Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/JiDLUAEWCf0QMkfngpohCbhKNuQ.roa
File: JiDLUAEWCf0QMkfngpohCbhKNuQ.roa (raw, json)
Hash identifier: g9GotTDpZgVRPRfg5qW5M4wBYQLWFDrkzBNLKf+GOCs=
Subject key identifier: 26:20:CB:50:01:16:09:FD:10:32:47:E7:82:9A:21:09:B8:4A:36:E4
Certificate issuer: /CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Certificate serial: 019424B2D1B37C83B7F23DC4289A460110B6
Authority key identifier: 7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/JiDLUAEWCf0QMkfngpohCbhKNuQ.roa
Signing time: Thu 02 Jan 2025 01:48:06 +0000
ROA not before: Thu 02 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8823
IP address blocks: 94.154.2.0/24 maxlen: 24
185.240.72.0/22 maxlen: 22
193.35.80.0/22 maxlen: 22
2a07:2680::/29 maxlen: 29
2a0c:7580::/29 maxlen: 29
2a0d:6140::/29 maxlen: 29
2a0d:6140::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:d1:b3:7c:83:b7:f2:3d:c4:28:9a:46:01:10:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Validity
Not Before: Jan 2 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2620cb50011609fd103247e7829a2109b84a36e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:66:13:37:f4:72:97:d7:ef:78:7b:61:89:27:
d7:9b:a1:18:35:a1:c2:5a:f9:38:35:97:f1:9a:fa:
ff:57:e2:df:98:e6:e0:55:a6:87:b3:7b:c5:55:93:
49:e1:a2:9d:cd:c4:36:92:db:f7:16:9f:c3:39:b5:
cf:5b:16:af:55:c6:14:6b:ba:73:50:21:d9:e5:98:
9a:43:ea:b1:62:12:ed:86:fb:da:3a:41:e8:81:eb:
f1:de:80:05:a5:22:b5:c3:0c:28:4b:f1:ec:48:09:
01:cf:c8:9d:20:3b:39:66:93:8b:d8:65:90:c5:63:
1f:33:aa:45:95:cc:6d:d8:4f:a8:94:f4:46:7f:43:
72:bf:ab:bc:88:39:35:00:58:4e:f5:8b:4c:b4:b0:
94:41:ef:95:9e:5b:b3:d7:93:d9:dd:f9:fa:28:d6:
9b:70:7d:e2:74:41:38:f4:09:f6:91:fc:eb:9b:d4:
f1:d2:82:1c:6c:f2:48:b7:18:12:30:8d:10:44:41:
b3:e7:fd:f9:5c:0c:0b:be:c2:f0:fa:91:c1:aa:d2:
d4:63:43:fc:59:f7:9b:36:e4:20:14:dc:16:d2:09:
8c:fc:1f:45:98:07:d9:02:f3:3c:ea:35:67:a4:59:
97:04:76:01:08:2b:a8:65:8b:ff:40:c5:d9:a6:90:
18:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:20:CB:50:01:16:09:FD:10:32:47:E7:82:9A:21:09:B8:4A:36:E4
X509v3 Authority Key Identifier:
keyid:7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/JiDLUAEWCf0QMkfngpohCbhKNuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.2.0/24
185.240.72.0/22
193.35.80.0/22
IPv6:
2a07:2680::/29
2a0c:7580::/29
2a0d:6140::/29
Signature Algorithm: sha256WithRSAEncryption
