Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/PxQsDU4dJfS8-Hbb6hEQ20lM3hY.roa
File: PxQsDU4dJfS8-Hbb6hEQ20lM3hY.roa (raw, json)
Hash identifier: Dqeit+iOR0VNRG8VfbYdPMEB+sCjr1lwniFYS+pVWgk=
Subject key identifier: 3F:14:2C:0D:4E:1D:25:F4:BC:F8:76:DB:EA:11:10:DB:49:4C:DE:16
Certificate issuer: /CN=c7dd297d0898fffde28d7696795bdbd5223f8a66
Certificate serial: 01941F8C8CA670381F357357C4BAE51713A3
Authority key identifier: C7:DD:29:7D:08:98:FF:FD:E2:8D:76:96:79:5B:DB:D5:22:3F:8A:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x90pfQiY__3ijXaWeVvb1SI_imY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/PxQsDU4dJfS8-Hbb6hEQ20lM3hY.roa
Signing time: Wed 01 Jan 2025 01:48:12 +0000
ROA not before: Wed 01 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48083
IP address blocks: 94.127.96.0/21 maxlen: 24
193.53.99.0/24 maxlen: 24
193.53.100.0/24 maxlen: 24
193.116.160.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8c:a6:70:38:1f:35:73:57:c4:ba:e5:17:13:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7dd297d0898fffde28d7696795bdbd5223f8a66
Validity
Not Before: Jan 1 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f142c0d4e1d25f4bcf876dbea1110db494cde16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:08:88:25:42:1b:1f:00:bc:b1:37:0d:51:
7d:3e:b0:66:82:a9:19:c1:37:6d:80:2a:ad:18:7f:
10:5f:11:19:4f:d5:8b:74:89:98:2c:01:51:70:55:
36:31:21:2b:8c:f4:a2:e8:32:f3:63:df:0a:d2:22:
8a:54:31:a8:03:ed:a3:fc:ec:c6:8c:8f:2e:d7:3d:
f0:df:db:9e:39:38:f0:c6:7e:ee:f5:83:b6:eb:56:
5f:c6:fa:18:91:a1:cb:97:26:e9:62:2e:cc:72:7b:
0a:b7:c9:5f:e3:e8:88:03:68:72:eb:8a:62:12:8e:
97:1d:66:ea:3f:27:36:56:43:f2:b9:19:22:3a:44:
2f:4c:95:c7:75:ff:11:ed:47:87:bf:51:77:38:5b:
0f:a0:4a:c3:b0:cd:59:44:10:c5:68:c5:9b:de:94:
27:5d:ba:1d:41:63:db:b2:c1:b1:52:da:fe:36:64:
b0:7c:bf:de:b2:69:ce:db:94:30:6e:4a:06:d3:6c:
08:6e:f7:5a:b6:f1:93:1b:eb:67:d5:93:68:30:df:
41:4d:14:43:f0:b1:b0:af:42:2c:e3:5e:bf:77:95:
40:e6:71:61:9f:5c:b4:15:32:c2:6d:bf:68:84:53:
bf:5f:20:86:89:f7:82:88:86:bd:c0:a5:84:ab:74:
45:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:14:2C:0D:4E:1D:25:F4:BC:F8:76:DB:EA:11:10:DB:49:4C:DE:16
X509v3 Authority Key Identifier:
keyid:C7:DD:29:7D:08:98:FF:FD:E2:8D:76:96:79:5B:DB:D5:22:3F:8A:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x90pfQiY__3ijXaWeVvb1SI_imY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/PxQsDU4dJfS8-Hbb6hEQ20lM3hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/25e079-fcbc-418d-bec1-1f3b5b056dfc/1/x90pfQiY__3ijXaWeVvb1SI_imY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.96.0/21
