Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/QocjuYoGfozpr0QiTXkGPfsUrcg.roa
File: QocjuYoGfozpr0QiTXkGPfsUrcg.roa (raw, json)
Hash identifier: Y8oC4kwoV9mXXZSXGd1lAHQDlPdz5kxQi4KnTi7EYOM=
Subject key identifier: 42:87:23:B9:8A:06:7E:8C:E9:AF:44:22:4D:79:06:3D:FB:14:AD:C8
Certificate issuer: /CN=4956f3084d9310efa1bc07ef31f934b2941f103e
Certificate serial: 01942144485359E646B5D01A0F5D7C9795B8
Authority key identifier: 49:56:F3:08:4D:93:10:EF:A1:BC:07:EF:31:F9:34:B2:94:1F:10:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVbzCE2TEO-hvAfvMfk0spQfED4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/QocjuYoGfozpr0QiTXkGPfsUrcg.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6798
IP address blocks: 94.136.96.0/20 maxlen: 20
194.177.128.0/19 maxlen: 19
2a00:12e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:48:53:59:e6:46:b5:d0:1a:0f:5d:7c:97:95:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4956f3084d9310efa1bc07ef31f934b2941f103e
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=428723b98a067e8ce9af44224d79063dfb14adc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:86:f4:55:9d:66:60:84:ee:d6:05:b6:74:1b:
ad:d3:33:ca:ba:18:73:5b:1c:fb:6d:33:0a:57:58:
50:16:f7:3b:ff:8a:91:93:6c:e1:21:58:49:80:79:
c2:18:a7:43:cd:26:4b:74:3c:f3:6e:73:d9:b4:43:
f4:87:f4:62:94:b8:2a:f5:5b:ca:6b:c5:8e:d1:f7:
10:45:e1:72:f8:c1:d4:d0:fc:1d:9f:8b:e2:45:c3:
18:4c:90:b5:13:3d:01:74:ea:2a:ed:b1:ce:cc:7d:
c0:47:df:23:9f:4d:33:4b:d8:d7:05:ca:8b:58:59:
8c:1f:84:35:ed:cb:83:69:46:0e:b9:04:e1:59:31:
e0:96:ca:91:1f:50:7d:44:08:49:1f:93:91:24:9d:
62:cd:8c:09:9d:72:c6:9a:58:8f:98:dc:2e:2d:30:
b5:7f:7d:21:19:04:6f:44:3d:2f:99:34:99:16:f7:
46:44:ce:a3:f6:ca:97:92:a6:47:bc:6e:2d:4b:c3:
48:e8:4a:a6:ce:f2:bc:52:e5:7c:dd:62:e9:0c:fb:
7d:a4:a8:33:9c:cb:96:4a:8c:b8:37:8b:56:0b:29:
89:4d:c5:6b:28:5e:af:8f:14:52:33:0f:31:03:97:
0b:95:82:f1:bf:62:60:b5:c1:25:54:2b:b8:5b:22:
c7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:87:23:B9:8A:06:7E:8C:E9:AF:44:22:4D:79:06:3D:FB:14:AD:C8
X509v3 Authority Key Identifier:
keyid:49:56:F3:08:4D:93:10:EF:A1:BC:07:EF:31:F9:34:B2:94:1F:10:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVbzCE2TEO-hvAfvMfk0spQfED4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/QocjuYoGfozpr0QiTXkGPfsUrcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/SVbzCE2TEO-hvAfvMfk0spQfED4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.96.0/20
194.177.128.0/19
IPv6:
2a00:12e0::/32
Signature Algorithm: sha256WithRSAEncryption
