Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/_d9TqHUt6Akn4mIp9hun4eZSvDY.roa
File: _d9TqHUt6Akn4mIp9hun4eZSvDY.roa (raw, json)
Hash identifier: E+7eG5ZCI82NV5+vYe7SeDuuzqJipfHrlwV+FyH2KQM=
Subject key identifier: FD:DF:53:A8:75:2D:E8:09:27:E2:62:29:F6:1B:A7:E1:E6:52:BC:36
Certificate issuer: /CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Certificate serial: 0194266BA0E73C3DCD03E5E0D716A88A9C5A
Authority key identifier: 7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/_d9TqHUt6Akn4mIp9hun4eZSvDY.roa
Signing time: Thu 02 Jan 2025 09:49:35 +0000
ROA not before: Thu 02 Jan 2025 09:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207421
IP address blocks: 94.231.214.0/24 maxlen: 24
2a10:b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a0:e7:3c:3d:cd:03:e5:e0:d7:16:a8:8a:9c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Validity
Not Before: Jan 2 09:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fddf53a8752de80927e26229f61ba7e1e652bc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f4:e2:4a:04:2f:71:6f:29:b7:85:04:15:c2:
e8:bc:4c:db:54:f7:df:e4:e7:a3:ce:d3:c2:e7:13:
c0:1a:61:65:d4:1f:a1:b4:29:7e:7a:bf:92:8f:15:
e8:38:4d:03:03:74:b1:11:a9:c2:86:0f:0c:7b:f4:
c9:0c:dd:90:8a:56:c0:5b:65:2b:f5:20:ea:3d:cf:
40:6d:b8:7e:3f:3b:c3:cb:11:77:b0:91:ee:e1:77:
80:5c:36:ab:30:0d:9b:2b:83:4b:d6:54:0f:83:ec:
dc:ea:9b:a4:6c:b0:38:ec:40:13:d1:c2:99:e6:d4:
b9:91:79:a6:1e:22:ac:bc:c9:56:5d:00:4a:27:00:
0d:39:ec:5c:17:12:d6:96:b5:de:69:bc:5c:a2:b8:
58:8b:40:6a:63:66:35:e2:ee:ef:2a:91:99:0c:47:
6f:49:41:5b:49:82:d2:77:78:39:8b:26:b3:d2:e7:
9e:f9:d1:1c:b2:f6:d0:2c:97:fe:dc:fd:ea:27:a6:
9e:8c:58:3a:49:99:72:83:61:50:bd:2a:f2:8c:d1:
98:ed:de:d5:99:22:b9:38:23:a5:de:e6:50:46:31:
e4:08:48:a2:f5:f9:41:87:c2:b6:e6:09:21:10:73:
1a:63:08:d1:74:3b:7f:8b:ab:88:f8:7c:f8:e8:df:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DF:53:A8:75:2D:E8:09:27:E2:62:29:F6:1B:A7:E1:E6:52:BC:36
X509v3 Authority Key Identifier:
keyid:7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/_d9TqHUt6Akn4mIp9hun4eZSvDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/e0fNwhx8siRnTA6v3sY6ID7uMQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.214.0/24
IPv6:
2a10:b00::/29
Signature Algorithm: sha256WithRSAEncryption
18:98:90:8b:fc:96:bd:88:c4:9f:84:5f:c5:38:43:71:24:91:
33:4a:46:90:5a:9e:fc:79:70:68:a7:15:79:b1:9a:ce:19:43:
a8:14:5e:bb:61:b8:19:dc:f2:bb:11:4f:33:bc:cd:a3:8c:f6:
71:00:cb:71:67:ae:f2:4f:d1:14:a3:74:91:01:ce:9a:b2:ca:
63:89:d6:ff:b0:be:62:5f:aa:e1:c5:76:6d:60:11:fb:dc:95:
82:a6:c9:02:7d:76:99:83:38:0d:04:5f:ce:8d:f4:e5:ec:25:
1d:82:46:6b:0b:60:c3:65:77:05:70:9c:bf:f2:f2:83:4d:fc:
29:c0:b4:e4:bd:b9:55:47:b3:4a:dd:34:9f:30:53:3b:0b:2c:
ba:95:d6:82:9b:be:06:e1:63:7e:6c:69:06:2a:4c:eb:fe:48:
e2:ad:8c:72:4e:9a:51:e0:a0:c9:fa:2e:4c:37:78:5c:24:47:
e0:aa:f4:ae:bf:8d:18:4e:4f:84:d9:9d:80:93:e4:53:7a:14:
77:e5:ec:84:85:57:e6:26:87:42:fd:69:6f:c7:b7:59:51:21:
5e:10:34:48:06:e8:27:29:bd:dc:b4:e0:98:ab:1c:61:4b:aa:
19:a0:6f:69:32:98:1d:92:17:61:ce:2a:d7:78:39:20:f7:7e:
b3:6c:d8:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma6DnPD3NA+Xg1xaoipxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDdjZGMyMWM3Y2IyMjQ2NzRjMGVhZmRlYzYzYTIwM2Vl
ZTMxMDgwHhcNMjUwMTAyMDk0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRmNTNhODc1MmRlODA5MjdlMjYyMjlmNjFiYTdlMWU2NTJiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvTiSgQvcW8pt4UEFcLovEzbVPff
5OejztPC5xPAGmFl1B+htCl+er+SjxXoOE0DA3SxEanChg8Me/TJDN2QilbAW2Ur
9SDqPc9Abbh+PzvDyxF3sJHu4XeAXDarMA2bK4NL1lQPg+zc6pukbLA47EAT0cKZ
5tS5kXmmHiKsvMlWXQBKJwANOexcFxLWlrXeabxcorhYi0BqY2Y14u7vKpGZDEdv
SUFbSYLSd3g5iyaz0uee+dEcsvbQLJf+3P3qJ6aejFg6SZlyg2FQvSryjNGY7d7V
mSK5OCOl3uZQRjHkCEii9flBh8K25gkhEHMaYwjRdDt/i6uI+Hz46N/oFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP3fU6h1LegJJ+JiKfYbp+HmUrw2MB8GA1UdIwQY
MBaAFHtHzcIcfLIkZ0wOr97GOiA+7jEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQt
MDc1NTc4YzM3YWNhLzEvX2Q5VHFIVXQ2QWtuNG1JcDlodW40ZVpTdkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQtMDc1NTc4YzM3YWNh
LzEvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXufWMA0E
AgACMAcDBQMqEAsAMA0GCSqGSIb3DQEBCwUAA4IBAQAYmJCL/Ja9iMSfhF/FOENx
JJEzSkaQWp78eXBopxV5sZrOGUOoFF67YbgZ3PK7EU8zvM2jjPZxAMtxZ67yT9EU
o3SRAc6asspjidb/sL5iX6rhxXZtYBH73JWCpskCfXaZgzgNBF/OjfTl7CUdgkZr
C2DDZXcFcJy/8vKDTfwpwLTkvblVR7NK3TSfMFM7Cyy6ldaCm74G4WN+bGkGKkzr
/kjirYxyTppR4KDJ+i5MN3hcJEfgqvSuv40YTk+E2Z2Ak+RTehR35eyEhVfmJodC
/Wlvx7dZUSFeEDRIBugnKb3ctOCYqxxhS6oZoG9pMpgdkhdhzirXeDkg936zbNjX
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:12 2025 by rpki-client