Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/37d01f-4a9d-456c-aca9-d852433364b3/1/aaQlTbSuehyAaJkFmJvfDfeoRXY.roa
File: aaQlTbSuehyAaJkFmJvfDfeoRXY.roa (raw, json)
Hash identifier: cIDCcZwMBCSoI2oHuXsiVCoCtbCSBqKRLHHUS9bGWws=
Subject key identifier: 69:A4:25:4D:B4:AE:7A:1C:80:68:99:05:98:9B:DF:0D:F7:A8:45:76
Certificate issuer: /CN=46dd25d9f15c227ca35f8a2e2b0d1a89a92d8d62
Certificate serial: 016DEE63
Authority key identifier: 46:DD:25:D9:F1:5C:22:7C:A3:5F:8A:2E:2B:0D:1A:89:A9:2D:8D:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rt0l2fFcInyjX4ouKw0aiaktjWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/37d01f-4a9d-456c-aca9-d852433364b3/1/aaQlTbSuehyAaJkFmJvfDfeoRXY.roa
Signing time: Sun 20 Feb 2022 18:25:11 +0000
ROA not before: Sun 20 Feb 2022 18:25:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397423
IP address blocks: 94.124.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23981667 (0x16dee63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46dd25d9f15c227ca35f8a2e2b0d1a89a92d8d62
Validity
Not Before: Feb 20 18:25:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69a4254db4ae7a1c80689905989bdf0df7a84576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f3:ed:e6:30:04:13:be:34:af:b8:97:2a:ca:
8f:e4:f3:f3:d0:9f:ea:33:6c:64:aa:bd:6d:4e:e8:
a4:30:ad:8c:eb:41:df:7e:ee:0a:96:c6:04:78:2a:
fe:fb:96:35:14:7a:4a:92:e2:c8:51:21:4c:29:55:
47:2d:f0:06:d2:2a:cd:1b:38:ec:cb:be:47:59:34:
99:48:8b:88:1b:a8:08:8d:7b:85:4a:fe:9b:f0:d9:
74:6f:a4:b4:30:01:9a:93:c7:79:90:4f:26:3c:b6:
5f:0b:8d:36:c0:c2:2b:af:19:22:9f:63:e1:29:92:
b2:35:8d:10:f6:80:90:87:58:3e:53:0f:5e:a7:9e:
b4:0f:49:b0:02:89:8d:4f:8a:1e:d2:71:95:7a:62:
1a:cf:21:55:e5:62:83:47:ed:19:10:82:52:58:67:
60:74:8d:08:ac:43:c2:f4:2b:5b:28:20:3e:fa:4e:
89:3e:25:c4:6f:a3:d5:09:f4:1a:be:18:fc:af:30:
94:4b:32:07:4b:72:c6:83:2d:f1:f9:ed:d2:b9:77:
0e:18:1f:b2:b3:23:c3:d5:76:3a:7f:29:c5:5a:ce:
6b:50:40:c7:64:99:48:57:1c:db:9b:88:95:de:4d:
fb:0d:27:cb:57:71:68:fe:c6:72:c0:f4:dc:3e:81:
1e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A4:25:4D:B4:AE:7A:1C:80:68:99:05:98:9B:DF:0D:F7:A8:45:76
X509v3 Authority Key Identifier:
keyid:46:DD:25:D9:F1:5C:22:7C:A3:5F:8A:2E:2B:0D:1A:89:A9:2D:8D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rt0l2fFcInyjX4ouKw0aiaktjWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37d01f-4a9d-456c-aca9-d852433364b3/1/aaQlTbSuehyAaJkFmJvfDfeoRXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37d01f-4a9d-456c-aca9-d852433364b3/1/Rt0l2fFcInyjX4ouKw0aiaktjWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.72.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f9:d0:2c:62:3a:30:02:9a:b5:d7:dd:7e:8e:7c:aa:ba:89:
