Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/z7AQJTu3zDcIy3wsI0gDsKXmfIk.roa
File: z7AQJTu3zDcIy3wsI0gDsKXmfIk.roa (raw, json)
Hash identifier: BlzUZPQmB8DS1g+Oo4a8TBSK9ba1R39LQ1VQhMNBlbs=
Subject key identifier: CF:B0:10:25:3B:B7:CC:37:08:CB:7C:2C:23:48:03:B0:A5:E6:7C:89
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 01896499DB3C9F7CC619704C808B91C48D0C
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/z7AQJTu3zDcIy3wsI0gDsKXmfIk.roa
Signing time: Mon 17 Jul 2023 16:05:51 +0000
ROA not before: Mon 17 Jul 2023 16:05:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 94.158.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:99:db:3c:9f:7c:c6:19:70:4c:80:8b:91:c4:8d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jul 17 16:05:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfb010253bb7cc3708cb7c2c234803b0a5e67c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:2b:9b:fb:54:8f:44:73:bb:0f:e0:d2:04:
16:26:e1:35:6e:ec:ca:16:04:2b:0b:b3:b8:b1:64:
97:d1:d6:53:c8:23:03:f6:58:b1:a0:1a:85:8a:49:
b2:af:f6:d1:88:bd:8a:28:9a:99:86:33:ad:78:11:
2c:7a:14:34:18:05:7b:8f:b8:93:77:b3:fc:10:9b:
66:b0:28:4d:e0:89:72:af:52:87:ef:ae:8e:d7:9b:
3c:6c:1d:3d:d9:cc:f8:cb:76:a4:7b:f6:b9:98:6e:
17:9a:aa:7b:e4:7a:3b:3a:ce:7f:1c:4f:39:76:c9:
4f:3e:75:38:d3:15:3a:be:1e:0c:24:2c:f0:06:4b:
33:88:e5:af:ac:1f:d4:a8:3c:30:e3:21:81:53:57:
4e:2f:39:00:af:eb:ff:b4:81:5e:91:68:42:f7:66:
a1:0a:4a:f2:fd:5e:7c:86:32:4a:63:6a:2f:11:65:
08:35:15:bf:13:1c:85:a0:ae:a5:57:a1:b5:ef:5a:
c5:2d:4b:ad:74:89:ac:df:04:c5:49:b3:cf:18:dd:
58:b9:79:1f:58:dd:a2:2b:cc:58:be:c4:9f:ae:0f:
bc:3b:32:dd:9e:0c:e3:f7:d9:ef:1a:98:d9:b1:d1:
e4:1f:bf:cd:61:8f:5c:e7:2a:9f:80:2a:71:93:c8:
d6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B0:10:25:3B:B7:CC:37:08:CB:7C:2C:23:48:03:B0:A5:E6:7C:89
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/z7AQJTu3zDcIy3wsI0gDsKXmfIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.189.0/24
Signature Algorithm: sha256WithRSAEncryption
07:0a:e9:d4:bc:fe:a0:3e:84:bc:e6:de:29:3f:f2:6c:20:8d:
20:4a:da:6b:c3:cc:1a:f7:46:5c:01:82:70:e2:f4:2a:5a:e1:
da:dc:22:f1:35:de:31:61:0b:bc:2f:d7:83:7a:be:66:04:b0:
de:2c:5d:21:08:be:95:40:0a:80:6d:c5:e5:3a:34:97:b1:d0:
1d:2c:d4:55:ce:12:00:e1:3b:cc:dc:80:20:80:0e:85:fa:54:
d0:3b:54:15:7b:4f:25:73:16:89:78:28:62:5c:c5:a5:8e:3e:
41:be:a0:40:64:44:71:a1:e5:c7:87:05:48:1b:52:ab:12:ed:
4d:b0:14:c0:c2:a1:30:2f:2a:f5:24:e5:11:9a:0e:cd:e3:c4:
ae:43:ad:2e:88:62:4b:fa:e1:fc:ce:e0:04:0a:7d:7d:11:af:
55:2d:72:c3:e9:24:7d:4f:da:35:64:bd:37:56:84:d8:e3:02:
c0:e7:5e:c5:6f:d8:9e:65:ad:6d:ac:5e:de:51:8f:b2:6b:30:
71:7a:1d:e3:11:ac:f8:e2:c0:b2:09:57:11:46:65:25:fe:91:
bc:fe:e5:f9:96:a8:f7:33:b0:6f:e6:47:e7:41:27:bc:c6:dd:
b9:fc:eb:d2:15:9a:e5:f2:e9:c8:21:c6:2b:54:f4:00:f7:2b:
75:b9:b0:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkmds8n3zGGXBMgIuRxI0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjMwNzE3MTYwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmIwMTAyNTNiYjdjYzM3MDhjYjdjMmMyMzQ4MDNiMGE1ZTY3Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCkrm/tUj0Rzuw/g0gQWJuE1buzK
FgQrC7O4sWSX0dZTyCMD9lixoBqFikmyr/bRiL2KKJqZhjOteBEsehQ0GAV7j7iT
d7P8EJtmsChN4Ilyr1KH766O15s8bB092cz4y3ake/a5mG4Xmqp75Ho7Os5/HE85
dslPPnU40xU6vh4MJCzwBksziOWvrB/UqDww4yGBU1dOLzkAr+v/tIFekWhC92ah
Ckry/V58hjJKY2ovEWUINRW/ExyFoK6lV6G171rFLUutdIms3wTFSbPPGN1YuXkf
WN2iK8xYvsSfrg+8OzLdngzj99nvGpjZsdHkH7/NYY9c5yqfgCpxk8jW8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+wECU7t8w3CMt8LCNIA7Cl5nyJMB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvejdBUUpUdTN6RGNJeTN3c0kwZ0RzS1htZklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXp69MA0G
CSqGSIb3DQEBCwUAA4IBAQAHCunUvP6gPoS85t4pP/JsII0gStprw8wa90ZcAYJw
4vQqWuHa3CLxNd4xYQu8L9eDer5mBLDeLF0hCL6VQAqAbcXlOjSXsdAdLNRVzhIA
4TvM3IAggA6F+lTQO1QVe08lcxaJeChiXMWljj5BvqBAZERxoeXHhwVIG1KrEu1N
sBTAwqEwLyr1JOURmg7N48SuQ60uiGJL+uH8zuAECn19Ea9VLXLD6SR9T9o1ZL03
VoTY4wLA517Fb9ieZa1trF7eUY+yazBxeh3jEaz44sCyCVcRRmUl/pG8/uX5lqj3
M7Bv5kfnQSe8xt25/OvSFZrl8unIIcYrVPQA9yt1ubDK
-----END CERTIFICATE-----
Generated at Mon May 12 11:08:57 2025 by rpki-client