Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/cKSZQKXyAF0G0vyuiRHHPyfZQq4.roa
File: cKSZQKXyAF0G0vyuiRHHPyfZQq4.roa (raw, json)
Hash identifier: DcuzzDFe3qcourfVZ2veNoFqQVI1cwowJJ/3y1WNt8I=
Subject key identifier: 70:A4:99:40:A5:F2:00:5D:06:D2:FC:AE:89:11:C7:3F:27:D9:42:AE
Certificate issuer: /CN=b4b4068b321f40232356de541bd68bd444906ba5
Certificate serial: 01867FAC3374797E07F1DF87E2605C288966
Authority key identifier: B4:B4:06:8B:32:1F:40:23:23:56:DE:54:1B:D6:8B:D4:44:90:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tLQGizIfQCMjVt5UG9aL1ESQa6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/cKSZQKXyAF0G0vyuiRHHPyfZQq4.roa
Signing time: Thu 23 Feb 2023 19:07:17 +0000
ROA not before: Thu 23 Feb 2023 19:07:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 194.62.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:ac:33:74:79:7e:07:f1:df:87:e2:60:5c:28:89:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4b4068b321f40232356de541bd68bd444906ba5
Validity
Not Before: Feb 23 19:07:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a49940a5f2005d06d2fcae8911c73f27d942ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0b:c4:e8:c9:be:8a:cc:c0:5d:2c:72:d9:c3:
9f:35:15:e7:91:3b:91:5e:91:e4:c2:c5:7f:7d:7e:
ca:71:69:92:54:9f:4b:b5:49:30:10:b1:e2:04:8a:
41:27:70:99:04:6b:64:93:00:5c:36:df:22:98:97:
ff:c3:c2:5f:9d:c0:e7:85:40:bd:cf:f4:89:ed:3b:
45:8f:fa:9d:9c:bf:06:8d:0c:7f:81:e8:d0:c5:25:
4d:97:a4:e9:dd:a5:7a:f7:39:f8:fd:ff:82:ea:33:
1d:ea:91:78:27:31:4a:eb:d8:55:8e:29:31:ec:72:
e5:99:fb:1f:a6:b4:b5:8b:ff:6f:96:d9:89:0c:e9:
13:47:ea:c9:d6:d3:98:28:74:61:67:f0:fe:17:a2:
e3:4e:ad:0c:f2:c5:a0:c6:f7:40:ab:86:9c:4a:be:
5e:e3:e2:42:0e:d6:cc:6a:56:2f:c6:8a:63:dc:d4:
e7:79:bd:6d:60:26:3e:92:d2:71:8c:53:40:e3:00:
24:dd:2c:8c:08:34:32:5a:35:97:e3:f7:08:3c:e0:
77:95:43:ac:e9:33:6f:03:fd:4f:72:d7:37:67:d7:
3a:39:5e:38:6f:9b:a6:b7:a5:8f:af:1c:0c:fb:6c:
c7:81:98:e9:85:70:88:69:a7:6e:cb:cd:20:86:aa:
ca:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:99:40:A5:F2:00:5D:06:D2:FC:AE:89:11:C7:3F:27:D9:42:AE
X509v3 Authority Key Identifier:
keyid:B4:B4:06:8B:32:1F:40:23:23:56:DE:54:1B:D6:8B:D4:44:90:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tLQGizIfQCMjVt5UG9aL1ESQa6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/cKSZQKXyAF0G0vyuiRHHPyfZQq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/8e10ca-0fb5-4b61-8ae6-54b669258eb2/1/tLQGizIfQCMjVt5UG9aL1ESQa6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.104.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:2f:47:94:50:f7:26:bf:ff:bf:a0:a5:eb:54:27:d2:52:4d:
