Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/iqdJN8sHfwO1sPuxLCpmupVWwoM.roa
File: iqdJN8sHfwO1sPuxLCpmupVWwoM.roa (raw, json)
Hash identifier: dJz0Laitt81U0rDiYpZ4I/hTrum0qQS8UUTJ0IjaiLI=
Subject key identifier: 8A:A7:49:37:CB:07:7F:03:B5:B0:FB:B1:2C:2A:66:BA:95:56:C2:83
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 0194AD723558CC92083EBD55A62B43D662AF
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/iqdJN8sHfwO1sPuxLCpmupVWwoM.roa
Signing time: Tue 28 Jan 2025 15:05:30 +0000
ROA not before: Tue 28 Jan 2025 15:05:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42330
IP address blocks: 78.41.136.0/24 maxlen: 24
2a13:3840:1000::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:72:35:58:cc:92:08:3e:bd:55:a6:2b:43:d6:62:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Jan 28 15:05:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aa74937cb077f03b5b0fbb12c2a66ba9556c283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:09:70:a2:79:3f:24:3e:14:9c:96:2b:70:
e3:74:9f:4f:c5:83:11:07:3f:a2:17:c9:ac:a0:10:
b3:10:c9:84:aa:bc:2f:2c:b2:16:12:c5:9f:20:3e:
2b:fc:48:65:77:ab:76:63:1d:c4:7d:d8:18:07:87:
88:58:7b:34:f3:2f:48:90:0b:0f:a3:5a:fe:b4:8b:
81:e3:60:51:c2:86:c2:28:0f:86:39:53:6b:ae:30:
6b:49:fb:98:03:83:69:0c:90:3b:06:12:c2:83:56:
6d:75:22:e5:7b:16:3a:d8:4b:c2:4e:59:e8:6f:9c:
69:05:2a:94:7a:60:1d:f6:f5:3e:58:75:4b:2a:f0:
86:8b:10:23:d1:36:9d:df:3e:62:02:9f:81:39:c9:
53:d0:0c:10:6d:3a:16:7a:8f:cb:63:db:6b:e3:4b:
c0:29:8d:18:53:1b:12:9e:c1:5b:3a:59:48:f4:e3:
01:e5:a9:53:f3:5a:25:8f:54:e3:99:4e:19:ec:05:
18:0f:20:70:6d:e9:b5:c9:df:d0:69:13:5e:a5:ad:
d6:55:4e:ac:44:e2:2b:a0:f8:8c:a4:7a:21:46:da:
18:3e:87:77:f2:a7:38:1f:e1:de:1b:79:0c:e7:66:
ac:46:08:ad:ed:dc:2b:d3:f9:b7:95:93:8e:d7:87:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A7:49:37:CB:07:7F:03:B5:B0:FB:B1:2C:2A:66:BA:95:56:C2:83
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/iqdJN8sHfwO1sPuxLCpmupVWwoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.136.0/24
IPv6:
2a13:3840:1000::/39
Signature Algorithm: sha256WithRSAEncryption
65:b3:05:c1:36:c2:c3:cb:ee:d1:d6:f3:39:a0:8f:54:64:12:
f1:ab:22:3e:b3:9c:dd:3c:e6:54:4c:8c:08:a6:c0:35:8a:a4:
45:8d:9e:dd:91:90:0d:b8:67:a6:5f:65:81:7b:10:6e:99:1f:
28:03:9f:85:f4:39:83:e4:b0:6c:e1:0b:a4:33:da:59:af:07:
7b:49:b3:c2:66:10:c7:be:5e:a4:56:5e:49:06:87:af:69:cf:
af:9b:cc:f5:9b:8f:78:86:b1:1b:c3:ba:0a:00:f2:c1:cf:3d:
ef:7e:42:8d:a0:2c:06:9f:6e:86:e4:aa:60:f2:6b:9c:69:36:
12:93:93:53:73:3a:86:bf:5e:a4:ea:bd:97:24:82:33:eb:a0:
78:af:ca:4b:81:b0:35:da:65:39:80:68:86:d9:47:7a:48:1b:
8b:5f:2b:e3:f0:29:c3:3d:76:6d:ab:ff:af:fd:3f:c0:68:de:
de:7b:ec:0a:56:b5:e3:da:dc:45:9b:34:bb:30:f6:31:b2:af:
b4:e7:00:58:6f:a6:74:9f:01:00:4d:10:f9:81:5e:0c:c4:46:
3d:65:08:60:31:ec:00:56:fd:7c:87:b3:81:d4:47:b3:2a:59:
f8:0c:2a:47:8d:2d:59:b0:a4:99:32:3d:4a:a6:f1:40:4e:bc:
d0:20:32:75
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZStcjVYzJIIPr1VpitD1mKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjUwMTI4MTUwNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE3NDkzN2NiMDc3ZjAzYjViMGZiYjEyYzJhNjZiYTk1NTZjMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLYJcKJ5PyQ+FJyWK3DjdJ9PxYMR
Bz+iF8msoBCzEMmEqrwvLLIWEsWfID4r/Ehld6t2Yx3EfdgYB4eIWHs08y9IkAsP
o1r+tIuB42BRwobCKA+GOVNrrjBrSfuYA4NpDJA7BhLCg1ZtdSLlexY62EvCTlno
b5xpBSqUemAd9vU+WHVLKvCGixAj0Tad3z5iAp+BOclT0AwQbToWeo/LY9tr40vA
KY0YUxsSnsFbOllI9OMB5alT81olj1TjmU4Z7AUYDyBwbem1yd/QaRNepa3WVU6s
ROIroPiMpHohRtoYPod38qc4H+HeG3kM52asRgit7dwr0/m3lZOO14dEyQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIqnSTfLB38DtbD7sSwqZrqVVsKDMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvaXFkSk44c0hmd08xc1B1eExDcG11cFZXd29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQATimIMA4E
AgACMAgDBgEqEzhAEDANBgkqhkiG9w0BAQsFAAOCAQEAZbMFwTbCw8vu0dbzOaCP
VGQS8asiPrOc3TzmVEyMCKbANYqkRY2e3ZGQDbhnpl9lgXsQbpkfKAOfhfQ5g+Sw
bOELpDPaWa8He0mzwmYQx75epFZeSQaHr2nPr5vM9ZuPeIaxG8O6CgDywc89735C
jaAsBp9uhuSqYPJrnGk2EpOTU3M6hr9epOq9lySCM+ugeK/KS4GwNdplOYBohtlH
ekgbi18r4/Apwz12bav/r/0/wGje3nvsCla149rcRZs0uzD2MbKvtOcAWG+mdJ8B
AE0Q+YFeDMRGPWUIYDHsAFb9fIezgdRHsypZ+AwqR40tWbCkmTI9SqbxQE680CAy
dQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:47:27 2025 by rpki-client