Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/R12AgdneGd4IinauuD2IQCzaNdo.roa
File: R12AgdneGd4IinauuD2IQCzaNdo.roa (raw, json)
Hash identifier: 0Vf4DfoprRpqIbS3viTk0elhBi8JnCMTTU8OHnzZBdQ=
Subject key identifier: 47:5D:80:81:D9:DE:19:DE:08:8A:76:AE:B8:3D:88:40:2C:DA:35:DA
Certificate issuer: /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Certificate serial: 0194228D19ED4BD5449D03BF346812ECFB9A
Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/R12AgdneGd4IinauuD2IQCzaNdo.roa
Signing time: Wed 01 Jan 2025 15:47:40 +0000
ROA not before: Wed 01 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 94.16.128.0/17 maxlen: 24
185.74.160.0/22 maxlen: 22
2a00:9fe0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:19:ed:4b:d5:44:9d:03:bf:34:68:12:ec:fb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Validity
Not Before: Jan 1 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=475d8081d9de19de088a76aeb83d88402cda35da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e8:20:f8:89:c8:d4:f3:96:9d:1d:4e:b0:54:
54:77:7f:e0:37:29:0c:0c:58:5b:5e:59:1d:5f:6b:
8e:70:4a:c0:d2:31:4f:e8:1e:9c:b8:24:5c:c8:82:
2e:77:11:87:c1:82:88:06:40:98:78:a5:46:6c:b4:
26:19:03:6b:66:27:12:3d:fa:4a:de:50:df:b2:25:
5c:a2:48:54:31:a6:81:2f:7e:64:87:e0:8c:05:14:
e2:1a:dd:51:6e:04:aa:d0:9f:fe:a4:f8:41:4d:a4:
58:23:4a:36:12:1e:46:fb:c1:1a:4c:f4:d4:06:c2:
5e:ce:eb:79:04:5b:a9:fe:a0:b1:c1:b6:3d:45:d5:
27:c0:cc:3d:f9:03:60:7e:e7:85:c8:18:4a:20:45:
24:69:a0:79:8b:4a:df:5a:e3:7c:3b:2d:fe:ea:9c:
4d:38:5b:14:f7:f6:3b:93:0d:87:4f:da:bc:5e:a9:
c0:d5:1a:9b:1c:65:9c:f2:76:97:ac:77:d5:b4:27:
5b:55:9b:9f:f8:c8:62:be:8e:91:9e:1e:3c:51:10:
3e:df:c6:dc:84:f7:39:f2:f9:61:3f:2f:54:9d:25:
b7:71:82:33:b0:e1:5a:82:59:4b:8d:82:cd:01:07:
3a:60:27:d1:81:aa:2f:65:1a:3e:a7:64:de:fc:da:
e0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5D:80:81:D9:DE:19:DE:08:8A:76:AE:B8:3D:88:40:2C:DA:35:DA
X509v3 Authority Key Identifier:
keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/R12AgdneGd4IinauuD2IQCzaNdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.128.0/17
185.74.160.0/22
IPv6:
2a00:9fe0::/29
Signature Algorithm: sha256WithRSAEncryption
01:75:71:aa:e5:4f:e7:d3:65:c9:8b:13:df:92:87:79:6c:f7:
3e:a7:05:33:e3:7c:3a:f3:9e:7a:c1:fe:a0:53:fa:bc:58:fe:
ea:04:f0:fc:50:50:cc:58:6c:a4:96:f8:f1:25:ae:d7:b9:6e:
96:5b:2e:87:e4:4d:fe:70:74:44:49:c0:93:79:11:3b:fb:4a:
ef:65:e1:2e:fa:41:4f:34:cc:82:47:0b:51:fa:e0:22:eb:ea:
72:07:c0:cf:99:03:90:0f:d6:0b:9e:e8:5b:35:fc:9b:ea:cd:
47:c5:27:46:3e:61:e8:f2:20:d8:ff:51:42:c1:77:2f:dc:c9:
7d:61:59:4f:6d:1d:e6:a9:cb:a1:26:c1:b9:3e:bd:a2:b9:ca:
6e:d0:0b:b0:b3:1d:b3:a2:c8:69:c8:7b:81:4e:81:2a:a9:2b:
9e:32:25:16:63:85:96:f2:0a:1e:d1:cd:27:c6:d3:b2:cb:06:
7b:ee:01:55:12:fd:aa:75:d3:f0:8d:af:e9:34:27:90:b3:23:
7b:12:0d:de:b9:f8:94:87:58:19:2c:f2:4f:93:bf:0d:da:e9:
a2:98:25:dc:77:f7:3f:5a:6c:3a:f9:ad:af:80:7f:f9:46:60:
aa:fc:a0:6f:ed:51:46:57:65:f5:cf:b7:38:d0:c4:6e:a7:76:
23:13:4c:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijRntS9VEnQO/NGgS7PuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5
OTZkYzgwHhcNMjUwMTAxMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzVkODA4MWQ5ZGUxOWRlMDg4YTc2YWViODNkODg0MDJjZGEzNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnugg+InI1POWnR1OsFRUd3/gNykM
DFhbXlkdX2uOcErA0jFP6B6cuCRcyIIudxGHwYKIBkCYeKVGbLQmGQNrZicSPfpK
3lDfsiVcokhUMaaBL35kh+CMBRTiGt1RbgSq0J/+pPhBTaRYI0o2Eh5G+8EaTPTU
BsJezut5BFup/qCxwbY9RdUnwMw9+QNgfueFyBhKIEUkaaB5i0rfWuN8Oy3+6pxN
OFsU9/Y7kw2HT9q8XqnA1RqbHGWc8naXrHfVtCdbVZuf+Mhivo6Rnh48URA+38bc
hPc58vlhPy9UnSW3cYIzsOFagllLjYLNAQc6YCfRgaovZRo+p2Te/NrgMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEddgIHZ3hneCIp2rrg9iEAs2jXaMB8GA1UdIwQY
MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt
OWI1ZDc2YTk0OWY0LzEvUjEyQWdkbmVHZDRJaW5hdXVEMklRQ3phTmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0
LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHXhCAAwQC
uUqgMA0EAgACMAcDBQMqAJ/gMA0GCSqGSIb3DQEBCwUAA4IBAQABdXGq5U/n02XJ
ixPfkod5bPc+pwUz43w68556wf6gU/q8WP7qBPD8UFDMWGyklvjxJa7XuW6WWy6H
5E3+cHREScCTeRE7+0rvZeEu+kFPNMyCRwtR+uAi6+pyB8DPmQOQD9YLnuhbNfyb
6s1HxSdGPmHo8iDY/1FCwXcv3Ml9YVlPbR3mqcuhJsG5Pr2iucpu0Auwsx2zoshp
yHuBToEqqSueMiUWY4WW8goe0c0nxtOyywZ77gFVEv2qddPwja/pNCeQsyN7Eg3e
ufiUh1gZLPJPk78N2umimCXcd/c/Wmw6+a2vgH/5RmCq/KBv7VFGV2X1z7c40MRu
p3YjE0w6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:30 2025 by rpki-client