Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/94a6b8-39d3-4f79-ae25-a95511ba4d46/1/96NgLEHRtKxUiimE9cBg6xhscpQ.roa
File: 96NgLEHRtKxUiimE9cBg6xhscpQ.roa (raw, json)
Hash identifier: mk1oEXhjeJbAg6bVncPiZm7XaZ/iA+I0QEGuQUH1ZeM=
Subject key identifier: F7:A3:60:2C:41:D1:B4:AC:54:8A:29:84:F5:C0:60:EB:18:6C:72:94
Certificate issuer: /CN=38083044fb6c43bffad5fd54b07d2cc7c00d1bd3
Certificate serial: 01941F8C976F6C6F6C453A73B7DD5388B273
Authority key identifier: 38:08:30:44:FB:6C:43:BF:FA:D5:FD:54:B0:7D:2C:C7:C0:0D:1B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAgwRPtsQ7_61f1UsH0sx8ANG9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/94a6b8-39d3-4f79-ae25-a95511ba4d46/1/96NgLEHRtKxUiimE9cBg6xhscpQ.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20853
IP address blocks: 94.101.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:97:6f:6c:6f:6c:45:3a:73:b7:dd:53:88:b2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38083044fb6c43bffad5fd54b07d2cc7c00d1bd3
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7a3602c41d1b4ac548a2984f5c060eb186c7294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:72:04:ac:17:33:58:59:e2:79:2e:bc:65:ef:
75:84:4a:ca:56:fc:cc:ce:67:60:18:58:f5:92:bf:
74:ea:43:ea:82:dc:22:90:26:72:e1:24:ba:16:2a:
3f:13:2b:73:35:fb:4c:09:93:45:d6:ac:ee:0b:c3:
64:bb:fd:22:6d:a3:65:d0:11:0b:6b:02:08:a3:62:
f0:e0:34:fb:cd:b1:a8:e3:54:6e:76:d0:03:56:96:
63:72:be:f3:f5:fe:b4:85:21:32:c6:da:60:3a:d9:
48:88:6c:49:eb:53:85:d7:e9:a3:fa:a5:8c:40:95:
f1:aa:8b:4d:b1:34:8e:a9:ce:10:e6:8f:c4:27:ab:
06:2c:90:e2:3d:c6:ea:b5:fb:af:2d:ef:8a:51:7f:
7a:da:e8:27:67:6c:0a:a2:c4:af:de:89:cb:7d:83:
3c:67:f9:f6:30:96:51:df:ff:e9:cf:68:e5:1b:91:
3a:56:fc:7f:ef:1d:e9:b6:bc:3b:bf:89:dc:de:59:
9e:1e:72:0a:4c:dc:b7:c3:ba:44:6b:02:fe:7c:b8:
85:a8:17:4f:8e:5d:3f:21:9d:90:31:43:f7:6f:3c:
16:24:de:61:ec:42:c4:42:fe:3b:5d:14:f7:07:fd:
93:93:b7:a7:7b:a3:92:87:9b:7a:18:96:56:58:ab:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A3:60:2C:41:D1:B4:AC:54:8A:29:84:F5:C0:60:EB:18:6C:72:94
X509v3 Authority Key Identifier:
keyid:38:08:30:44:FB:6C:43:BF:FA:D5:FD:54:B0:7D:2C:C7:C0:0D:1B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAgwRPtsQ7_61f1UsH0sx8ANG9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/94a6b8-39d3-4f79-ae25-a95511ba4d46/1/96NgLEHRtKxUiimE9cBg6xhscpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/94a6b8-39d3-4f79-ae25-a95511ba4d46/1/OAgwRPtsQ7_61f1UsH0sx8ANG9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.99.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:22:49:a5:64:16:27:62:80:08:d5:9e:21:da:2c:99:85:b6:
