Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/a5d3a4-b1b8-4ed7-b27f-7349d293ac1a/1/x2iZIuRvun5Foj2vwW6Uquy38VA.roa
File: x2iZIuRvun5Foj2vwW6Uquy38VA.roa (raw, json)
Hash identifier: MnG+epUG9SmFBDZVNHnlneNlnA8MOYsHDiBP6BZnNBY=
Subject key identifier: C7:68:99:22:E4:6F:BA:7E:45:A2:3D:AF:C1:6E:94:AA:EC:B7:F1:50
Certificate issuer: /CN=ff748f1b9b4bd0cb60049e83c6552667756cb775
Certificate serial: 01856D6F6747399A05170F1D3DAAF6BA2678
Authority key identifier: FF:74:8F:1B:9B:4B:D0:CB:60:04:9E:83:C6:55:26:67:75:6C:B7:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3SPG5tL0MtgBJ6DxlUmZ3Vst3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/a5d3a4-b1b8-4ed7-b27f-7349d293ac1a/1/x2iZIuRvun5Foj2vwW6Uquy38VA.roa
Signing time: Sun 01 Jan 2023 13:04:55 +0000
ROA not before: Sun 01 Jan 2023 13:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197883
IP address blocks: 94.154.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:67:47:39:9a:05:17:0f:1d:3d:aa:f6:ba:26:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff748f1b9b4bd0cb60049e83c6552667756cb775
Validity
Not Before: Jan 1 13:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7689922e46fba7e45a23dafc16e94aaecb7f150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:32:11:2e:78:9f:50:fc:4d:d7:8c:27:4d:
ae:0c:da:b9:76:58:93:08:44:12:dd:c7:63:75:56:
25:cc:8d:3a:d7:d7:44:86:5e:bf:8e:db:31:5d:7e:
31:26:28:4d:ee:38:48:8c:cf:c3:3c:40:40:2c:52:
d0:72:46:b9:b2:2b:6f:3c:c9:f0:b9:f4:9e:f1:92:
a7:9c:a4:f7:40:fb:98:a5:75:d5:80:51:b1:41:24:
69:53:b0:8f:33:ae:3b:c7:5b:c5:ea:07:cd:b2:57:
72:f9:0f:8f:b7:6c:c5:1e:fd:cb:9e:7a:74:2e:bb:
98:d2:60:17:55:b9:42:c0:da:04:20:d5:2c:7b:0a:
24:be:14:7c:b2:d1:e7:17:10:51:ef:fa:49:7f:5c:
32:c8:8b:e8:24:37:b4:3d:df:52:b1:8a:52:a6:b0:
13:74:98:e7:ff:9a:6a:a7:8d:df:d6:76:13:0d:06:
57:02:de:8b:b9:36:29:2d:13:25:00:f1:e6:ff:bf:
f3:70:23:8c:96:9e:ab:0a:73:94:97:21:0a:97:b0:
79:0c:f7:a3:51:81:bb:2c:74:ad:52:8d:4e:10:66:
8c:50:a8:39:71:48:56:d1:73:7b:d5:32:7f:0a:b8:
8f:8a:4c:fa:11:aa:90:46:72:55:0c:69:21:ce:b6:
5d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:68:99:22:E4:6F:BA:7E:45:A2:3D:AF:C1:6E:94:AA:EC:B7:F1:50
X509v3 Authority Key Identifier:
keyid:FF:74:8F:1B:9B:4B:D0:CB:60:04:9E:83:C6:55:26:67:75:6C:B7:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3SPG5tL0MtgBJ6DxlUmZ3Vst3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/a5d3a4-b1b8-4ed7-b27f-7349d293ac1a/1/x2iZIuRvun5Foj2vwW6Uquy38VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/a5d3a4-b1b8-4ed7-b27f-7349d293ac1a/1/_3SPG5tL0MtgBJ6DxlUmZ3Vst3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.119.0/24
