Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/aczn0q3qQDor9X4sMJAHX7TL0lM.roa
File: aczn0q3qQDor9X4sMJAHX7TL0lM.roa (raw, json)
Hash identifier: LzIcxu8hFGFwjMCc2WLSG5pzgW6rckAG20IvZcaocOI=
Subject key identifier: 69:CC:E7:D2:AD:EA:40:3A:2B:F5:7E:2C:30:90:07:5F:B4:CB:D2:53
Certificate issuer: /CN=8c36ad879c645aee98ac4a89fc800b9a974e941f
Certificate serial: 01857270FF0024A5126919488016CB7682A0
Authority key identifier: 8C:36:AD:87:9C:64:5A:EE:98:AC:4A:89:FC:80:0B:9A:97:4E:94:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDath5xkWu6YrEqJ_IALmpdOlB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/aczn0q3qQDor9X4sMJAHX7TL0lM.roa
Signing time: Mon 02 Jan 2023 12:24:45 +0000
ROA not before: Mon 02 Jan 2023 12:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209792
IP address blocks: 194.93.20.0/22 maxlen: 24
2a09:2280::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:ff:00:24:a5:12:69:19:48:80:16:cb:76:82:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c36ad879c645aee98ac4a89fc800b9a974e941f
Validity
Not Before: Jan 2 12:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69cce7d2adea403a2bf57e2c3090075fb4cbd253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:61:48:50:b0:fc:71:6f:cc:2b:71:83:e9:7a:
94:29:f2:79:99:74:e8:2f:10:06:6b:1f:3a:a1:38:
b4:2c:28:4e:5d:24:8a:ce:dc:66:53:01:1b:bc:d3:
53:68:2b:a0:73:65:ef:b1:21:31:f1:1f:ae:5d:74:
09:78:7f:ac:2e:08:0a:21:7b:04:ba:dd:71:96:2b:
ad:4e:90:bb:35:63:f7:44:ac:82:94:eb:bc:22:38:
39:b0:90:11:28:74:f2:52:0a:02:b1:fb:3f:23:04:
3f:a4:2e:52:64:ea:cf:1b:3e:f4:b9:6b:1f:20:b9:
ce:13:af:5f:08:2f:33:45:da:d5:f2:e9:61:15:97:
78:fd:bb:bc:f9:af:19:ca:05:81:b4:60:d2:18:a7:
f5:cf:4c:ab:bf:34:3e:21:73:3b:e0:e2:fa:00:2f:
88:92:e8:79:c6:da:57:c0:53:8f:be:df:6c:e1:ce:
e5:7d:ff:92:20:41:6c:d6:93:ee:af:ff:bf:80:6f:
4c:89:b2:e6:78:35:98:86:e4:dc:62:2a:5d:d0:23:
13:c8:b7:52:fc:50:fe:a1:af:f1:25:35:37:f4:03:
95:3c:81:40:9d:47:c2:bc:23:e8:6b:e8:bf:20:25:
6e:c6:d0:d3:7f:b3:72:90:0a:48:39:9d:21:39:c1:
89:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CC:E7:D2:AD:EA:40:3A:2B:F5:7E:2C:30:90:07:5F:B4:CB:D2:53
X509v3 Authority Key Identifier:
keyid:8C:36:AD:87:9C:64:5A:EE:98:AC:4A:89:FC:80:0B:9A:97:4E:94:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDath5xkWu6YrEqJ_IALmpdOlB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/aczn0q3qQDor9X4sMJAHX7TL0lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/jDath5xkWu6YrEqJ_IALmpdOlB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.93.20.0/22
IPv6:
2a09:2280::/48
