:01:17:95:04:00:5a:1c:87:7e:fc:05:55:95:
79:1e:5d:20:6c:be:5a:f7:fd:0b:06:20:4d:e6:f9:
94:28:0e:db:ab:c5:29:14:5a:c9:53:8c:90:ca:b5:
56:f0:c7:18:79:8d:ca:43:ec:fe:20:2f:86:75:8e:
94:66:35:10:41:7b:e8:20:73:f0:5c:28:86:52:db:
7e:6c:bb:ef:48:9a:26:42:6f:b9:36:2c:11:67:2a:
9c:7f:1f:58:23:ff:57:33:3d:30:d0:fb:e8:1f:e3:
f6:97:c6:09:f8:ab:b0:49:06:71:92:a8:28:e9:53:
a6:27:05:60:6f:d9:f9:99:ea:2a:1b:33:4a:c9:6e:
a5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AA:17:EC:32:48:CF:A4:FE:9B:73:47:27:4D:4B:0A:DC:86:24:51
X509v3 Authority Key Identifier:
keyid:A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/CqoX7DJIz6T-m3NHJ01LCtyGJFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.164.0/24
IPv6:
2001:67c:58c::/48
Signature Algorithm: sha256WithRSAEncryption
85:dd:85:ac:42:c5:4b:f3:d9:54:fc:df:3c:25:50:67:de:81:
ac:81:92:67:bb:9d:cb:6d:d2:86:9c:01:b3:8b:6c:dc:2e:e4:
eb:38:1e:ef:e5:d7:4a:cf:7d:57:e0:2a:ae:d3:66:04:4e:22:
1b:7c:ef:2c:38:2a:f1:19:7b:b0:2d:04:43:a1:aa:bd:e0:12:
0f:9a:b0:6a:ea:d1:72:45:94:04:f3:9f:c4:09:bd:cb:eb:18:
a2:62:2a:60:58:cf:94:9d:5a:0b:74:ad:c9:be:d2:24:79:dc:
16:62:3f:07:c1:07:61:73:5b:eb:24:0e:ff:a7:18:7d:72:9b:
5d:f8:7a:52:cb:a8:3c:c6:74:fb:d8:41:1e:09:82:bb:d0:54:
d0:5b:22:1d:4e:30:eb:c1:ca:0f:d2:8a:8a:8e:d1:24:0d:da:
d5:a5:3f:7c:58:bf:9c:cf:31:c0:cf:5d:b6:cc:33:14:aa:27:
f1:8b:09:d1:e5:00:6a:0b:9c:56:1e:6e:3b:21:31:db:62:62:
d6:6b:96:b6:3e:bf:d7:ed:a1:88:da:ef:d1:9a:64:68:06:ee:
0b:40:05:35:ab:76:58:f2:c9:de:dd:44:b5:b6:5e:4f:84:01:
ef:24:d5:6d:8f:0a:ca:94:72:e3:6b:6e:ed:66:c4:94:9a:fc:
ab:9a:02:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIMG3fPI0hqmQTTdbb+pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDBjNzUxZWJmYjQ4MDdkODQ2MjJlODA2Y2IzZDBiOWRk
ODEwNjkwHhcNMjUwMTAyMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFhMTdlYzMyNDhjZmE0ZmU5YjczNDcyNzRkNGIwYWRjODYyNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom0EiWjkVlVxAIdukcHO8SHX420s
72PYmzqbNhVTE12kOEkC2kg0reaUyvmiacK/kyK1icBot2gfhZt7mtlegqgNscj0
DcS0NLwWDPDufwlDTmT+lBXcCjUpPDT9MGHCeoMPS86qdEZt25FIrkn/35ACPVCG
N00phwEXlQQAWhyHfvwFVZV5Hl0gbL5a9/0LBiBN5vmUKA7bq8UpFFrJU4yQyrVW
8McYeY3KQ+z+IC+GdY6UZjUQQXvoIHPwXCiGUtt+bLvvSJomQm+5NiwRZyqcfx9Y
I/9XMz0w0PvoH+P2l8YJ+KuwSQZxkqgo6VOmJwVgb9n5meoqGzNKyW6l3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAqqF+wySM+k/ptzRydNSwrchiRRMB8GA1UdIwQY
MBaAFKZAx1Hr+0gH2EYi6AbLPQud2BBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMt
MDI2YjhjZjY5MWJhLzEvQ3FvWDdESkl6NlQtbTNOSEowMUxDdHlHSkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMtMDI2YjhjZjY5MWJh
LzEvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWykMA8E
AgACMAkDBwAgAQZ8BYwwDQYJKoZIhvcNAQELBQADggEBAIXdhaxCxUvz2VT83zwl
UGfegayBkme7nctt0oacAbOLbNwu5Os4Hu/l10rPfVfgKq7TZgROIht87yw4KvEZ
e7AtBEOhqr3gEg+asGrq0XJFlATzn8QJvcvrGKJiKmBYz5SdWgt0rcm+0iR53BZi
PwfBB2FzW+skDv+nGH1ym134elLLqDzGdPvYQR4JgrvQVNBbIh1OMOvByg/SioqO
0SQN2tWlP3xYv5zPMcDPXbbMMxSqJ/GLCdHlAGoLnFYebjshMdtiYtZrlrY+v9ft
oYja79GaZGgG7gtABTWrdljyyd7dRLW2Xk+EAe8k1W2PCsqUcuNrbu1mxJSa/Kua
Agk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:18 2025 by rpki-client