Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/SqtYThdmBqS2fOerWw_ZemEk-GI.roa
File: SqtYThdmBqS2fOerWw_ZemEk-GI.roa (raw, json)
Hash identifier: OYvw2ByHlIkmRYPSxz2k8ME/zszQfl3CPYMZDe3YYSI=
Subject key identifier: 4A:AB:58:4E:17:66:06:A4:B6:7C:E7:AB:5B:0F:D9:7A:61:24:F8:62
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 01857183238ADEEE705E8551262213593703
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/SqtYThdmBqS2fOerWw_ZemEk-GI.roa
Signing time: Mon 02 Jan 2023 08:04:57 +0000
ROA not before: Mon 02 Jan 2023 08:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 84.47.232.0/21 maxlen: 21
84.47.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:23:8a:de:ee:70:5e:85:51:26:22:13:59:37:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 2 08:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aab584e176606a4b67ce7ab5b0fd97a6124f862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:31:f7:98:46:c2:3d:c5:b5:c9:50:e1:2d:e2:
56:9f:44:47:d7:bc:5a:3d:89:ad:99:0f:63:7e:3c:
12:4e:65:89:2d:ea:67:03:67:2c:de:c0:a5:a3:04:
6b:81:ae:16:65:96:de:da:d7:60:91:6a:74:e7:a5:
86:74:0b:75:1f:9b:60:f8:90:e4:83:dd:80:64:a7:
49:b8:09:dc:db:95:38:63:c6:a0:7d:5a:3f:70:24:
37:6e:ce:44:41:11:be:2a:76:bb:05:86:65:a8:51:
3d:f6:ab:fc:63:2e:25:8b:d2:db:44:8e:54:9d:f1:
55:f0:be:17:0d:ab:e9:73:0e:79:e8:16:0b:05:7b:
18:d8:ce:7b:6c:04:24:35:4d:53:4a:01:ed:59:fb:
0a:e0:ee:78:b3:72:5e:ef:20:ad:79:5c:25:dc:d4:
a1:ec:7f:20:9d:23:60:e4:20:97:06:9f:40:fc:0b:
39:b7:ec:ce:74:41:a2:a7:f9:1e:a1:ff:fd:9c:15:
c1:d0:2e:a8:c8:5f:3c:5a:91:7f:88:2a:aa:e1:a4:
4f:fa:88:1f:87:91:a9:a6:f2:49:0b:3b:5c:6e:46:
94:1e:12:40:52:27:26:c0:e2:fa:26:7d:71:58:a8:
68:75:16:10:ec:32:a4:7b:0e:8f:22:a6:25:8c:c5:
d3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AB:58:4E:17:66:06:A4:B6:7C:E7:AB:5B:0F:D9:7A:61:24:F8:62
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/SqtYThdmBqS2fOerWw_ZemEk-GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:4c:ce:f9:0a:8c:25:b7:5d:81:79:b8:4b:8c:a8:85:9a:3d:
b5:be:23:b1:b8:08:8f:8a:e7:a0:87:ac:85:4c:08:b2:30:77:
27:4f:a9:f4:65:0e:cb:7a:2d:6c:cc:63:81:cb:ad:77:5c:d4:
34:4f:b6:49:99:34:50:bb:c2:fd:7a:84:64:6e:c9:c3:a3:a9:
c6:4a:20:c1:9f:f7:1e:ac:43:6f:99:4a:75:52:be:52:5d:78:
c9:fe:cb:1c:d4:d3:f1:ee:37:fe:05:59:e9:27:0e:88:2a:35:
73:84:aa:4d:d1:e0:cd:e7:03:08:a0:f0:49:ea:d0:4b:df:e9:
0d:8d:c6:d7:82:0c:ac:ae:95:04:c6:d2:d0:b3:0b:57:f7:5c:
59:1b:37:0a:5b:12:95:32:7f:d7:97:32:90:65:83:23:65:ec:
7e:57:41:2a:d9:ce:da:d5:b6:42:a2:18:4c:32:6d:23:0f:af:
7b:32:b6:56:22:b9:56:d4:96:1b:e1:8a:af:2c:0e:01:dc:82:
6e:8f:0d:5e:88:d8:81:a1:3e:cd:33:26:c6:5d:6c:fb:78:ad:
9f:50:b1:8d:74:59:aa:f2:1c:db:bd:11:2b:fd:95:b6:8a:1a:
28:00:38:4d:13:26:f7:c9:04:7b:5b:03:c9:7c:45:c7:9f:de:
de:62:89:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgyOK3u5wXoVRJiITWTcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjMwMTAyMDgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFiNTg0ZTE3NjYwNmE0YjY3Y2U3YWI1YjBmZDk3YTYxMjRmODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDH3mEbCPcW1yVDhLeJWn0RH17xa
PYmtmQ9jfjwSTmWJLepnA2cs3sClowRrga4WZZbe2tdgkWp056WGdAt1H5tg+JDk
g92AZKdJuAnc25U4Y8agfVo/cCQ3bs5EQRG+Kna7BYZlqFE99qv8Yy4li9LbRI5U
nfFV8L4XDavpcw556BYLBXsY2M57bAQkNU1TSgHtWfsK4O54s3Je7yCteVwl3NSh
7H8gnSNg5CCXBp9A/As5t+zOdEGip/keof/9nBXB0C6oyF88WpF/iCqq4aRP+ogf
h5GppvJJCztcbkaUHhJAUicmwOL6Jn1xWKhodRYQ7DKkew6PIqYljMXTVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqrWE4XZgaktnznq1sP2XphJPhiMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvU3F0WVRoZG1CcVMyZk9lcld3X1plbUVrLUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVC/oMA0G
CSqGSIb3DQEBCwUAA4IBAQBrTM75Cowlt12BebhLjKiFmj21viOxuAiPiuegh6yF
TAiyMHcnT6n0ZQ7Lei1szGOBy613XNQ0T7ZJmTRQu8L9eoRkbsnDo6nGSiDBn/ce
rENvmUp1Ur5SXXjJ/ssc1NPx7jf+BVnpJw6IKjVzhKpN0eDN5wMIoPBJ6tBL3+kN
jcbXggysrpUExtLQswtX91xZGzcKWxKVMn/XlzKQZYMjZex+V0Eq2c7a1bZCohhM
Mm0jD697MrZWIrlW1JYb4YqvLA4B3IJujw1eiNiBoT7NMybGXWz7eK2fULGNdFmq
8hzbvREr/ZW2ihooADhNEyb3yQR7WwPJfEXHn97eYol6
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:52:37 2025 by rpki-client