Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3b3dcf-cbab-465b-8e90-da738a390f6e/1/Swt5oFMQEQM3RtDOFxZCp2VObOM.roa
File: Swt5oFMQEQM3RtDOFxZCp2VObOM.roa (raw, json)
Hash identifier: d7VQjqZCXdGvodDw1gYlaDWjc+rRxAbFcC4KKSSYHOs=
Subject key identifier: 4B:0B:79:A0:53:10:11:03:37:46:D0:CE:17:16:42:A7:65:4E:6C:E3
Certificate issuer: /CN=df14fe6cda90c9afe807590d2d50374a76a28e13
Certificate serial: 019424B25E87F7997AF8FCE36A95CD62D367
Authority key identifier: DF:14:FE:6C:DA:90:C9:AF:E8:07:59:0D:2D:50:37:4A:76:A2:8E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3xT-bNqQya_oB1kNLVA3SnaijhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3b3dcf-cbab-465b-8e90-da738a390f6e/1/Swt5oFMQEQM3RtDOFxZCp2VObOM.roa
Signing time: Thu 02 Jan 2025 01:47:36 +0000
ROA not before: Thu 02 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196816
IP address blocks: 94.143.24.0/21 maxlen: 24
185.21.32.0/22 maxlen: 24
2a01:4480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:5e:87:f7:99:7a:f8:fc:e3:6a:95:cd:62:d3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df14fe6cda90c9afe807590d2d50374a76a28e13
Validity
Not Before: Jan 2 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b0b79a0531011033746d0ce171642a7654e6ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:e9:31:a4:22:6e:2d:5f:a0:4d:cd:d7:59:
29:11:71:3b:37:72:c0:57:30:3f:d3:04:c7:6f:21:
3e:dd:e1:7a:cc:42:75:e8:94:72:a6:30:2a:11:3c:
06:ff:e3:ef:06:fa:9f:79:3e:a6:d8:94:33:df:45:
5b:c5:42:1b:e3:f5:97:3f:c1:24:68:54:c1:15:0f:
ea:74:75:71:c5:28:a3:ce:39:30:ab:3a:27:e9:1a:
04:16:2f:3a:87:fc:de:88:30:9f:fd:d1:4b:fd:69:
b4:da:24:0f:a1:12:82:07:b3:e6:52:b9:2e:cc:a2:
55:eb:59:05:54:f5:90:c0:bf:f4:77:d7:c5:de:44:
ff:b7:0f:95:cd:5e:60:00:dd:e3:b4:4b:83:43:87:
1b:1c:b6:34:7e:80:08:02:19:ca:7d:bc:4c:9c:b5:
0a:d2:cc:ca:de:e4:20:ab:49:e1:bf:18:e3:b4:4d:
12:94:e4:a7:85:65:90:c4:62:30:07:8d:37:23:6a:
ed:da:1f:ae:19:39:8c:d2:7c:a5:3f:9c:ee:fe:fe:
01:ef:e2:9e:09:82:cb:1a:fe:c1:61:61:82:30:3d:
e3:fd:2b:9a:8a:10:44:1a:9e:3a:d9:50:86:a7:c2:
f9:5f:b0:fc:65:51:6d:6d:2b:a1:81:3a:50:05:16:
96:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:0B:79:A0:53:10:11:03:37:46:D0:CE:17:16:42:A7:65:4E:6C:E3
X509v3 Authority Key Identifier:
keyid:DF:14:FE:6C:DA:90:C9:AF:E8:07:59:0D:2D:50:37:4A:76:A2:8E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3xT-bNqQya_oB1kNLVA3SnaijhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3b3dcf-cbab-465b-8e90-da738a390f6e/1/Swt5oFMQEQM3RtDOFxZCp2VObOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3b3dcf-cbab-465b-8e90-da738a390f6e/1/3xT-bNqQya_oB1kNLVA3SnaijhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.24.0/21
