Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/1qF2qpZ4KDEQgCHi8Zz6Mofp1Bw.roa
File: 1qF2qpZ4KDEQgCHi8Zz6Mofp1Bw.roa (raw, json)
Hash identifier: ZUGdPkmwhsuvGIfhBFvpGPh0RIr8NwcoDU94MyjHlG0=
Subject key identifier: D6:A1:76:AA:96:78:28:31:10:80:21:E2:F1:9C:FA:32:87:E9:D4:1C
Certificate issuer: /CN=5070dc5204decf7abea5070d75fa058c8ac013d5
Certificate serial: 0194236A095E07701552934B56025109F946
Authority key identifier: 50:70:DC:52:04:DE:CF:7A:BE:A5:07:0D:75:FA:05:8C:8A:C0:13:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHDcUgTez3q-pQcNdfoFjIrAE9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/1qF2qpZ4KDEQgCHi8Zz6Mofp1Bw.roa
Signing time: Wed 01 Jan 2025 19:48:59 +0000
ROA not before: Wed 01 Jan 2025 19:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 94.142.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:09:5e:07:70:15:52:93:4b:56:02:51:09:f9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5070dc5204decf7abea5070d75fa058c8ac013d5
Validity
Not Before: Jan 1 19:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6a176aa96782831108021e2f19cfa3287e9d41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fa:8f:6b:6a:9c:94:e4:cc:5b:a3:b0:c0:63:
07:63:0d:d6:f2:49:10:88:bc:33:e0:74:b1:29:88:
b4:4a:29:1f:34:99:b5:49:47:a1:e6:f0:b9:27:c8:
37:a7:d1:29:fa:37:42:26:24:ab:2f:f4:3e:92:5d:
b6:ad:fa:e0:24:9e:70:70:66:c3:0f:10:64:59:20:
0e:2c:cc:8f:bc:6d:3d:49:4d:a9:50:09:76:7c:1d:
cf:18:d0:f6:c5:8c:7a:98:de:b7:8a:85:e4:e4:73:
af:2d:38:21:09:f6:fd:13:9e:14:cb:67:08:e9:ec:
e5:53:69:e3:5a:2f:5d:f5:c7:a1:0b:c5:59:d5:8b:
93:d4:ea:ae:7a:95:cc:24:34:e0:08:24:4f:73:4c:
88:bf:ee:fd:ed:70:60:88:44:9e:9f:32:87:cd:69:
4c:bb:39:93:61:ed:b5:60:24:ce:84:be:03:bb:53:
2f:62:85:7c:7a:1e:ae:fb:8f:67:ad:45:2b:f8:da:
d0:ab:dd:94:0f:72:0e:57:2e:1b:9b:5b:5e:02:5f:
36:28:b9:f0:ea:a8:b2:a7:a2:0a:f6:73:c4:5b:4c:
fb:45:94:cf:54:83:84:7b:68:c7:7b:a7:b4:b0:bf:
a0:74:3e:57:9b:f3:c0:6c:d6:e1:ab:2a:5e:56:d4:
27:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A1:76:AA:96:78:28:31:10:80:21:E2:F1:9C:FA:32:87:E9:D4:1C
X509v3 Authority Key Identifier:
keyid:50:70:DC:52:04:DE:CF:7A:BE:A5:07:0D:75:FA:05:8C:8A:C0:13:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHDcUgTez3q-pQcNdfoFjIrAE9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/1qF2qpZ4KDEQgCHi8Zz6Mofp1Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/a28b5c-88d7-4ad4-9e1d-8ac17e9c40db/1/UHDcUgTez3q-pQcNdfoFjIrAE9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.131.0/24
