Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/tORykgR8jnCSzf8yczKpVpzRgF4.roa
File: tORykgR8jnCSzf8yczKpVpzRgF4.roa (raw, json)
Hash identifier: 2lYVV8QdLX9R2G7mAp0uehMNPP0PwuP1prMkqHOCvlo=
Subject key identifier: B4:E4:72:92:04:7C:8E:70:92:CD:FF:32:73:32:A9:56:9C:D1:80:5E
Certificate issuer: /CN=fd1523694bd5fb92d768435db3bb68ed843e5d53
Certificate serial: 01874C0081FE4BC893EF86F63C6DDB2C210B
Authority key identifier: FD:15:23:69:4B:D5:FB:92:D7:68:43:5D:B3:BB:68:ED:84:3E:5D:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RUjaUvV-5LXaENds7to7YQ-XVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/tORykgR8jnCSzf8yczKpVpzRgF4.roa
Signing time: Tue 04 Apr 2023 11:21:54 +0000
ROA not before: Tue 04 Apr 2023 11:21:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48070
IP address blocks: 94.126.232.0/24 maxlen: 24
94.126.233.0/24 maxlen: 24
94.126.236.0/24 maxlen: 24
94.126.235.0/24 maxlen: 24
94.126.238.0/24 maxlen: 24
94.126.237.0/24 maxlen: 24
94.126.239.0/24 maxlen: 24
94.126.234.0/24 maxlen: 24
2a11:5700::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:00:81:fe:4b:c8:93:ef:86:f6:3c:6d:db:2c:21:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1523694bd5fb92d768435db3bb68ed843e5d53
Validity
Not Before: Apr 4 11:21:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e47292047c8e7092cdff327332a9569cd1805e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a5:95:57:34:df:cf:97:8e:42:a5:cc:08:65:
71:35:d6:a9:d6:45:81:6f:11:d7:68:78:e0:e8:94:
b3:18:26:88:da:8a:47:7f:d9:97:f3:fd:f2:4b:ef:
61:15:3d:51:f7:9b:bc:8b:17:de:da:56:eb:36:ba:
50:ba:9c:34:33:69:62:8b:86:52:2f:4f:ad:ea:ae:
da:68:ca:92:e4:4d:d9:8e:07:01:7c:c1:1f:b8:cd:
b2:4b:b7:3b:bb:fe:e6:34:52:bf:58:f5:57:31:01:
28:81:5c:12:fc:f6:4a:89:88:c3:a2:d7:80:e7:f3:
ce:65:76:bc:4c:6e:09:43:31:ec:08:da:60:a7:e1:
a4:c1:80:90:7c:ca:22:0b:b7:67:db:72:0d:0c:14:
b0:b3:de:dc:c0:5b:83:c4:23:a2:76:f9:e7:88:ae:
14:9f:5e:3f:d3:39:20:f1:c7:8b:b6:39:e4:c3:ff:
a7:9a:14:70:30:88:9f:06:32:06:e0:d7:56:6b:d0:
4b:6a:37:7c:4c:dd:b1:1c:8f:73:e2:68:f4:04:e2:
f4:ee:74:b1:10:dd:96:77:28:04:f9:1e:4c:51:34:
9a:64:f0:24:35:b8:9f:c9:cf:42:41:69:59:97:4f:
2a:7b:c7:db:06:46:76:14:83:b6:16:aa:22:53:92:
4b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E4:72:92:04:7C:8E:70:92:CD:FF:32:73:32:A9:56:9C:D1:80:5E
X509v3 Authority Key Identifier:
keyid:FD:15:23:69:4B:D5:FB:92:D7:68:43:5D:B3:BB:68:ED:84:3E:5D:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RUjaUvV-5LXaENds7to7YQ-XVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/tORykgR8jnCSzf8yczKpVpzRgF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/_RUjaUvV-5LXaENds7to7YQ-XVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.232.0/21