185.21.32.0/22
IPv6:
2a01:4480::/32
Signature Algorithm: sha256WithRSAEncryption
94:98:d0:cd:38:1a:cb:92:da:93:d1:ab:90:49:95:70:24:d1:
be:fd:b8:1f:6a:50:4b:18:b5:c8:6c:f0:89:19:87:07:51:a1:
54:e8:d3:dd:30:57:5f:ac:cf:24:60:b0:a9:be:df:8c:f2:ec:
ba:ec:fb:43:30:cb:45:ef:de:84:92:96:db:57:38:8e:a8:75:
50:1f:dc:98:58:31:d6:62:57:32:78:90:ba:63:0e:4c:b4:c0:
7a:f6:92:02:89:49:73:c2:f4:6a:66:a8:19:30:e9:66:4f:71:
f3:50:d7:78:44:73:9c:73:28:48:60:4c:6e:18:c1:ee:15:ed:
81:c1:1d:19:b9:c1:ce:45:f1:b6:15:eb:a5:55:d0:7a:45:1f:
70:4d:f0:63:01:4d:ad:d8:5e:7a:78:bb:4a:d4:15:90:3f:eb:
b7:bd:db:6d:7e:ca:dd:8f:16:e1:9d:06:d2:df:b2:b2:78:d6:
56:27:1e:88:1f:3c:f0:d7:65:18:46:1a:2c:56:4b:72:9b:2d:
f8:5d:18:3e:ba:54:57:7c:61:7f:7c:85:3f:10:c7:7f:1b:ab:
f7:3e:94:79:3d:a2:c8:9e:a5:46:7e:ee:49:fb:68:39:d0:be:
57:4c:66:1a:6e:ea:f3:06:9f:d8:7b:62:cd:fc:dd:e1:82:c3:
50:6b:51:ab
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQksl6H95l6+PzjapXNYtNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMTRmZTZjZGE5MGM5YWZlODA3NTkwZDJkNTAzNzRhNzZh
MjhlMTMwHhcNMjUwMTAyMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBiNzlhMDUzMTAxMTAzMzc0NmQwY2UxNzE2NDJhNzY1NGU2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXLpMaQibi1foE3N11kpEXE7N3LA
VzA/0wTHbyE+3eF6zEJ16JRypjAqETwG/+PvBvqfeT6m2JQz30VbxUIb4/WXP8Ek
aFTBFQ/qdHVxxSijzjkwqzon6RoEFi86h/zeiDCf/dFL/Wm02iQPoRKCB7PmUrku
zKJV61kFVPWQwL/0d9fF3kT/tw+VzV5gAN3jtEuDQ4cbHLY0foAIAhnKfbxMnLUK
0szK3uQgq0nhvxjjtE0SlOSnhWWQxGIwB403I2rt2h+uGTmM0nylP5zu/v4B7+Ke
CYLLGv7BYWGCMD3j/SuaihBEGp462VCGp8L5X7D8ZVFtbSuhgTpQBRaWLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEsLeaBTEBEDN0bQzhcWQqdlTmzjMB8GA1UdIwQY
MBaAFN8U/mzakMmv6AdZDS1QN0p2oo4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3hULWJOcVF5YV9vQjFrTkxWQTNTbmFpamhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYjNkY2YtY2JhYi00NjViLThlOTAt
ZGE3MzhhMzkwZjZlLzEvU3d0NW9GTVFFUU0zUnRET0Z4WkNwMlZPYk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYjNkY2YtY2JhYi00NjViLThlOTAtZGE3MzhhMzkwZjZl
LzEvM3hULWJOcVF5YV9vQjFrTkxWQTNTbmFpamhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo8YAwQC
uRUgMA0EAgACMAcDBQAqAUSAMA0GCSqGSIb3DQEBCwUAA4IBAQCUmNDNOBrLktqT
0auQSZVwJNG+/bgfalBLGLXIbPCJGYcHUaFU6NPdMFdfrM8kYLCpvt+M8uy67PtD
MMtF796EkpbbVziOqHVQH9yYWDHWYlcyeJC6Yw5MtMB69pICiUlzwvRqZqgZMOlm
T3HzUNd4RHOccyhIYExuGMHuFe2BwR0ZucHORfG2FeulVdB6RR9wTfBjAU2t2F56
eLtK1BWQP+u3vdttfsrdjxbhnQbS37KyeNZWJx6IHzzw12UYRhosVktymy34XRg+
ulRXfGF/fIU/EMd/G6v3PpR5PaLInqVGfu5J+2g50L5XTGYaburzBp/Ye2LN/N3h
gsNQa1Gr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:13 2025 by rpki-client