Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/ciP1spFr2_o_EBhqxTe6aMvGvkA.roa
File: ciP1spFr2_o_EBhqxTe6aMvGvkA.roa (raw, json)
Hash identifier: AKwquD3UG3Z1hS2wX4Uxf46U2nHmkIYt2HeMVo+Ri78=
Subject key identifier: 72:23:F5:B2:91:6B:DB:FA:3F:10:18:6A:C5:37:BA:68:CB:C6:BE:40
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018571BA0ABE92AAA256046A74EA5F47EF11
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/ciP1spFr2_o_EBhqxTe6aMvGvkA.roa
Signing time: Mon 02 Jan 2023 09:04:55 +0000
ROA not before: Mon 02 Jan 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213277
IP address blocks: 94.46.24.0/24 maxlen: 24
2a00:1651::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0a:be:92:aa:a2:56:04:6a:74:ea:5f:47:ef:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jan 2 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7223f5b2916bdbfa3f10186ac537ba68cbc6be40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:df:c8:e6:22:e3:f1:48:da:b6:42:95:0a:7e:
22:b5:e4:c9:fd:5e:65:21:fc:bd:6f:5c:9e:c6:16:
9e:4b:26:1e:23:bd:67:1c:95:33:55:b5:25:f5:08:
61:f5:2e:18:18:9d:9b:4e:bc:64:e8:43:c8:79:a3:
d7:42:33:38:a8:3e:db:ac:ae:7b:e3:ae:80:d0:de:
64:2b:d4:45:7a:9e:63:e9:84:f8:35:08:fb:c2:c1:
ff:1f:9e:02:a1:9a:4b:d3:45:52:15:cc:60:b7:0c:
43:3b:25:ae:de:98:36:4c:3f:b7:e4:71:14:31:f2:
5a:a2:f0:90:9f:56:86:ca:ef:a0:c1:a7:7b:b1:29:
44:9c:23:33:6b:93:79:44:04:89:25:8d:f4:00:e4:
f7:16:e3:33:df:fc:88:98:1c:b7:06:95:82:89:92:
99:5c:3b:88:f5:f8:11:38:10:50:4c:f2:71:1c:57:
48:20:18:9a:97:5e:af:70:19:99:b3:61:48:92:88:
55:bf:ed:90:5b:89:e9:7f:d5:26:c8:a3:88:7f:a3:
fb:16:e3:41:c9:8b:f4:53:f8:7b:f5:1e:28:f2:73:
11:52:53:90:58:75:6c:52:ef:c0:7d:21:a9:28:c9:
57:08:42:2b:33:0d:71:99:78:28:40:f1:d9:81:76:
ea:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:23:F5:B2:91:6B:DB:FA:3F:10:18:6A:C5:37:BA:68:CB:C6:BE:40
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/ciP1spFr2_o_EBhqxTe6aMvGvkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.46.24.0/24
IPv6:
2a00:1651::/33
Signature Algorithm: sha256WithRSAEncryption
47:a4:46:4c:d9:e4:24:c5:2b:2d:a8:97:e3:0f:a3:ca:56:b4:
ec:9b:ad:fd:b4:a5:0a:7b:ab:84:f7:88:d0:92:bc:6c:fd:c9:
16:c6:83:14:f2:5e:3a:ab:68:ee:1a:27:27:9c:64:db:dc:94:
d8:14:42:50:2a:1e:c4:12:c9:85:1b:7c:f8:de:88:29:1c:4f:
b8:58:85:b2:6e:f2:50:f4:57:9d:04:cf:b0:6d:41:c2:8a:26:
0c:95:01:1e:bf:94:3c:17:08:94:d9:9e:62:5b:96:03:a6:28:
dd:80:ed:78:b8:7b:c7:1b:48:fe:f0:c4:5c:7f:97:e1:71:22:
24:45:b0:5b:d2:6f:7f:e2:10:85:af:8c:cc:c9:d4:ef:90:08:
42:06:f3:2e:9a:58:83:3e:76:14:a1:a1:35:6d:10:a6:9a:e0:
9d:61:87:ff:0e:09:ae:af:74:ff:19:ea:08:2c:06:b9:70:6b:
b9:48:5a:a7:44:26:5f:99:11:23:72:13:16:5e:ce:57:0d:8c:
64:d6:24:3d:e1:68:32:48:55:20:0f:00:a1:56:3e:4c:fc:06:
f7:10:66:35:c1:ce:3e:b4:4f:fd:d1:e2:84:5a:33:f5:3e:dc:
57:9d:a2:ee:bf:c7:9a:5a:46:59:02:52:aa:10:a3:4c:c7:2b:
0d:d5:06:90
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxugq+kqqiVgRqdOpfR+8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjMwMTAyMDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjIzZjViMjkxNmJkYmZhM2YxMDE4NmFjNTM3YmE2OGNiYzZiZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9/I5iLj8UjatkKVCn4iteTJ/V5l
Ify9b1yexhaeSyYeI71nHJUzVbUl9Qhh9S4YGJ2bTrxk6EPIeaPXQjM4qD7brK57
466A0N5kK9RFep5j6YT4NQj7wsH/H54CoZpL00VSFcxgtwxDOyWu3pg2TD+35HEU
MfJaovCQn1aGyu+gwad7sSlEnCMza5N5RASJJY30AOT3FuMz3/yImBy3BpWCiZKZ
XDuI9fgROBBQTPJxHFdIIBial16vcBmZs2FIkohVv+2QW4npf9UmyKOIf6P7FuNB
yYv0U/h79R4o8nMRUlOQWHVsUu/AfSGpKMlXCEIrMw1xmXgoQPHZgXbqZwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHIj9bKRa9v6PxAYasU3umjLxr5AMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvY2lQMXNwRnIyX29fRUJocXhUZTZhTXZHdmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAXi4YMA4E
AgACMAgDBgcqABZRADANBgkqhkiG9w0BAQsFAAOCAQEAR6RGTNnkJMUrLaiX4w+j
yla07Jut/bSlCnurhPeI0JK8bP3JFsaDFPJeOqto7honJ5xk29yU2BRCUCoexBLJ
hRt8+N6IKRxPuFiFsm7yUPRXnQTPsG1BwoomDJUBHr+UPBcIlNmeYluWA6Yo3YDt
eLh7xxtI/vDEXH+X4XEiJEWwW9Jvf+IQha+MzMnU75AIQgbzLppYgz52FKGhNW0Q
pprgnWGH/w4Jrq90/xnqCCwGuXBruUhap0QmX5kRI3ITFl7OVw2MZNYkPeFoMkhV
IA8AoVY+TPwG9xBmNcHOPrRP/dHihFoz9T7cV52i7r/HmlpGWQJSqhCjTMcrDdUG
kA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:26:39 2025 by rpki-client