IPv6:
2a11:5700::/32
Signature Algorithm: sha256WithRSAEncryption
1c:e6:d1:39:5b:ff:63:78:99:d9:2b:82:ae:23:11:b6:27:56:
af:e0:79:a3:c2:fd:3e:d1:42:f5:91:eb:6b:f3:a9:2c:aa:50:
fb:91:93:e4:32:9e:a5:37:20:53:df:5a:ec:8e:95:eb:45:cf:
a5:a7:cb:5f:15:83:b4:19:71:d3:0c:ae:54:6e:f8:e3:ca:60:
bc:b4:a1:6f:75:4a:94:2d:bc:1d:45:1b:f3:7e:14:da:3b:60:
cd:81:96:07:0c:3a:39:d7:50:15:b7:68:6d:56:f8:ec:0a:f8:
31:3c:be:95:ea:e2:1e:fd:85:7e:74:15:43:4e:32:79:81:c5:
cc:74:8d:42:b1:78:78:8d:6a:c8:bd:f7:87:f1:e0:a4:95:4c:
3d:ac:29:60:46:15:7b:78:99:7f:4d:30:6d:03:18:86:f2:f3:
35:bc:a9:4b:cf:28:99:e6:5d:87:53:9a:e3:b7:45:b0:fd:05:
a0:b3:18:98:cc:df:c6:db:40:09:6c:3d:c9:77:59:d6:a0:c2:
25:67:43:dd:14:e7:d1:b6:45:a9:3c:7e:30:68:85:87:31:1a:
b6:a5:c0:17:b7:29:3f:3c:c2:ae:d5:a5:cb:18:a5:09:65:06:
fd:24:e9:f5:40:e5:d0:5c:11:de:75:a2:e5:0a:6e:95:99:8e:
24:57:3a:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdMAIH+S8iT74b2PG3bLCELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTUyMzY5NGJkNWZiOTJkNzY4NDM1ZGIzYmI2OGVkODQz
ZTVkNTMwHhcNMjMwNDA0MTEyMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU0NzI5MjA0N2M4ZTcwOTJjZGZmMzI3MzMyYTk1NjljZDE4MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaWVVzTfz5eOQqXMCGVxNdap1kWB
bxHXaHjg6JSzGCaI2opHf9mX8/3yS+9hFT1R95u8ixfe2lbrNrpQupw0M2lii4ZS
L0+t6q7aaMqS5E3ZjgcBfMEfuM2yS7c7u/7mNFK/WPVXMQEogVwS/PZKiYjDoteA
5/POZXa8TG4JQzHsCNpgp+GkwYCQfMoiC7dn23INDBSws97cwFuDxCOidvnniK4U
n14/0zkg8ceLtjnkw/+nmhRwMIifBjIG4NdWa9BLajd8TN2xHI9z4mj0BOL07nSx
EN2WdygE+R5MUTSaZPAkNbifyc9CQWlZl08qe8fbBkZ2FIO2FqoiU5JLVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLTkcpIEfI5wks3/MnMyqVac0YBeMB8GA1UdIwQY
MBaAFP0VI2lL1fuS12hDXbO7aO2EPl1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JVamFVdlYtNUxYYUVOZHM3dG83WVEtWFZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wMmE2MTYtZTYxNC00NWEwLTljOTAt
OGFkODdlMGRkNTk2LzEvdE9SeWtnUjhqbkNTemY4eWN6S3BWcHpSZ0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wMmE2MTYtZTYxNC00NWEwLTljOTAtOGFkODdlMGRkNTk2
LzEvX1JVamFVdlYtNUxYYUVOZHM3dG83WVEtWFZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXn7oMA0E
AgACMAcDBQAqEVcAMA0GCSqGSIb3DQEBCwUAA4IBAQAc5tE5W/9jeJnZK4KuIxG2
J1av4Hmjwv0+0UL1ketr86ksqlD7kZPkMp6lNyBT31rsjpXrRc+lp8tfFYO0GXHT
DK5UbvjjymC8tKFvdUqULbwdRRvzfhTaO2DNgZYHDDo511AVt2htVvjsCvgxPL6V
6uIe/YV+dBVDTjJ5gcXMdI1CsXh4jWrIvfeH8eCklUw9rClgRhV7eJl/TTBtAxiG
8vM1vKlLzyiZ5l2HU5rjt0Ww/QWgsxiYzN/G20AJbD3Jd1nWoMIlZ0PdFOfRtkWp
PH4waIWHMRq2pcAXtyk/PMKu1aXLGKUJZQb9JOn1QOXQXBHedaLlCm6VmY4kVzp3
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:53:27 2025 by rpki-client