08:10:79:6f:a7:fd:38:a7:4b:84:d9:98:e6:88:02:ff:29:76:
f8:86:d8:6d:9a:db:19:b2:2b:3e:f3:a6:ad:9e:59:8d:21:0c:
79:bf:28:e0:89:5c:36:9c:43:f6:65:fe:fd:e1:99:f6:a1:4a:
6a:32:4b:98:91:93:95:c5:ec:26:e9:77:8d:ef:f2:35:86:db:
c6:0a:d5:f9:47:21:39:45:91:98:a2:de:6e:c1:bf:14:0b:4c:
e7:ee:e8:a9:ee:39:a9:01:64:0b:05:8e:39:9c:c0:4c:7b:4a:
66:70:1b:c7:2e:e2:d3:4b:41:e0:f6:0a:aa:bb:20:94:cf:14:
43:4b:ea:79:9d:bc:04:2f:fd:c2:b7:55:9d:a0:11:c7:94:f2:
15:88:c5:7e:ae:ee:02:bd:83:14:32:e0:53:0b:fa:48:2a:70:
7a:d3:e6:04:47:69:c3:65:fc:40:23:83:e6:79:91:70:ae:5d:
b3:e7:4b:0f:9a:97:07:1c:27:50:94:96:74:d9:82:cf:df:47:
97:1d:55:6b:73:af:1d:a6:c3:28:14:c5:7f:cb:c2:42:a6:47:
06:d3:59:5a:38:1b:a0:16:58:83:8e:f4:36:a9:00:4d:d9:5c:
d3:9f:e0:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ/rDN0eX4H8d+H4mBcKIlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YjQwNjhiMzIxZjQwMjMyMzU2ZGU1NDFiZDY4YmQ0NDQ5
MDZiYTUwHhcNMjMwMjIzMTkwNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE0OTk0MGE1ZjIwMDVkMDZkMmZjYWU4OTExYzczZjI3ZDk0MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gvE6Mm+iszAXSxy2cOfNRXnkTuR
XpHkwsV/fX7KcWmSVJ9LtUkwELHiBIpBJ3CZBGtkkwBcNt8imJf/w8JfncDnhUC9
z/SJ7TtFj/qdnL8GjQx/gejQxSVNl6Tp3aV69zn4/f+C6jMd6pF4JzFK69hVjikx
7HLlmfsfprS1i/9vltmJDOkTR+rJ1tOYKHRhZ/D+F6LjTq0M8sWgxvdAq4acSr5e
4+JCDtbMalYvxopj3NTneb1tYCY+ktJxjFNA4wAk3SyMCDQyWjWX4/cIPOB3lUOs
6TNvA/1Pctc3Z9c6OV44b5umt6WPrxwM+2zHgZjphXCIaaduy80ghqrKcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCkmUCl8gBdBtL8rokRxz8n2UKuMB8GA1UdIwQY
MBaAFLS0BosyH0AjI1beVBvWi9REkGulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdExRR2l6SWZRQ01qVnQ1VUc5YUwxRVNRYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84ZTEwY2EtMGZiNS00YjYxLThhZTYt
NTRiNjY5MjU4ZWIyLzEvY0tTWlFLWHlBRjBHMHZ5dWlSSEhQeWZaUXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84ZTEwY2EtMGZiNS00YjYxLThhZTYtNTRiNjY5MjU4ZWIy
LzEvdExRR2l6SWZRQ01qVnQ1VUc5YUwxRVNRYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj5oMA0G
CSqGSIb3DQEBCwUAA4IBAQBcL0eUUPcmv/+/oKXrVCfSUk0IEHlvp/04p0uE2Zjm
iAL/KXb4hthtmtsZsis+86atnlmNIQx5vyjgiVw2nEP2Zf794Zn2oUpqMkuYkZOV
xewm6XeN7/I1htvGCtX5RyE5RZGYot5uwb8UC0zn7uip7jmpAWQLBY45nMBMe0pm
cBvHLuLTS0Hg9gqquyCUzxRDS+p5nbwEL/3Ct1WdoBHHlPIViMV+ru4CvYMUMuBT
C/pIKnB60+YER2nDZfxAI4PmeZFwrl2z50sPmpcHHCdQlJZ02YLP30eXHVVrc68d
psMoFMV/y8JCpkcG01laOBugFliDjvQ2qQBN2VzTn+An
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:52:36 2025 by rpki-client