Signature Algorithm: sha256WithRSAEncryption
88:aa:7b:ca:27:ba:a7:6a:a6:a4:8e:d1:5e:e2:27:70:40:27:
61:b4:b2:ce:82:24:29:07:61:55:fb:57:49:cd:83:e8:86:27:
a2:f7:b4:fe:ca:9b:c9:13:fa:e4:1a:31:68:58:be:72:b5:5d:
e6:ff:b8:59:6c:e8:e1:6b:06:42:12:ae:24:9f:25:97:38:32:
33:9c:9c:79:b0:86:9a:8a:b4:da:99:02:84:cd:22:9a:cb:17:
a5:2f:cc:a3:94:81:bb:29:42:39:1a:12:33:c2:a7:39:95:b3:
22:42:4f:b9:f4:30:04:27:e1:9e:31:e3:f9:5f:bc:52:f9:69:
a1:76:2a:57:fa:35:96:c4:15:cf:e4:08:21:72:1b:93:6f:52:
5a:f8:f7:ac:33:7e:2a:1d:cb:4d:c4:85:fe:a3:21:4a:6f:da:
4f:09:d8:b1:4c:dd:dc:d8:85:81:94:86:c7:7a:37:25:89:c4:
1d:60:47:4b:bf:b6:36:98:d3:8d:f3:30:ee:99:47:26:85:03:
94:74:f7:f2:50:82:21:36:17:0c:c1:7f:8c:c6:fe:80:26:19:
e5:ce:97:4d:75:24:8e:af:7c:e1:d7:b7:16:e0:f9:72:71:4c:
6e:ca:f1:3c:d7:58:6a:75:70:5d:9e:66:05:42:86:bf:1a:ca:
76:53:d4:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagleB3AVUpNLVgJRCflGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzBkYzUyMDRkZWNmN2FiZWE1MDcwZDc1ZmEwNThjOGFj
MDEzZDUwHhcNMjUwMTAxMTk0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmExNzZhYTk2NzgyODMxMTA4MDIxZTJmMTljZmEzMjg3ZTlkNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PqPa2qclOTMW6OwwGMHYw3W8kkQ
iLwz4HSxKYi0SikfNJm1SUeh5vC5J8g3p9Ep+jdCJiSrL/Q+kl22rfrgJJ5wcGbD
DxBkWSAOLMyPvG09SU2pUAl2fB3PGND2xYx6mN63ioXk5HOvLTghCfb9E54Uy2cI
6ezlU2njWi9d9cehC8VZ1YuT1OquepXMJDTgCCRPc0yIv+797XBgiESenzKHzWlM
uzmTYe21YCTOhL4Du1MvYoV8eh6u+49nrUUr+NrQq92UD3IOVy4bm1teAl82KLnw
6qiyp6IK9nPEW0z7RZTPVIOEe2jHe6e0sL+gdD5Xm/PAbNbhqypeVtQnZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNahdqqWeCgxEIAh4vGc+jKH6dQcMB8GA1UdIwQY
MBaAFFBw3FIE3s96vqUHDXX6BYyKwBPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhEY1VnVGV6M3EtcFFjTmRmb0ZqSXJBRTlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9hMjhiNWMtODhkNy00YWQ0LTllMWQt
OGFjMTdlOWM0MGRiLzEvMXFGMnFwWjRLREVRZ0NIaThaejZNb2ZwMUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9hMjhiNWMtODhkNy00YWQ0LTllMWQtOGFjMTdlOWM0MGRi
LzEvVUhEY1VnVGV6M3EtcFFjTmRmb0ZqSXJBRTlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo6DMA0G
CSqGSIb3DQEBCwUAA4IBAQCIqnvKJ7qnaqakjtFe4idwQCdhtLLOgiQpB2FV+1dJ
zYPohiei97T+ypvJE/rkGjFoWL5ytV3m/7hZbOjhawZCEq4knyWXODIznJx5sIaa
irTamQKEzSKayxelL8yjlIG7KUI5GhIzwqc5lbMiQk+59DAEJ+GeMeP5X7xS+Wmh
dipX+jWWxBXP5AghchuTb1Ja+PesM34qHctNxIX+oyFKb9pPCdixTN3c2IWBlIbH
ejclicQdYEdLv7Y2mNON8zDumUcmhQOUdPfyUIIhNhcMwX+Mxv6AJhnlzpdNdSSO
r3zh17cW4PlycUxuyvE811hqdXBdnmYFQoa/Gsp2U9Sz
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:55:12 2025 by rpki-client