d6:be:c4:c7:e9:40:d7:7f:16:b1:fe:c1:82:70:64:ac:fe:0d:
1a:04:3c:e9:9f:dc:44:ef:28:a3:db:e9:4c:b5:24:15:b8:f9:
cd:ff:4e:31:d6:e8:16:af:86:d1:69:73:69:95:4a:1b:16:9d:
d0:20:23:94:f8:c9:02:05:92:a9:37:c6:bd:05:7d:b6:ab:61:
bd:00:9b:a9:cf:d1:14:d4:aa:1a:15:dc:ee:a6:1b:db:c5:12:
26:9e:0b:fa:06:f9:eb:54:17:c2:af:36:fd:ef:3f:38:b6:20:
f8:50:ed:ba:14:cd:41:3a:96:c1:1f:3d:94:e7:19:59:1f:86:
be:77:2d:1a:f3:8b:bd:78:6d:b5:0c:72:cb:01:41:e7:2d:f1:
96:b8:d7:31:0e:89:69:80:bd:88:a6:a9:4a:a4:af:09:51:93:
06:24:e7:3c:7d:14:1e:00:15:41:48:bc:4c:64:d3:da:8e:13:
62:3b:b7:72:62:a8:67:51:52:d2:43:f6:6a:93:3e:3f:cf:92:
f5:87:ef:58:12:55:bd:2c:6a:04:47:81:38:b7:33:71:0f:b3:
3d:64:3a:e1:a8:70:a7:53:29:d0:bc:0e:09:04:1f:28:75:60:
a3:29:c8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJdvbG9sRTpzt91TiLJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDgzMDQ0ZmI2YzQzYmZmYWQ1ZmQ1NGIwN2QyY2M3YzAw
ZDFiZDMwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2EzNjAyYzQxZDFiNGFjNTQ4YTI5ODRmNWMwNjBlYjE4NmM3Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3IErBczWFnieS68Ze91hErKVvzM
zmdgGFj1kr906kPqgtwikCZy4SS6Fio/EytzNftMCZNF1qzuC8Nku/0ibaNl0BEL
awIIo2Lw4DT7zbGo41RudtADVpZjcr7z9f60hSEyxtpgOtlIiGxJ61OF1+mj+qWM
QJXxqotNsTSOqc4Q5o/EJ6sGLJDiPcbqtfuvLe+KUX962ugnZ2wKosSv3onLfYM8
Z/n2MJZR3//pz2jlG5E6Vvx/7x3ptrw7v4nc3lmeHnIKTNy3w7pEawL+fLiFqBdP
jl0/IZ2QMUP3bzwWJN5h7ELEQv47XRT3B/2Tk7ene6OSh5t6GJZWWKsOJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPejYCxB0bSsVIophPXAYOsYbHKUMB8GA1UdIwQY
MBaAFDgIMET7bEO/+tX9VLB9LMfADRvTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Fnd1JQdHNRN182MWYxVXNIMHN4OEFORzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NGE2YjgtMzlkMy00Zjc5LWFlMjUt
YTk1NTExYmE0ZDQ2LzEvOTZOZ0xFSFJ0S3hVaWltRTljQmc2eGhzY3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NGE2YjgtMzlkMy00Zjc5LWFlMjUtYTk1NTExYmE0ZDQ2
LzEvT0Fnd1JQdHNRN182MWYxVXNIMHN4OEFORzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXmVjMA0G
CSqGSIb3DQEBCwUAA4IBAQCzIkmlZBYnYoAI1Z4h2iyZhbbWvsTH6UDXfxax/sGC
cGSs/g0aBDzpn9xE7yij2+lMtSQVuPnN/04x1ugWr4bRaXNplUobFp3QICOU+MkC
BZKpN8a9BX22q2G9AJupz9EU1KoaFdzuphvbxRImngv6BvnrVBfCrzb97z84tiD4
UO26FM1BOpbBHz2U5xlZH4a+dy0a84u9eG21DHLLAUHnLfGWuNcxDolpgL2IpqlK
pK8JUZMGJOc8fRQeABVBSLxMZNPajhNiO7dyYqhnUVLSQ/Zqkz4/z5L1h+9YElW9
LGoER4E4tzNxD7M9ZDrhqHCnUynQvA4JBB8odWCjKcgX
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:45:51 2025 by rpki-client