Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/349nznGmuYln7Euzs0toW3LL2Co.roa
File: 349nznGmuYln7Euzs0toW3LL2Co.roa (raw, json)
Hash identifier: 2VcvoHu/ySd5oGJHcQApUau1Ip2UjCUmUdstoqEVP0Q=
Subject key identifier: DF:8F:67:CE:71:A6:B9:89:67:EC:4B:B3:B3:4B:68:5B:72:CB:D8:2A
Certificate issuer: /CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59
Certificate serial: 0194274803C7BA45DF6DD0F4AAA03A88C0D4
Authority key identifier: B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/349nznGmuYln7Euzs0toW3LL2Co.roa
Signing time: Thu 02 Jan 2025 13:50:18 +0000
ROA not before: Thu 02 Jan 2025 13:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 94.140.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:03:c7:ba:45:df:6d:d0:f4:aa:a0:3a:88:c0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59
Validity
Not Before: Jan 2 13:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df8f67ce71a6b98967ec4bb3b34b685b72cbd82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f1:84:3e:79:f0:f5:c6:ed:be:2b:29:aa:21:
2f:25:8f:ff:7d:2c:78:45:49:a0:80:8e:44:92:dc:
3c:55:94:3e:68:7f:7b:a9:e8:55:f4:56:99:bd:ab:
e2:b9:f1:0f:74:3e:4b:5f:0a:45:ce:eb:7d:be:81:
dd:d1:bd:a0:1d:f2:39:16:03:b9:b3:f0:f6:e5:0a:
25:ca:37:10:8f:b8:61:41:49:88:26:5c:d4:d1:12:
46:02:03:cf:11:bf:ce:03:35:57:e4:78:40:36:99:
86:48:15:f0:23:40:7c:25:89:b7:fe:c1:81:d4:97:
82:40:60:b8:cf:14:a2:3a:b3:ad:2f:97:40:1e:c9:
d2:71:37:e0:84:a1:06:52:74:52:cf:6e:07:ce:ca:
a9:7b:2f:28:b7:05:fb:9e:4c:97:4a:d7:03:54:1e:
b0:9c:dc:07:c4:39:ef:92:7d:99:e4:59:bc:19:0b:
83:d8:09:86:c1:70:43:f2:e2:df:57:21:08:48:8b:
74:eb:23:e5:3a:82:3a:e2:30:c4:93:bc:1a:1e:a4:
18:85:83:9e:60:0f:34:e4:98:f5:73:1f:89:bd:c2:
d9:67:cb:87:60:ec:e7:18:07:da:8b:e6:a1:07:b2:
cb:4b:04:0c:d1:d5:9d:19:59:a0:c4:e8:36:b4:21:
cc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8F:67:CE:71:A6:B9:89:67:EC:4B:B3:B3:4B:68:5B:72:CB:D8:2A
X509v3 Authority Key Identifier:
keyid:B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/349nznGmuYln7Euzs0toW3LL2Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.0.0/24
Signature Algorithm: sha256WithRSAEncryption
93:ab:ef:d9:fe:cf:f4:a0:13:cb:95:26:f4:17:c8:77:ae:64:
dd:32:fc:d6:9e:7e:ce:12:e4:b4:14:de:20:aa:ea:2f:8f:07:
40:76:a9:c0:6f:00:3c:79:89:eb:6b:bf:44:86:91:d8:35:7c:
e4:de:a8:b9:dc:0f:3a:ec:a5:48:36:4b:0d:65:7c:86:2f:7e:
cd:d4:4e:cf:8d:93:64:bf:a2:4e:05:2c:7d:14:e4:a5:57:87:
67:14:ab:d2:d7:8e:09:1b:fa:55:0c:e8:61:09:fb:5b:dc:d6:
8a:a7:46:d2:c8:a7:74:f2:1c:8d:90:09:f3:28:c6:dc:e9:cd:
47:84:f5:ed:c3:05:0a:44:d5:94:dd:21:2b:fd:bf:02:0d:f7:
12:2e:e1:7b:54:08:04:37:e7:9f:2f:25:24:79:10:24:f2:fd:
dc:1f:8a:0c:58:17:5a:c6:3f:35:7f:07:4d:51:23:63:dd:41:
c3:15:ae:51:d1:48:f5:25:39:53:4f:13:bb:6d:3b:b2:7e:c7:
c6:5a:37:70:45:4e:95:c4:54:78:d8:2f:e9:54:cd:62:24:6d:
df:7b:1a:13:7c:27:88:be:7d:e5:ac:c3:68:2b:5f:4c:3f:a7:
ca:5b:4e:d3:fb:48:74:9d:cc:d2:12:f6:1e:84:15:2e:e8:8e:
64:2d:4f:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSAPHukXfbdD0qqA6iMDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxODE0YTI4YThjMWViZTBhZGMzM2ExNTE5Yjk4ODNlMzA4
NGJiNTkwHhcNMjUwMTAyMTM1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhmNjdjZTcxYTZiOTg5NjdlYzRiYjNiMzRiNjg1YjcyY2JkODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPGEPnnw9cbtvispqiEvJY//fSx4
RUmggI5Ektw8VZQ+aH97qehV9FaZvaviufEPdD5LXwpFzut9voHd0b2gHfI5FgO5
s/D25QolyjcQj7hhQUmIJlzU0RJGAgPPEb/OAzVX5HhANpmGSBXwI0B8JYm3/sGB
1JeCQGC4zxSiOrOtL5dAHsnScTfghKEGUnRSz24Hzsqpey8otwX7nkyXStcDVB6w
nNwHxDnvkn2Z5Fm8GQuD2AmGwXBD8uLfVyEISIt06yPlOoI64jDEk7waHqQYhYOe
YA805Jj1cx+JvcLZZ8uHYOznGAfai+ahB7LLSwQM0dWdGVmgxOg2tCHMyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+PZ85xprmJZ+xLs7NLaFtyy9gqMB8GA1UdIwQY
MBaAFLGBSiiowevgrcM6FRm5iD4whLtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGIt
ODFkYWJjODFjMDVjLzEvMzQ5bnpuR211WWxuN0V1enMwdG9XM0xMMkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGItODFkYWJjODFjMDVj
LzEvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXowAMA0G
CSqGSIb3DQEBCwUAA4IBAQCTq+/Z/s/0oBPLlSb0F8h3rmTdMvzWnn7OEuS0FN4g
quovjwdAdqnAbwA8eYnra79EhpHYNXzk3qi53A867KVINksNZXyGL37N1E7PjZNk
v6JOBSx9FOSlV4dnFKvS144JG/pVDOhhCftb3NaKp0bSyKd08hyNkAnzKMbc6c1H
hPXtwwUKRNWU3SEr/b8CDfcSLuF7VAgEN+efLyUkeRAk8v3cH4oMWBdaxj81fwdN
USNj3UHDFa5R0Uj1JTlTTxO7bTuyfsfGWjdwRU6VxFR42C/pVM1iJG3fexoTfCeI
vn3lrMNoK19MP6fKW07T+0h0nczSEvYehBUu6I5kLU88
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:23:45 2025 by rpki-client