Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/aPXuZfz52ZRsbqGvFfVnW00fWWA.roa
File: aPXuZfz52ZRsbqGvFfVnW00fWWA.roa (raw, json)
Hash identifier: Dx9nAXr6iuC6gPBhS54wL2WyJb0gHqnEb9mUSF7is9A=
Subject key identifier: 68:F5:EE:65:FC:F9:D9:94:6C:6E:A1:AF:15:F5:67:5B:4D:1F:59:60
Certificate issuer: /CN=336b69e2dd29bbe48946c4d58ac60eb23dff95c5
Certificate serial: 018B1432AB2E83CE45B9959EDA55A5FBB150
Authority key identifier: 33:6B:69:E2:DD:29:BB:E4:89:46:C4:D5:8A:C6:0E:B2:3D:FF:95:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2tp4t0pu-SJRsTVisYOsj3_lcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/aPXuZfz52ZRsbqGvFfVnW00fWWA.roa
Signing time: Mon 09 Oct 2023 11:29:06 +0000
ROA not before: Mon 09 Oct 2023 11:29:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 94.124.96.0/22 maxlen: 22
94.124.96.0/24 maxlen: 24
94.124.98.0/24 maxlen: 24
94.124.97.0/24 maxlen: 24
94.124.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:32:ab:2e:83:ce:45:b9:95:9e:da:55:a5:fb:b1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=336b69e2dd29bbe48946c4d58ac60eb23dff95c5
Validity
Not Before: Oct 9 11:29:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68f5ee65fcf9d9946c6ea1af15f5675b4d1f5960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:4a:4c:97:79:e9:1a:53:76:b2:f5:84:ec:
18:84:58:fd:87:f0:d9:e9:26:55:2c:59:df:fa:3b:
8f:09:6b:9a:77:32:c8:93:d4:02:f3:1b:16:40:45:
a5:0b:94:c9:58:ac:30:db:60:39:46:a7:85:b1:1a:
5f:e3:aa:ac:a5:fc:72:b8:eb:75:2a:b3:fa:15:10:
99:9e:c6:99:82:53:38:1a:aa:cf:da:9a:4a:50:dd:
20:7f:a3:ad:73:00:e1:96:4e:60:0a:5e:a0:05:a2:
0a:4d:8d:79:5f:44:9a:f3:46:13:87:0d:47:c3:fe:
8c:fb:a5:57:cc:a5:dd:91:87:4c:0f:4a:31:af:0c:
8b:9d:f2:8f:0b:77:73:9e:ae:98:4a:62:8e:bb:71:
f9:0f:07:0b:8b:26:87:4e:88:77:d5:e0:50:fa:67:
eb:de:e1:1d:58:b4:d3:ca:57:08:9e:83:b9:96:33:
ce:56:65:5b:10:1a:12:3a:e1:06:a1:ff:c9:35:08:
28:7f:3d:2b:2f:c1:2a:4a:84:6d:f4:00:60:25:e4:
da:ed:52:a1:4e:a0:8d:4d:2d:c1:b0:83:e9:d1:6e:
a9:4c:6a:24:f7:37:63:ef:ab:3f:3b:bb:6b:c3:9f:
20:0b:c2:13:da:6a:76:09:9b:ae:51:c0:11:f6:ac:
1c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F5:EE:65:FC:F9:D9:94:6C:6E:A1:AF:15:F5:67:5B:4D:1F:59:60
X509v3 Authority Key Identifier:
keyid:33:6B:69:E2:DD:29:BB:E4:89:46:C4:D5:8A:C6:0E:B2:3D:FF:95:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2tp4t0pu-SJRsTVisYOsj3_lcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/aPXuZfz52ZRsbqGvFfVnW00fWWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/M2tp4t0pu-SJRsTVisYOsj3_lcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.96.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:57:07:5f:6c:b6:cb:56:ae:a6:91:f2:1e:be:3f:a6:1b:dc:
