Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/_RuQI5qt_gCJV8eSXJjHywGzAcM.roa
File: _RuQI5qt_gCJV8eSXJjHywGzAcM.roa (raw, json)
Hash identifier: DUnvGlvb0qBwrlu2PMIboP80gnaIA1d0Yg1mit2U5+4=
Subject key identifier: FD:1B:90:23:9A:AD:FE:00:89:57:C7:92:5C:98:C7:CB:01:B3:01:C3
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 019420684D3F2709447362024DDCF0AE49D6
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/_RuQI5qt_gCJV8eSXJjHywGzAcM.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43754
IP address blocks: 84.47.232.0/21 maxlen: 21
84.47.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4d:3f:27:09:44:73:62:02:4d:dc:f0:ae:49:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd1b90239aadfe008957c7925c98c7cb01b301c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d2:f5:cc:40:26:3b:f2:cf:4e:b5:b6:26:34:
ea:8d:d7:ab:1b:18:42:21:e8:78:03:91:ee:c4:59:
96:8b:0d:43:73:a4:81:14:35:49:88:7b:6c:3c:71:
c8:87:a6:e0:2b:c1:73:10:56:d9:c0:5c:4c:31:27:
43:34:b8:f1:3c:df:1b:2e:16:68:e3:fa:76:7a:56:
73:f1:91:b4:9d:5a:19:fe:89:e9:69:cb:89:88:09:
a7:ab:95:16:19:a2:d8:49:20:9a:dd:31:57:dd:36:
d7:74:b4:b4:6b:00:51:27:8c:5b:7c:b5:a9:5e:43:
21:30:dd:b0:bc:d0:a3:e3:27:7a:59:ca:57:63:68:
80:ab:98:8b:1d:62:03:06:47:ee:dd:aa:b6:e0:9d:
cd:55:e1:d6:87:3d:70:1b:4d:74:8d:2a:fe:a6:8e:
59:f1:18:77:86:ab:43:50:76:d3:73:85:60:11:5c:
70:46:b8:c0:4a:94:04:93:35:11:c6:f0:43:86:5f:
b6:76:26:5a:b4:35:c2:16:ad:a5:09:47:f1:6f:35:
8f:dc:e8:19:9d:cf:d4:85:b6:77:f8:db:5c:22:10:
c8:bf:d2:7c:f6:8a:87:6f:cb:34:df:08:5b:1b:9c:
e7:2f:ca:de:78:f2:d0:34:e7:05:2a:23:1b:cd:4d:
b0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1B:90:23:9A:AD:FE:00:89:57:C7:92:5C:98:C7:CB:01:B3:01:C3
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/_RuQI5qt_gCJV8eSXJjHywGzAcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.232.0/21
Signature Algorithm: sha256WithRSAEncryption
40:af:4f:c0:eb:aa:50:22:29:81:9d:bd:12:0d:4d:cf:85:47:
9d:97:00:e2:30:ac:13:f1:ee:3b:56:1e:6d:4d:b5:3f:9f:b2:
13:35:24:36:84:2a:05:a5:e6:d5:40:39:6f:0c:c2:3c:69:2f:
f4:69:bf:f8:fa:8a:ff:25:9a:88:b6:53:3a:fa:83:35:83:95:
13:1b:63:76:5c:4f:39:05:51:56:9b:d1:3b:1c:b2:6d:5c:81:
3c:36:59:5d:f3:74:b9:c6:6e:17:b5:82:f5:fa:64:3d:67:54:
25:d6:28:76:6f:ce:3c:20:dc:84:b6:36:7c:59:f2:f7:db:d5:
8c:ab:ce:58:62:40:ea:62:d7:3c:60:0b:ed:32:b5:59:cd:25:
39:91:d2:d5:44:e6:32:40:1a:92:88:6b:9d:60:53:45:c8:9f:
6b:2f:e9:70:8c:c8:ba:74:6f:76:23:6a:8a:aa:ba:f6:8a:94:
cd:30:0a:50:99:42:cb:a9:bc:62:98:4c:b1:7d:33:59:65:1c:
87:0e:7d:07:d6:99:88:9a:f2:15:6f:67:ef:08:b9:c5:1d:f4:
e6:72:c4:7c:0f:eb:9a:7a:1c:84:34:e5:a7:f7:7d:bc:e8:61:
7c:10:95:be:a9:98:d8:cf:fd:5c:b5:72:d5:4f:53:42:21:f3:
36:a8:5f:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaE0/JwlEc2ICTdzwrknWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFiOTAyMzlhYWRmZTAwODk1N2M3OTI1Yzk4YzdjYjAxYjMwMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtL1zEAmO/LPTrW2JjTqjderGxhC
Ieh4A5HuxFmWiw1Dc6SBFDVJiHtsPHHIh6bgK8FzEFbZwFxMMSdDNLjxPN8bLhZo
4/p2elZz8ZG0nVoZ/onpacuJiAmnq5UWGaLYSSCa3TFX3TbXdLS0awBRJ4xbfLWp
XkMhMN2wvNCj4yd6WcpXY2iAq5iLHWIDBkfu3aq24J3NVeHWhz1wG010jSr+po5Z
8Rh3hqtDUHbTc4VgEVxwRrjASpQEkzURxvBDhl+2diZatDXCFq2lCUfxbzWP3OgZ
nc/UhbZ3+NtcIhDIv9J89oqHb8s03whbG5znL8reePLQNOcFKiMbzU2wQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0bkCOarf4AiVfHklyYx8sBswHDMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvX1J1UUk1cXRfZ0NKVjhlU1hKakh5d0d6QWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVC/oMA0G
CSqGSIb3DQEBCwUAA4IBAQBAr0/A66pQIimBnb0SDU3PhUedlwDiMKwT8e47Vh5t
TbU/n7ITNSQ2hCoFpebVQDlvDMI8aS/0ab/4+or/JZqItlM6+oM1g5UTG2N2XE85
BVFWm9E7HLJtXIE8Nlld83S5xm4XtYL1+mQ9Z1Ql1ih2b848INyEtjZ8WfL329WM
q85YYkDqYtc8YAvtMrVZzSU5kdLVROYyQBqSiGudYFNFyJ9rL+lwjMi6dG92I2qK
qrr2ipTNMApQmULLqbximEyxfTNZZRyHDn0H1pmImvIVb2fvCLnFHfTmcsR8D+ua
ehyENOWn93286GF8EJW+qZjYz/1ctXLVT1NCIfM2qF8B
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:21:37 2025 by rpki-client