34:43:3c:06:b2:b2:b4:3a:30:86:02:e8:12:9a:7e:3b:ac:14:
63:be:9e:47:db:10:04:12:1f:51:7f:fd:c6:b1:7c:4d:c3:a8:
8b:7c:d1:1b:a3:50:16:ae:2f:05:89:cf:ff:3f:55:d1:45:cf:
c3:08:02:73:7f:af:cc:a7:d9:0c:0e:06:80:6f:cb:b8:13:fa:
04:c6:6f:22:35:a4:df:fe:6e:58:43:12:b7:92:d6:46:db:cd:
7d:21:19:3f:85:3b:98:4b:ae:70:50:26:0e:1f:1b:75:47:36:
54:63:eb:a6:e0:e3:90:1e:aa:79:32:06:14:eb:fd:4b:7e:c1:
52:9c:97:7c:4d:9f:54:6e:52:22:f1:8d:45:8e:f4:31:03:13:
c9:56:27:ce:cf:de:01:83:19:2d:bc:14:84:be:16:f3:4a:f0:
a6:27:c2:a7:23:e4:41:0d:23:c3:a6:dc:82:69:9b:5b:d4:ca:
36:4e:1b:d0:96:99:23:47:19:87:13:5f:26:b3:ec:2a:50:d8:
35:e8:3c:a0:cc:1a:34:bd:f0:70:89:61:76:72:c3:00:77:a7:
5e:a7:a0:8b:e9:e1:19:77:77:a9:df:b5:b2:63:18:38:06:30:
d7:a7:02:02:2b:85:4e:3a:70:3a:5d:0b:a7:aa:d3:00:e3:89:
36:f0:89:7d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhREhTWeZGtdAaD118l5W4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTZmMzA4NGQ5MzEwZWZhMWJjMDdlZjMxZjkzNGIyOTQx
ZjEwM2UwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjg3MjNiOThhMDY3ZThjZTlhZjQ0MjI0ZDc5MDYzZGZiMTRhZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14b0VZ1mYITu1gW2dBut0zPKuhhz
Wxz7bTMKV1hQFvc7/4qRk2zhIVhJgHnCGKdDzSZLdDzzbnPZtEP0h/RilLgq9VvK
a8WO0fcQReFy+MHU0Pwdn4viRcMYTJC1Ez0BdOoq7bHOzH3AR98jn00zS9jXBcqL
WFmMH4Q17cuDaUYOuQThWTHglsqRH1B9RAhJH5ORJJ1izYwJnXLGmliPmNwuLTC1
f30hGQRvRD0vmTSZFvdGRM6j9sqXkqZHvG4tS8NI6EqmzvK8UuV83WLpDPt9pKgz
nMuWSoy4N4tWCymJTcVrKF6vjxRSMw8xA5cLlYLxv2JgtcElVCu4WyLHgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEKHI7mKBn6M6a9EIk15Bj37FK3IMB8GA1UdIwQY
MBaAFElW8whNkxDvobwH7zH5NLKUHxA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZiekNFMlRFTy1odkFmdk1mazBzcFFmRUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80YWY4OTgtMjFjYi00ZDhkLWE2M2Yt
MWRjOTY3ZDU2NDA5LzEvUW9janVZb0dmb3pwcjBRaVRYa0dQZnNVcmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80YWY4OTgtMjFjYi00ZDhkLWE2M2YtMWRjOTY3ZDU2NDA5
LzEvU1ZiekNFMlRFTy1odkFmdk1mazBzcFFmRUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXohgAwQF
wrGAMA0EAgACMAcDBQAqABLgMA0GCSqGSIb3DQEBCwUAA4IBAQA0QzwGsrK0OjCG
AugSmn47rBRjvp5H2xAEEh9Rf/3GsXxNw6iLfNEbo1AWri8Fic//P1XRRc/DCAJz
f6/Mp9kMDgaAb8u4E/oExm8iNaTf/m5YQxK3ktZG2819IRk/hTuYS65wUCYOHxt1
RzZUY+um4OOQHqp5MgYU6/1LfsFSnJd8TZ9UblIi8Y1FjvQxAxPJVifOz94Bgxkt
vBSEvhbzSvCmJ8KnI+RBDSPDptyCaZtb1Mo2ThvQlpkjRxmHE18ms+wqUNg16Dyg
zBo0vfBwiWF2csMAd6dep6CL6eEZd3ep37WyYxg4BjDXpwICK4VOOnA6XQunqtMA
44k28Il9
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:15:39 2025 by rpki-client