f7:e4:cf:43:71:e9:23:94:00:e0:a0:44:2d:1d:db:8a:71:ed:
bc:fd:2f:4a:9f:12:ff:03:83:ef:cd:99:ee:2f:31:86:61:ee:
0e:94:5d:63:b9:a8:ac:59:82:b3:cb:08:6c:4d:2a:c4:52:2a:
15:ed:f1:ba:2b:7f:7e:5e:83:07:05:1a:c6:90:e7:42:48:d5:
21:42:d6:d7:d0:eb:ef:c8:29:1a:7c:ec:bd:8c:7b:c9:95:33:
71:af:6b:3a:0a:ff:13:f8:f2:7b:7f:0b:d1:13:ee:78:bd:a6:
ef:23:c8:c2:f0:e8:df:74:c4:f0:4b:19:b7:8d:a8:88:6f:2a:
b5:4d:a6:05:da:ea:2d:0e:73:45:6a:f7:78:1d:64:4b:2b:f3:
8a:eb:d9:02:20:02:20:61:df:25:36:15:87:ae:53:69:f7:04:
5e:28:99:7f:1f:98:ab:16:25:13:db:80:e9:c2:79:e7:0f:76:
e8:51:a0:6a:d8:58:3b:b0:ce:bd:73:dc:34:7d:f0:d3:6f:4d:
74:a0:40:e6:2c:b3:df:aa:e3:50:02:e2:3c:87:fd:dd:6e:e6:
4e:e4:33:26:02:3b:01:77:86:84:f2:0b:31:4a:02:04:08:cb:
cd:c2:57:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsUMqsug85FuZWe2lWl+7FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNmI2OWUyZGQyOWJiZTQ4OTQ2YzRkNThhYzYwZWIyM2Rm
Zjk1YzUwHhcNMjMxMDA5MTEyOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY1ZWU2NWZjZjlkOTk0NmM2ZWExYWYxNWY1Njc1YjRkMWY1OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibBKTJd56RpTdrL1hOwYhFj9h/DZ
6SZVLFnf+juPCWuadzLIk9QC8xsWQEWlC5TJWKww22A5RqeFsRpf46qspfxyuOt1
KrP6FRCZnsaZglM4GqrP2ppKUN0gf6OtcwDhlk5gCl6gBaIKTY15X0Sa80YThw1H
w/6M+6VXzKXdkYdMD0oxrwyLnfKPC3dznq6YSmKOu3H5DwcLiyaHToh31eBQ+mfr
3uEdWLTTylcInoO5ljPOVmVbEBoSOuEGof/JNQgofz0rL8EqSoRt9ABgJeTa7VKh
TqCNTS3BsIPp0W6pTGok9zdj76s/O7trw58gC8IT2mp2CZuuUcAR9qwcQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGj17mX8+dmUbG6hrxX1Z1tNH1lgMB8GA1UdIwQY
MBaAFDNraeLdKbvkiUbE1YrGDrI9/5XFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJ0cDR0MHB1LVNKUnNUVmlzWU9zajNfbGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ZjQxZjEtMDVhYS00Y2FlLWIwOTEt
MmIxNTZmZGY3MjQzLzEvYVBYdVpmejUyWlJzYnFHdkZmVm5XMDBmV1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ZjQxZjEtMDVhYS00Y2FlLWIwOTEtMmIxNTZmZGY3MjQz
LzEvTTJ0cDR0MHB1LVNKUnNUVmlzWU9zajNfbGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXnxgMA0G
CSqGSIb3DQEBCwUAA4IBAQCPVwdfbLbLVq6mkfIevj+mG9z35M9DcekjlADgoEQt
HduKce28/S9KnxL/A4PvzZnuLzGGYe4OlF1juaisWYKzywhsTSrEUioV7fG6K39+
XoMHBRrGkOdCSNUhQtbX0OvvyCkafOy9jHvJlTNxr2s6Cv8T+PJ7fwvRE+54vabv
I8jC8OjfdMTwSxm3jaiIbyq1TaYF2uotDnNFavd4HWRLK/OK69kCIAIgYd8lNhWH
rlNp9wReKJl/H5irFiUT24DpwnnnD3boUaBq2Fg7sM69c9w0ffDTb010oEDmLLPf
quNQAuI8h/3dbuZO5DMmAjsBd4aE8gsxSgIECMvNwldF
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:02:34 2025 by rpki-client