Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/us94-cTYjSj_Phf3kZ7i28S_4EE.roa
File: us94-cTYjSj_Phf3kZ7i28S_4EE.roa (raw, json)
Hash identifier: oRFFWuNByAAmZ32nIZdCPFxlnNzHPkwynXEEHoRBcpI=
Subject key identifier: BA:CF:78:F9:C4:D8:8D:28:FF:3E:17:F7:91:9E:E2:DB:C4:BF:E0:41
Certificate issuer: /CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Certificate serial: 019426D91EBDB1D7B473CFEA3F3C8965BDE8
Authority key identifier: 58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/us94-cTYjSj_Phf3kZ7i28S_4EE.roa
Signing time: Thu 02 Jan 2025 11:49:10 +0000
ROA not before: Thu 02 Jan 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 80.75.212.0/24 maxlen: 24
176.97.210.0/24 maxlen: 24
2a07:4b40::/29 maxlen: 29
2a12:b200::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:1e:bd:b1:d7:b4:73:cf:ea:3f:3c:89:65:bd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Validity
Not Before: Jan 2 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bacf78f9c4d88d28ff3e17f7919ee2dbc4bfe041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a9:0e:8b:cc:72:2c:ae:2b:ec:44:fc:5a:c5:
b2:6c:e8:df:c9:d3:dd:3c:4f:52:97:80:8e:1b:47:
84:e4:7b:1f:f6:77:12:dd:29:3a:08:b2:d3:71:dc:
f3:8c:e3:f5:3f:27:74:34:64:c7:2d:00:34:a7:88:
ed:df:91:0f:dd:5e:fd:4d:a5:eb:88:0b:3b:bd:14:
d9:f7:7f:6a:02:4c:2c:06:3e:6d:7f:18:02:ad:65:
2f:31:1f:19:0f:d0:99:12:e8:4f:8d:1a:32:c8:d8:
6f:75:ee:d4:30:06:93:c9:fc:37:9b:9e:d2:30:4e:
91:14:36:e1:dd:41:4f:6a:01:c5:96:4e:08:ad:70:
8f:b2:8c:e7:6e:27:21:27:f7:20:89:40:5e:2e:04:
44:83:c9:90:69:39:e3:42:d6:27:0e:8d:04:b2:ce:
5f:9f:6e:94:b0:ea:f8:51:19:27:86:cd:19:54:4b:
93:2c:a7:d7:87:4c:59:17:4a:fe:ce:5f:1c:98:a9:
3f:35:cd:ab:5a:8d:54:df:c3:d9:ef:f0:9f:85:c4:
b7:aa:1a:ee:b9:88:f2:7e:79:77:1e:61:25:2c:cd:
44:5a:9d:c9:cc:e6:7b:9b:e5:be:3b:21:d2:20:3d:
63:1d:9f:6b:59:23:c9:17:a5:32:09:cd:7e:a8:c6:
18:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CF:78:F9:C4:D8:8D:28:FF:3E:17:F7:91:9E:E2:DB:C4:BF:E0:41
X509v3 Authority Key Identifier:
keyid:58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/us94-cTYjSj_Phf3kZ7i28S_4EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/WP-JAjuHwL-Eebn_RyUlhhPk8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.212.0/24
176.97.210.0/24
IPv6:
2a07:4b40::/29
2a12:b200::/29
Signature Algorithm: sha256WithRSAEncryption
88:b8:6d:68:65:19:62:90:3e:8b:51:6a:6a:d0:f2:06:d8:9a:
53:62:27:13:01:b8:e0:4b:86:4f:07:8b:9c:ad:b8:0a:9a:9a:
bb:87:15:4a:73:62:aa:25:5f:0f:d8:ae:7e:61:b1:a2:00:cc:
fb:c3:f8:f8:bd:a8:2c:7c:9c:8a:1a:0b:5d:1e:7b:e9:e5:9d:
79:71:13:10:b8:47:1e:18:66:16:e3:7c:3c:09:22:57:9a:46:
5d:48:c8:97:e6:3c:32:29:bf:7b:21:1e:e1:ac:6c:1a:e9:96:
97:90:74:21:36:cc:e5:0c:aa:e0:33:ec:34:5e:da:63:ef:ba:
0c:cf:f4:56:95:b8:92:32:db:5e:0e:c5:46:83:f9:86:e9:cd:
07:33:16:29:f4:9a:e5:ad:b3:4d:e3:8e:de:df:1c:a2:e2:9a:
7a:14:fe:7f:69:15:08:01:ed:9c:3a:83:59:e5:45:11:3f:43:
7d:d6:4a:ef:20:08:71:13:98:e1:e1:7d:e9:ce:e7:47:a2:3e:
d6:23:99:2d:57:81:2b:07:db:f7:08:ba:64:21:de:84:e1:d8:
3c:42:d9:c6:8e:3f:fa:7b:6c:50:5e:e4:bd:21:47:fc:b5:73:
a7:44:7e:37:7c:3b:e0:6c:f3:df:f8:f5:e6:41:b1:8c:ca:aa:
9c:54:20:02
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2R69sde0c8/qPzyJZb3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmY4OTAyM2I4N2MwYmY4NDc5YjlmZjQ3MjUyNTg2MTNl
NGYwYjUwHhcNMjUwMTAyMTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNmNzhmOWM0ZDg4ZDI4ZmYzZTE3Zjc5MTllZTJkYmM0YmZlMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqkOi8xyLK4r7ET8WsWybOjfydPd
PE9Sl4COG0eE5Hsf9ncS3Sk6CLLTcdzzjOP1Pyd0NGTHLQA0p4jt35EP3V79TaXr
iAs7vRTZ939qAkwsBj5tfxgCrWUvMR8ZD9CZEuhPjRoyyNhvde7UMAaTyfw3m57S
ME6RFDbh3UFPagHFlk4IrXCPsoznbichJ/cgiUBeLgREg8mQaTnjQtYnDo0Ess5f
n26UsOr4URknhs0ZVEuTLKfXh0xZF0r+zl8cmKk/Nc2rWo1U38PZ7/CfhcS3qhru
uYjyfnl3HmElLM1EWp3JzOZ7m+W+OyHSID1jHZ9rWSPJF6UyCc1+qMYYJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLrPePnE2I0o/z4X95Ge4tvEv+BBMB8GA1UdIwQY
MBaAFFj/iQI7h8C/hHm5/0clJYYT5PC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEt
MzYzMTNjNTMyZDA0LzEvdXM5NC1jVFlqU2pfUGhmM2taN2kyOFNfNEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEtMzYzMTNjNTMyZDA0
LzEvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAUEvUAwQA
sGHSMBQEAgACMA4DBQMqB0tAAwUDKhKyADANBgkqhkiG9w0BAQsFAAOCAQEAiLht
aGUZYpA+i1FqatDyBtiaU2InEwG44EuGTweLnK24Cpqau4cVSnNiqiVfD9iufmGx
ogDM+8P4+L2oLHycihoLXR576eWdeXETELhHHhhmFuN8PAkiV5pGXUjIl+Y8Mim/
eyEe4axsGumWl5B0ITbM5Qyq4DPsNF7aY++6DM/0VpW4kjLbXg7FRoP5hunNBzMW
KfSa5a2zTeOO3t8couKaehT+f2kVCAHtnDqDWeVFET9DfdZK7yAIcROY4eF96c7n
R6I+1iOZLVeBKwfb9wi6ZCHehOHYPELZxo4/+ntsUF7kvSFH/LVzp0R+N3w74Gzz
3/j15kGxjMqqnFQgAg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:15:35 2025 by rpki-client