0d:fa:4e:2f:91:7f:3a:9a:9f:8d:8e:56:63:dc:1f:64:28:82:
b0:b2:9f:65:59:26:4c:18:11:84:33:37:43:cf:2d:48:b1:e2:
c7:38:c7:d9:1d:a4:d4:5d:5e:f2:54:54:27:aa:35:2c:4b:d4:
9a:32:98:be:79:6c:41:b3:4f:24:28:e4:ba:3d:c9:1c:6c:91:
06:bd:95:4f:8f:e4:e2:3d:43:8a:13:cf:db:da:85:fa:00:7e:
57:60:c7:80:f4:da:0d:26:3d:fa:21:c6:11:07:c6:ff:8f:c8:
b8:91:64:0c:ff:ca:62:1e:cc:6f:77:12:cf:22:fd:54:90:55:
3a:c0:98:2f:8d:04:be:ef:39:44:69:6b:8c:a4:d1:0a:d7:32:
18:96:4b:88:a0:86:d2:b2:b9:e6:be:41:2e:d5:64:ae:73:c1:
ad:ee:ae:4f:15:0c:ed:19:fd:ef:6e:64:12:f7:fa:d4:9f:ed:
9a:79:19:ba:56:ca:06:84:1f:db:e4:79:bb:14:86:af:b1:54:
0a:98:66:3d:66:cc:c0:a2:f7:1e:4a:f1:a0:bc:af:91:1e:33:
a0:5a:1c:11:10:69:4a:1e:5c:7c:00:70:f5:19:09:24:f0:61:
41:50:68:b6:2a:18:b9:6b:ae:68:50:ec:30:58:8a:24:cc:27:
e5:36:07:65
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQkstGzfIO38j3EKJpGARC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTZlOWQ1N2VmZGFjZDNmN2JjN2U5ODQ5NmI3MTlmYWRj
NWFlNDgwHhcNMjUwMTAyMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIwY2I1MDAxMTYwOWZkMTAzMjQ3ZTc4MjlhMjEwOWI4NGEzNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2YTN/Ryl9fveHthiSfXm6EYNaHC
Wvk4NZfxmvr/V+LfmObgVaaHs3vFVZNJ4aKdzcQ2ktv3Fp/DObXPWxavVcYUa7pz
UCHZ5ZiaQ+qxYhLthvvaOkHogevx3oAFpSK1wwwoS/HsSAkBz8idIDs5ZpOL2GWQ
xWMfM6pFlcxt2E+olPRGf0Nyv6u8iDk1AFhO9YtMtLCUQe+Vnluz15PZ3fn6KNab
cH3idEE49An2kfzrm9Tx0oIcbPJItxgSMI0QREGz5/35XAwLvsLw+pHBqtLUY0P8
WfebNuQgFNwW0gmM/B9FmAfZAvM86jVnpFmXBHYBCCuoZYv/QMXZppAYfwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCYgy1ABFgn9EDJH54KaIQm4SjbkMB8GA1UdIwQY
MBaAFHwW6dV+/azT97x+mElrcZ+txa5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2Et
YjhhMjMyZWZmMmY2LzEvSmlETFVBRVdDZjBRTWtmbmdwb2hDYmhLTnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2EtYjhhMjMyZWZmMmY2
LzEvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAXpoCAwQC
ufBIAwQCwSNQMBsEAgACMBUDBQMqByaAAwUDKgx1gAMFAyoNYUAwDQYJKoZIhvcN
AQELBQADggEBAA36Ti+Rfzqan42OVmPcH2QogrCyn2VZJkwYEYQzN0PPLUix4sc4
x9kdpNRdXvJUVCeqNSxL1JoymL55bEGzTyQo5Lo9yRxskQa9lU+P5OI9Q4oTz9va
hfoAfldgx4D02g0mPfohxhEHxv+PyLiRZAz/ymIezG93Es8i/VSQVTrAmC+NBL7v
OURpa4yk0QrXMhiWS4ightKyuea+QS7VZK5zwa3urk8VDO0Z/e9uZBL3+tSf7Zp5
GbpWygaEH9vkebsUhq+xVAqYZj1mzMCi9x5K8aC8r5EeM6BaHBEQaUoeXHwAcPUZ
CSTwYUFQaLYqGLlrrmhQ7DBYiiTMJ+U2B2U=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:37:15 2025 by rpki-client