eb:57:f4:fc:3f:e1:b8:17:0a:da:1b:55:4f:03:3e:91:7a:8f:
d2:57:dd:31:21:48:71:c0:cf:fc:4b:1e:e8:8c:7a:6c:73:00:
9c:9d:23:46:b7:d6:3c:51:fb:d8:10:17:a0:14:ad:ff:aa:39:
7d:96:4a:1b:01:7e:7d:e3:b6:54:ba:0f:63:38:94:68:8c:ad:
54:f5:36:21:3d:f3:fa:3a:ec:3a:09:52:ca:7a:49:85:62:91:
31:a9:a6:b6:43:db:10:ac:59:a2:a6:c8:4f:67:00:4c:45:7d:
a9:e7:27:46:37:0d:99:70:fc:4e:d5:87:fa:e2:aa:12:c8:c0:
1b:41:5a:cd:b0:35:95:c7:61:b5:d9:9b:66:fc:88:e8:b1:59:
8d:72:95:74:76:94:db:c9:4c:5d:b2:c4:e1:a2:5f:43:3d:67:
fa:d9:77:c3:7a:80:17:69:5f:fc:43:f3:f3:cd:a9:51:6b:3f:
a7:74:fc:e4:58:36:2c:f9:a8:2b:1f:4d:84:1d:11:6b:ea:5b:
c9:09:b3:b3:fb:27:5d:4f:68:3f:80:b2:c4:61:7c:cb:b0:91:
ff:bc:89:41:10:21:80:19:c0:4e:90:d5:f6:cb:08:f6:68:98:
4d:98:9e:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAW3uYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmRkMjVkOWYxNWMyMjdjYTM1ZjhhMmUyYjBkMWE4OWE5MmQ4ZDYyMB4XDTIyMDIy
MDE4MjUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlhNDI1NGRiNGFl
N2ExYzgwNjg5OTA1OTg5YmRmMGRmN2E4NDU3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXz7eYwBBO+NK+4lyrKj+Tz89Cf6jNsZKq9bU7opDCtjOtB
337uCpbGBHgq/vuWNRR6SpLiyFEhTClVRy3wBtIqzRs47Mu+R1k0mUiLiBuoCI17
hUr+m/DZdG+ktDABmpPHeZBPJjy2XwuNNsDCK68ZIp9j4SmSsjWNEPaAkIdYPlMP
XqeetA9JsAKJjU+KHtJxlXpiGs8hVeVig0ftGRCCUlhnYHSNCKxDwvQrWyggPvpO
iT4lxG+j1Qn0Gr4Y/K8wlEsyB0tyxoMt8fnt0rl3DhgfsrMjw9V2On8pxVrOa1BA
x2SZSFcc25uIld5N+w0ny1dxaP7GcsD03D6BHssCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRppCVNtK56HIBomQWYm98N96hFdjAfBgNVHSMEGDAWgBRG3SXZ8VwifKNf
ii4rDRqJqS2NYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1J0MGwyZkZjSW55alg0b3VLdzBhaWFrdGpXSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMzdkMDFmLTRhOWQtNDU2Yy1hY2E5LWQ4NTI0MzMzNjRiMy8x
L2FhUWxUYlN1ZWh5QWFKa0ZtSnZmRGZlb1JYWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MzdkMDFmLTRhOWQtNDU2Yy1hY2E5LWQ4NTI0MzMzNjRiMy8xL1J0MGwyZkZjSW55
alg0b3VLdzBhaWFrdGpXSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF58SDANBgkqhkiG9w0BAQsFAAOC
AQEAMfnQLGI6MAKatdfdfo58qrqJ61f0/D/huBcK2htVTwM+kXqP0lfdMSFIccDP
/Ese6Ix6bHMAnJ0jRrfWPFH72BAXoBSt/6o5fZZKGwF+feO2VLoPYziUaIytVPU2
IT3z+jrsOglSynpJhWKRMammtkPbEKxZoqbIT2cATEV9qecnRjcNmXD8TtWH+uKq
EsjAG0FazbA1lcdhtdmbZvyI6LFZjXKVdHaU28lMXbLE4aJfQz1n+tl3w3qAF2lf
/EPz882pUWs/p3T85Fg2LPmoKx9NhB0Ra+pbyQmzs/snXU9oP4CyxGF8y7CR/7yJ
QRAhgBnATpDV9ssI9miYTZieaA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:15:48 2025 by rpki-client