193.53.99.0-193.53.100.255
193.116.160.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:8d:13:75:c9:bb:e5:3c:42:fa:74:17:ea:d4:4a:8c:8a:ef:
ee:17:49:df:54:63:c6:8e:e9:56:74:a7:76:17:7b:56:f2:73:
cc:e5:69:e5:d7:34:52:06:5e:4a:d8:7c:b5:f0:58:ab:04:39:
20:9c:71:b2:32:30:89:24:06:17:0e:93:17:e0:48:f5:0d:57:
a7:97:8d:99:ae:4b:6e:bb:f8:43:56:10:4e:ef:ee:48:44:dc:
08:4d:90:59:45:76:de:6f:2a:16:88:68:83:cd:d5:db:a2:d0:
4d:85:a6:b3:fa:25:b4:90:d5:07:8a:f2:98:26:d0:7a:8e:a6:
b6:bd:fa:2b:08:6a:da:f2:1d:83:34:36:e4:c9:97:a9:e2:d8:
90:cc:a9:bc:1d:03:a9:d6:b3:9b:ba:08:c2:b6:ff:ab:68:c2:
1d:b7:61:ea:92:c8:6e:fd:a4:9c:be:95:62:0f:94:42:a1:7e:
5f:80:f1:57:2d:a3:c8:28:fd:5b:a0:f9:dd:c8:b4:39:1b:e6:
79:18:50:73:95:b5:29:49:5d:8c:a3:26:f5:e7:19:13:47:df:
55:ca:16:12:5f:9f:22:50:a9:8c:a6:44:fe:cc:19:ae:36:54:
f9:3f:42:9f:99:34:99:49:bb:a9:5b:12:cc:a9:76:78:68:1c:
21:07:f8:be
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQfjIymcDgfNXNXxLrlFxOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZGQyOTdkMDg5OGZmZmRlMjhkNzY5Njc5NWJkYmQ1MjIz
ZjhhNjYwHhcNMjUwMTAxMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE0MmMwZDRlMWQyNWY0YmNmODc2ZGJlYTExMTBkYjQ5NGNkZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB4IiCVCGx8AvLE3DVF9PrBmgqkZ
wTdtgCqtGH8QXxEZT9WLdImYLAFRcFU2MSErjPSi6DLzY98K0iKKVDGoA+2j/OzG
jI8u1z3w39ueOTjwxn7u9YO261ZfxvoYkaHLlybpYi7McnsKt8lf4+iIA2hy64pi
Eo6XHWbqPyc2VkPyuRkiOkQvTJXHdf8R7UeHv1F3OFsPoErDsM1ZRBDFaMWb3pQn
XbodQWPbssGxUtr+NmSwfL/esmnO25QwbkoG02wIbvdatvGTG+tn1ZNoMN9BTRRD
8LGwr0Is416/d5VA5nFhn1y0FTLCbb9ohFO/XyCGifeCiIa9wKWEq3RF0wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD8ULA1OHSX0vPh22+oRENtJTN4WMB8GA1UdIwQY
MBaAFMfdKX0ImP/94o12lnlb29UiP4pmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDkwcGZRaVlfXzNpalhhV2VWdmIxU0lfaW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yNWUwNzktZmNiYy00MThkLWJlYzEt
MWYzYjViMDU2ZGZjLzEvUHhRc0RVNGRKZlM4LUhiYjZoRVEyMGxNM2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yNWUwNzktZmNiYy00MThkLWJlYzEtMWYzYjViMDU2ZGZj
LzEveDkwcGZRaVlfXzNpalhhV2VWdmIxU0lfaW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDXn9gMAwD
BADBNWMDBADBNWQDBAXBdKAwDQYJKoZIhvcNAQELBQADggEBAA2NE3XJu+U8Qvp0
F+rUSoyK7+4XSd9UY8aO6VZ0p3YXe1byc8zlaeXXNFIGXkrYfLXwWKsEOSCccbIy
MIkkBhcOkxfgSPUNV6eXjZmuS267+ENWEE7v7khE3AhNkFlFdt5vKhaIaIPN1dui
0E2FprP6JbSQ1QeK8pgm0HqOpra9+isIatryHYM0NuTJl6ni2JDMqbwdA6nWs5u6
CMK2/6towh23YeqSyG79pJy+lWIPlEKhfl+A8Vcto8go/Vug+d3ItDkb5nkYUHOV
tSlJXYyjJvXnGRNH31XKFhJfnyJQqYymRP7MGa42VPk/Qp+ZNJlJu6lbEsypdnho
HCEH+L4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:11 2025 by rpki-client