Signature Algorithm: sha256WithRSAEncryption
67:a9:e9:5f:99:9b:37:48:10:14:01:58:70:8c:73:b6:bb:69:
6e:70:6f:55:96:f3:fa:99:e0:f7:1a:80:23:1d:2e:66:1b:23:
f1:30:d0:3b:78:38:15:40:d6:26:f4:d3:44:a7:37:77:50:41:
de:34:7a:79:b3:f0:92:a5:97:eb:0f:3d:b4:db:d9:a6:69:e7:
e0:f2:67:cc:04:c9:26:95:de:40:f1:b4:07:9e:ef:3f:2c:b1:
4c:54:d3:b2:ab:81:4c:f1:56:8f:30:37:a2:04:6a:9b:9d:f9:
51:9d:d9:4a:ac:11:f9:78:8a:15:18:72:69:70:de:08:23:ab:
4a:91:90:cf:b7:88:d2:b1:5f:c0:27:96:47:17:5c:f4:fc:d5:
e8:f5:3c:44:a4:b5:ee:6e:48:0b:75:86:a4:ae:a5:c3:bf:a5:
53:5a:57:eb:0c:03:dc:e9:fe:14:2f:c3:14:c5:b2:97:eb:55:
1e:a6:ea:f0:54:4b:39:55:70:9e:46:db:4c:8b:e5:1a:9b:99:
b7:8e:df:3d:4a:fe:ca:2f:ed:e0:f6:a3:00:f0:f0:e7:d5:8d:
99:87:eb:96:22:ca:4d:62:30:a2:5b:01:83:ac:eb:c4:d5:4d:
2a:5e:e8:c0:99:bd:cb:d1:c9:65:58:97:b2:eb:0c:4b:f2:de:
ed:e4:92:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVycP8AJKUSaRlIgBbLdoKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzZhZDg3OWM2NDVhZWU5OGFjNGE4OWZjODAwYjlhOTc0
ZTk0MWYwHhcNMjMwMTAyMTIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNjZTdkMmFkZWE0MDNhMmJmNTdlMmMzMDkwMDc1ZmI0Y2JkMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2FIULD8cW/MK3GD6XqUKfJ5mXTo
LxAGax86oTi0LChOXSSKztxmUwEbvNNTaCugc2XvsSEx8R+uXXQJeH+sLggKIXsE
ut1xliutTpC7NWP3RKyClOu8Ijg5sJARKHTyUgoCsfs/IwQ/pC5SZOrPGz70uWsf
ILnOE69fCC8zRdrV8ulhFZd4/bu8+a8ZygWBtGDSGKf1z0yrvzQ+IXM74OL6AC+I
kuh5xtpXwFOPvt9s4c7lff+SIEFs1pPur/+/gG9MibLmeDWYhuTcYipd0CMTyLdS
/FD+oa/xJTU39AOVPIFAnUfCvCPoa+i/ICVuxtDTf7NykApIOZ0hOcGJTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGnM59Kt6kA6K/V+LDCQB1+0y9JTMB8GA1UdIwQY
MBaAFIw2rYecZFrumKxKifyAC5qXTpQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRhdGg1eGtXdTZZckVxSl9JQUxtcGRPbEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjYzYTMtNjg0ZS00Nzc5LTg4Yjkt
MTRlNmVjMDIwYmZhLzEvYWN6bjBxM3FRRG9yOVg0c01KQUhYN1RMMGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjYzYTMtNjg0ZS00Nzc5LTg4YjktMTRlNmVjMDIwYmZh
LzEvakRhdGg1eGtXdTZZckVxSl9JQUxtcGRPbEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwl0UMA8E
AgACMAkDBwAqCSKAAAAwDQYJKoZIhvcNAQELBQADggEBAGep6V+ZmzdIEBQBWHCM
c7a7aW5wb1WW8/qZ4PcagCMdLmYbI/Ew0Dt4OBVA1ib000SnN3dQQd40enmz8JKl
l+sPPbTb2aZp5+DyZ8wEySaV3kDxtAee7z8ssUxU07KrgUzxVo8wN6IEapud+VGd
2UqsEfl4ihUYcmlw3ggjq0qRkM+3iNKxX8AnlkcXXPT81ej1PESkte5uSAt1hqSu
pcO/pVNaV+sMA9zp/hQvwxTFspfrVR6m6vBUSzlVcJ5G20yL5RqbmbeO3z1K/sov
7eD2owDw8OfVjZmH65Yiyk1iMKJbAYOs68TVTSpe6MCZvcvRyWVYl7LrDEvy3u3k
kls=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:37:09 2025 by rpki-client