Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/tnCxlMJcFjJNR1BgpRasaoWflbg.roa
File: tnCxlMJcFjJNR1BgpRasaoWflbg.roa (raw, json)
Hash identifier: NGBkP+kMJwXFz3QRdHJSNRXeiC1xezQ5KE4ynogLaXo=
Subject key identifier: B6:70:B1:94:C2:5C:16:32:4D:47:50:60:A5:16:AC:6A:85:9F:95:B8
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019421B1F25B056621467009C1FC93A9B238
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/tnCxlMJcFjJNR1BgpRasaoWflbg.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 94.182.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f2:5b:05:66:21:46:70:09:c1:fc:93:a9:b2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b670b194c25c16324d475060a516ac6a859f95b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:88:93:cd:84:07:bd:4f:b8:f9:e4:9d:24:bc:
07:34:c5:37:e1:c0:42:8e:85:c2:c8:42:6a:93:8f:
30:ff:c2:9a:86:ee:02:07:44:1f:bc:f2:dd:d0:d3:
30:04:d7:6b:b4:b9:70:3f:06:24:c1:05:2c:fa:44:
2a:13:5d:bb:a5:05:d1:e9:4c:fa:cf:74:d1:b1:06:
a8:94:1c:88:6d:63:c1:6b:3f:5d:ef:37:12:2c:96:
27:96:a5:0e:5c:17:66:53:39:69:35:9e:6a:d8:e9:
91:35:8f:2e:47:7d:df:be:08:a7:b9:e7:a1:b7:e1:
e3:e6:29:09:48:ba:e5:6f:39:60:be:be:f8:cd:34:
8c:fb:2c:d0:48:77:f9:62:c4:42:5c:ac:6f:b0:a6:
46:e0:78:cc:32:8f:91:46:27:df:ad:6f:84:17:7b:
73:9c:ab:57:1f:d0:c4:a3:3b:fb:97:58:2b:63:1f:
dd:cf:11:48:db:bc:1a:14:d6:af:cf:32:71:38:69:
d3:1d:e1:28:f4:ff:d5:1d:4f:c4:b0:48:3a:6b:5e:
d5:74:14:dc:64:05:de:f0:01:72:71:2b:96:50:4e:
5c:a0:9c:5f:26:0c:da:3e:8d:cd:9f:55:32:81:32:
a4:20:6a:b1:30:98:20:c9:8a:c2:c7:d4:fd:78:73:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:70:B1:94:C2:5C:16:32:4D:47:50:60:A5:16:AC:6A:85:9F:95:B8
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/tnCxlMJcFjJNR1BgpRasaoWflbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.62.0/24
Signature Algorithm: sha256WithRSAEncryption
81:1b:66:5e:3e:af:04:f8:7e:7f:50:61:1c:50:19:98:97:b2:
c7:1e:4c:3b:3f:87:0f:0a:34:cf:33:5f:c5:aa:92:4f:72:ed:
f7:b1:ba:21:d6:69:c3:e1:63:e5:ea:a2:3a:ae:27:11:53:32:
dc:da:c0:51:75:05:c5:a8:bd:67:56:c5:e2:92:73:d7:36:21:
94:6e:5e:5a:9d:18:85:09:c0:ed:d4:e2:27:db:6e:66:62:62:
be:b5:2f:db:26:c0:c0:00:31:32:0e:19:63:ac:5f:76:a5:59:
e4:83:57:5d:d5:ad:3a:00:e8:cc:04:20:fd:71:5b:14:0c:dc:
92:a2:6b:56:70:8c:ea:58:46:88:98:66:ef:68:6d:a4:e6:7f:
7b:d4:cd:7f:2f:89:b6:3e:20:af:e5:ad:2c:6f:5b:fb:5b:19:
4a:ec:64:7b:ab:8b:8f:4c:eb:35:d6:64:2d:a0:e9:21:81:d4:
e5:a4:2d:af:8b:4e:2c:ea:08:ae:a3:ba:9f:58:be:2d:ed:7d:
13:4f:71:84:8f:3e:16:97:4f:38:60:d1:e6:42:e4:d8:c3:fd:
cf:58:d7:fc:49:42:e5:1d:e3:a4:87:0c:51:53:7f:d2:c9:8e:
54:f0:da:ea:1c:da:cc:cb:b7:5f:09:f7:b5:2d:4a:6f:59:01:
0e:22:57:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsfJbBWYhRnAJwfyTqbI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcwYjE5NGMyNWMxNjMyNGQ0NzUwNjBhNTE2YWM2YTg1OWY5NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YiTzYQHvU+4+eSdJLwHNMU34cBC
joXCyEJqk48w/8Kahu4CB0QfvPLd0NMwBNdrtLlwPwYkwQUs+kQqE127pQXR6Uz6
z3TRsQaolByIbWPBaz9d7zcSLJYnlqUOXBdmUzlpNZ5q2OmRNY8uR33fvginueeh
t+Hj5ikJSLrlbzlgvr74zTSM+yzQSHf5YsRCXKxvsKZG4HjMMo+RRiffrW+EF3tz
nKtXH9DEozv7l1grYx/dzxFI27waFNavzzJxOGnTHeEo9P/VHU/EsEg6a17VdBTc
ZAXe8AFycSuWUE5coJxfJgzaPo3Nn1UygTKkIGqxMJggyYrCx9T9eHO2JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZwsZTCXBYyTUdQYKUWrGqFn5W4MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvdG5DeGxNSmNGakpOUjFCZ3BSYXNhb1dmbGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrY+MA0G
CSqGSIb3DQEBCwUAA4IBAQCBG2ZePq8E+H5/UGEcUBmYl7LHHkw7P4cPCjTPM1/F
qpJPcu33sboh1mnD4WPl6qI6ricRUzLc2sBRdQXFqL1nVsXiknPXNiGUbl5anRiF
CcDt1OIn225mYmK+tS/bJsDAADEyDhljrF92pVnkg1dd1a06AOjMBCD9cVsUDNyS
omtWcIzqWEaImGbvaG2k5n971M1/L4m2PiCv5a0sb1v7WxlK7GR7q4uPTOs11mQt
oOkhgdTlpC2vi04s6giuo7qfWL4t7X0TT3GEjz4Wl084YNHmQuTYw/3PWNf8SULl
HeOkhwxRU3/SyY5U8NrqHNrMy7dfCfe1LUpvWQEOIle6
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:04:07 2025 by rpki-client