Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/gUjay7S2lD-NGIuvQV60U1UgCl8.roa
File: gUjay7S2lD-NGIuvQV60U1UgCl8.roa (raw, json)
Hash identifier: kZNCeAFsIxqcLbgHZrI8o6dSw6s6559zm573JKLGJ9E=
Subject key identifier: 81:48:DA:CB:B4:B6:94:3F:8D:18:8B:AF:41:5E:B4:53:55:20:0A:5F
Certificate issuer: /CN=f4ba7c145898b8ae3d2b3a1c71c50ab19a93f647
Certificate serial: 018CCA29DAE7146926AFE04DED534BDB0A42
Authority key identifier: F4:BA:7C:14:58:98:B8:AE:3D:2B:3A:1C:71:C5:0A:B1:9A:93:F6:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Lp8FFiYuK49KzocccUKsZqT9kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/gUjay7S2lD-NGIuvQV60U1UgCl8.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 185.94.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:da:e7:14:69:26:af:e0:4d:ed:53:4b:db:0a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ba7c145898b8ae3d2b3a1c71c50ab19a93f647
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8148dacbb4b6943f8d188baf415eb45355200a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8d:18:3d:1d:f8:65:29:6f:10:1f:95:6a:fe:
3d:b4:16:e3:54:5a:ad:bc:58:f0:6b:de:56:44:dd:
74:08:9d:b8:26:58:ec:ca:df:c4:66:9d:8e:08:9c:
58:f1:71:b1:69:0e:23:79:3a:6d:e0:ca:b0:02:64:
ab:1a:ed:2a:be:53:32:34:74:5f:8f:64:0f:0d:0f:
db:28:5b:86:8f:cb:6d:6f:04:76:a9:30:f8:fb:93:
48:a5:ad:60:84:4f:32:ba:1c:f9:4c:d1:e1:97:58:
cd:9d:75:55:19:81:d6:11:97:b9:f4:6f:52:8a:ff:
ab:e1:4d:1a:bc:a3:4c:fd:11:d2:3f:42:c5:c1:87:
06:23:54:f1:c7:95:6b:19:15:40:06:3a:61:ab:87:
d4:35:23:ee:11:77:fc:d5:9a:4e:1a:01:c3:7d:8d:
74:ce:ba:67:1d:e5:06:01:d5:e2:18:21:02:fa:0b:
7e:da:bd:cb:9e:ce:70:cf:af:1d:a7:82:1f:30:4e:
78:95:ed:46:b3:15:dd:b0:bd:2a:4b:80:20:77:f0:
a4:2a:cf:c3:ef:22:b7:60:08:6d:be:ea:82:e9:7b:
1d:9e:a7:96:43:2d:16:9f:80:20:9b:12:a5:7a:db:
c2:fb:2d:0d:a4:bc:82:a8:eb:91:f5:cf:77:19:7e:
11:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:48:DA:CB:B4:B6:94:3F:8D:18:8B:AF:41:5E:B4:53:55:20:0A:5F
X509v3 Authority Key Identifier:
keyid:F4:BA:7C:14:58:98:B8:AE:3D:2B:3A:1C:71:C5:0A:B1:9A:93:F6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Lp8FFiYuK49KzocccUKsZqT9kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/gUjay7S2lD-NGIuvQV60U1UgCl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/6db52b-ce95-4a3b-a963-484c24ed52ae/1/9Lp8FFiYuK49KzocccUKsZqT9kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.64.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a6:c7:0a:34:29:92:d3:16:00:4b:1b:dd:79:1d:e9:5b:f2:
