Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/qx0ToavkP_Eeb-ITBmp1zLb9YP0.roa
File: qx0ToavkP_Eeb-ITBmp1zLb9YP0.roa (raw, json)
Hash identifier: 8rE2MybCVx0rIwJ6hnvJsBpsOzon/B7HzMNsY96dmqI=
Subject key identifier: AB:1D:13:A1:AB:E4:3F:F1:1E:6F:E2:13:06:6A:75:CC:B6:FD:60:FD
Certificate issuer: /CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Certificate serial: 0931217A
Authority key identifier: A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/qx0ToavkP_Eeb-ITBmp1zLb9YP0.roa
Signing time: Sat 01 Jan 2022 07:00:49 +0000
ROA not before: Sat 01 Jan 2022 07:00:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47724
IP address blocks: 94.124.200.0/21 maxlen: 21
94.124.200.0/22 maxlen: 24
94.124.206.0/23 maxlen: 24
2a0d:bd80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154214778 (0x931217a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Validity
Not Before: Jan 1 07:00:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab1d13a1abe43ff11e6fe213066a75ccb6fd60fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c9:52:56:51:ec:33:91:31:89:ac:54:7b:81:
aa:fc:fe:b8:08:7d:e8:a1:37:39:20:5e:28:2c:62:
b5:d4:7b:5e:63:ec:c5:39:97:83:c6:8b:0b:dd:30:
ac:9f:1f:35:07:6e:9a:1d:05:6c:7f:ba:82:1b:3a:
2a:b9:b1:2a:82:43:4a:84:45:a6:e1:25:e1:53:d4:
30:a9:73:db:b4:81:3c:fc:41:72:57:cd:39:9a:66:
83:94:7f:b1:8c:27:29:17:41:67:4f:f4:b6:04:9d:
88:6c:aa:3e:d0:45:8b:45:7c:1d:2e:dc:ec:06:ac:
ed:d8:da:8b:0d:25:2b:99:0d:c5:d7:3a:6e:c3:43:
86:98:28:ca:47:60:31:00:49:bb:7c:a5:99:5a:a5:
44:13:99:d8:e0:69:47:00:97:9a:74:df:fa:11:cc:
96:4a:ac:36:11:24:5b:88:52:c8:eb:73:5d:11:55:
40:1c:39:d1:a0:69:6a:28:14:ad:39:17:7c:7e:c6:
b3:78:ac:ee:12:2e:74:96:38:60:bc:80:c8:f8:1d:
35:75:49:3d:65:fa:a6:4c:e0:0d:60:c6:94:da:7c:
52:76:b0:ea:ac:2c:95:79:84:4f:7d:52:bb:10:cd:
57:3f:79:33:7c:dd:dd:60:20:49:b2:83:eb:09:98:
b2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1D:13:A1:AB:E4:3F:F1:1E:6F:E2:13:06:6A:75:CC:B6:FD:60:FD
X509v3 Authority Key Identifier:
keyid:A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/qx0ToavkP_Eeb-ITBmp1zLb9YP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.200.0/21
IPv6:
2a0d:bd80::/29
Signature Algorithm: sha256WithRSAEncryption
26:ff:2c:9e:56:28:00:88:33:3f:75:a0:3f:20:00:d3:98:d5:
d4:74:30:bc:e6:36:16:81:47:8e:40:44:7c:5b:b0:92:cb:ea:
20:79:c9:74:4c:60:8d:90:f9:12:dd:ae:f8:b6:66:c8:be:cb:
86:57:6d:26:af:ae:52:7b:51:e4:22:b4:b6:27:46:5d:ea:69:
96:4f:0f:f7:1f:3b:cf:c5:bc:20:ca:07:03:cd:0d:dd:fc:c6:
c7:08:bf:79:6a:40:36:2a:bc:cc:03:19:85:0a:22:e2:e6:0b:
93:3d:f8:0c:c4:e9:68:62:90:2b:62:db:53:b1:a6:b2:5c:4e:
b3:37:74:91:3d:57:38:96:95:39:ba:f2:43:01:f4:e4:d0:cd:
af:e9:bf:89:8c:2e:b3:61:56:fc:67:d9:af:03:dd:68:b5:e8:
b0:39:74:44:92:6c:ea:12:9b:a7:59:83:ba:57:37:76:0c:28:
96:e2:60:f2:65:6d:b5:af:84:39:bc:44:20:af:bd:f1:3a:eb:
33:83:d8:c7:1f:1c:22:12:cb:cc:ea:97:34:b0:6c:3c:fe:fa:
bd:fb:77:80:4b:0a:cf:e1:a8:d6:73:4a:e8:e2:d1:05:f1:65:
f7:74:10:b0:f4:ba:2b:78:58:8b:7d:59:18:95:a9:24:27:3b:
5a:c4:6e:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECTEhejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2FhOGRkMTE4NzY2YWVkM2IwOWVkNjlmMmU0N2RjMWQyYzE2MTU5MB4XDTIyMDEw
MTA3MDA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWIxZDEzYTFhYmU0
M2ZmMTFlNmZlMjEzMDY2YTc1Y2NiNmZkNjBmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzJUlZR7DORMYmsVHuBqvz+uAh96KE3OSBeKCxitdR7XmPs
xTmXg8aLC90wrJ8fNQdumh0FbH+6ghs6KrmxKoJDSoRFpuEl4VPUMKlz27SBPPxB
clfNOZpmg5R/sYwnKRdBZ0/0tgSdiGyqPtBFi0V8HS7c7Aas7djaiw0lK5kNxdc6
bsNDhpgoykdgMQBJu3ylmVqlRBOZ2OBpRwCXmnTf+hHMlkqsNhEkW4hSyOtzXRFV
QBw50aBpaigUrTkXfH7Gs3is7hIudJY4YLyAyPgdNXVJPWX6pkzgDWDGlNp8Unaw
6qwslXmET31SuxDNVz95M3zd3WAgSbKD6wmYsh8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSrHROhq+Q/8R5v4hMGanXMtv1g/TAfBgNVHSMEGDAWgBSjqo3RGHZq7TsJ
7Wny5H3B0sFhWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L282cU4wUmgyYXUwN0NlMXA4dVI5d2RMQllWay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvMzkxZTU0LWMyMWEtNDA1YS04OGFhLTYwNzk3ODkxMDBjYS8x
L3F4MFRvYXZrUF9FZWItSVRCbXAxekxiOVlQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
MzkxZTU0LWMyMWEtNDA1YS04OGFhLTYwNzk3ODkxMDBjYS8xL282cU4wUmgyYXUw
N0NlMXA4dVI5d2RMQllWay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA158yDANBAIAAjAHAwUDKg29gDAN
BgkqhkiG9w0BAQsFAAOCAQEAJv8snlYoAIgzP3WgPyAA05jV1HQwvOY2FoFHjkBE
fFuwksvqIHnJdExgjZD5Et2u+LZmyL7LhldtJq+uUntR5CK0tidGXepplk8P9x87
z8W8IMoHA80N3fzGxwi/eWpANiq8zAMZhQoi4uYLkz34DMTpaGKQK2LbU7GmslxO
szd0kT1XOJaVObryQwH05NDNr+m/iYwus2FW/GfZrwPdaLXosDl0RJJs6hKbp1mD
ulc3dgwoluJg8mVtta+EObxEIK+98TrrM4PYxx8cIhLLzOqXNLBsPP76vft3gEsK
z+Go1nNK6OLRBfFl93QQsPS6K3hYi31ZGJWpJCc7WsRuQw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:40 2025 by rpki-client