Signature Algorithm: sha256WithRSAEncryption
65:27:bf:6d:26:a4:6b:57:36:a8:83:e9:73:46:e0:b9:a9:3c:
ab:bc:da:95:83:1b:dc:14:b5:70:d7:e2:cd:4b:06:2a:c3:ab:
c3:35:6a:68:e9:4a:51:2d:64:d7:e3:58:b5:ac:56:c9:14:11:
46:c7:25:cd:10:ef:03:6e:75:f6:ea:a5:c4:e7:b1:66:fa:a4:
14:83:64:2b:7a:8e:b7:16:0e:86:92:15:3e:35:52:4d:bf:60:
18:52:b2:0b:ee:43:b2:84:a5:6d:88:da:47:5d:31:4c:8f:92:
c5:18:f8:c6:29:b0:77:89:3b:bc:29:37:77:f6:2f:4b:bc:7b:
7a:2b:fc:77:f6:e2:76:65:7d:4e:10:0d:88:fa:aa:02:6f:3a:
a8:08:62:2c:77:cd:db:ed:97:52:73:25:66:38:4f:dd:e7:b4:
b6:15:d5:27:d6:5a:15:38:ba:0b:fa:87:c7:3b:e7:1a:9b:c0:
95:24:e9:30:78:d5:ea:12:2d:7c:2c:14:35:21:e9:41:d9:05:
ba:b7:1c:3e:bd:42:9a:e7:8a:1a:d5:ad:4e:48:c3:1f:8e:d4:
63:be:f9:18:ee:cd:bf:e6:a1:b9:42:12:f0:96:e4:29:7f:d8:
53:d2:1f:fc:f0:72:04:08:bb:0b:37:6f:44:d5:16:b7:95:e4:
1c:58:78:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb2dHOZoFFw8dPar2uiZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzQ4ZjFiOWI0YmQwY2I2MDA0OWU4M2M2NTUyNjY3NzU2
Y2I3NzUwHhcNMjMwMTAxMTMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY4OTkyMmU0NmZiYTdlNDVhMjNkYWZjMTZlOTRhYWVjYjdmMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCEyES54n1D8TdeMJ02uDNq5dliT
CEQS3cdjdVYlzI0619dEhl6/jtsxXX4xJihN7jhIjM/DPEBALFLQcka5sitvPMnw
ufSe8ZKnnKT3QPuYpXXVgFGxQSRpU7CPM647x1vF6gfNsldy+Q+Pt2zFHv3Lnnp0
LruY0mAXVblCwNoEINUsewokvhR8stHnFxBR7/pJf1wyyIvoJDe0Pd9SsYpSprAT
dJjn/5pqp43f1nYTDQZXAt6LuTYpLRMlAPHm/7/zcCOMlp6rCnOUlyEKl7B5DPej
UYG7LHStUo1OEGaMUKg5cUhW0XN71TJ/CriPikz6EaqQRnJVDGkhzrZdEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdomSLkb7p+RaI9r8FulKrst/FQMB8GA1UdIwQY
MBaAFP90jxubS9DLYASeg8ZVJmd1bLd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNTUEc1dEwwTXRnQko2RHhsVW1aM1ZzdDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9hNWQzYTQtYjFiOC00ZWQ3LWIyN2Yt
NzM0OWQyOTNhYzFhLzEveDJpWkl1UnZ1bjVGb2oydndXNlVxdXkzOFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9hNWQzYTQtYjFiOC00ZWQ3LWIyN2YtNzM0OWQyOTNhYzFh
LzEvXzNTUEc1dEwwTXRnQko2RHhsVW1aM1ZzdDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpp3MA0G
CSqGSIb3DQEBCwUAA4IBAQBlJ79tJqRrVzaog+lzRuC5qTyrvNqVgxvcFLVw1+LN
SwYqw6vDNWpo6UpRLWTX41i1rFbJFBFGxyXNEO8DbnX26qXE57Fm+qQUg2Qreo63
Fg6GkhU+NVJNv2AYUrIL7kOyhKVtiNpHXTFMj5LFGPjGKbB3iTu8KTd39i9LvHt6
K/x39uJ2ZX1OEA2I+qoCbzqoCGIsd83b7ZdScyVmOE/d57S2FdUn1loVOLoL+ofH
O+cam8CVJOkweNXqEi18LBQ1IelB2QW6txw+vUKa54oa1a1OSMMfjtRjvvkY7s2/
5qG5QhLwluQpf9hT0h/88HIECLsLN29E1Ra3leQcWHh2
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:36 2025 by rpki-client