04:55:08:84:16:b0:ad:6f:3b:ca:f9:6b:1c:52:ec:c3:ac:b7:
ec:e5:49:eb:40:83:65:2a:7a:0e:d5:11:ab:56:9a:72:42:42:
0f:aa:16:88:d5:17:39:01:25:dc:41:90:a0:ff:5e:b0:f4:5a:
78:a8:22:62:5d:f2:aa:89:f4:83:90:3a:e5:94:a4:8b:f5:43:
3a:03:d0:ac:81:7c:24:a9:cb:aa:87:14:fa:15:85:93:75:f7:
70:6e:c6:f4:f6:35:aa:61:4a:51:76:a3:3b:38:e2:41:c0:8e:
07:1f:0b:ea:26:01:14:c9:59:2d:bd:8a:4a:a3:82:4b:b5:d8:
cf:0a:b0:ab:94:47:a5:3b:78:13:a7:ac:e7:e5:f6:6c:12:3a:
08:df:7d:c1:f6:d7:b9:71:4b:e8:0c:a6:23:2f:99:14:4e:31:
bc:ff:3f:bb:31:b3:8b:b3:0b:3f:91:d0:7f:ec:af:7c:cd:15:
1c:e7:8d:6a:0c:bd:b9:b1:5d:67:f8:b4:a9:41:ba:a8:84:ac:
7f:47:63:94:99:f4:40:5c:3c:53:31:0d:5d:24:a6:c5:5f:a8:
fb:aa:0b:6a:0e:6b:83:27:6d:e6:c2:05:dd:6b:11:b3:5b:c4:
57:37:f1:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKdrnFGkmr+BN7VNL2wpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YmE3YzE0NTg5OGI4YWUzZDJiM2ExYzcxYzUwYWIxOWE5
M2Y2NDcwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ4ZGFjYmI0YjY5NDNmOGQxODhiYWY0MTVlYjQ1MzU1MjAwYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy40YPR34ZSlvEB+Vav49tBbjVFqt
vFjwa95WRN10CJ24Jljsyt/EZp2OCJxY8XGxaQ4jeTpt4MqwAmSrGu0qvlMyNHRf
j2QPDQ/bKFuGj8ttbwR2qTD4+5NIpa1ghE8yuhz5TNHhl1jNnXVVGYHWEZe59G9S
iv+r4U0avKNM/RHSP0LFwYcGI1Txx5VrGRVABjphq4fUNSPuEXf81ZpOGgHDfY10
zrpnHeUGAdXiGCEC+gt+2r3Lns5wz68dp4IfME54le1GsxXdsL0qS4Agd/CkKs/D
7yK3YAhtvuqC6XsdnqeWQy0Wn4AgmxKletvC+y0NpLyCqOuR9c93GX4RXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFI2su0tpQ/jRiLr0FetFNVIApfMB8GA1UdIwQY
MBaAFPS6fBRYmLiuPSs6HHHFCrGak/ZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxwOEZGaVl1SzQ5S3pvY2NjVUtzWnFUOWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC82ZGI1MmItY2U5NS00YTNiLWE5NjMt
NDg0YzI0ZWQ1MmFlLzEvZ1VqYXk3UzJsRC1OR0l1dlFWNjBVMVVnQ2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC82ZGI1MmItY2U5NS00YTNiLWE5NjMtNDg0YzI0ZWQ1MmFl
LzEvOUxwOEZGaVl1SzQ5S3pvY2NjVUtzWnFUOWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAhpscKNCmS0xYASxvdeR3pW/IEVQiEFrCtbzvK+Wsc
UuzDrLfs5UnrQINlKnoO1RGrVppyQkIPqhaI1Rc5ASXcQZCg/16w9Fp4qCJiXfKq
ifSDkDrllKSL9UM6A9CsgXwkqcuqhxT6FYWTdfdwbsb09jWqYUpRdqM7OOJBwI4H
HwvqJgEUyVktvYpKo4JLtdjPCrCrlEelO3gTp6zn5fZsEjoI333B9te5cUvoDKYj
L5kUTjG8/z+7MbOLsws/kdB/7K98zRUc541qDL25sV1n+LSpQbqohKx/R2OUmfRA
XDxTMQ1dJKbFX6j7qgtqDmuDJ23mwgXdaxGzW8RXN/H1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:15 2025 by rpki-client