Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/x5l8qEvHFAodUzHlAYY9fZfeP50.roa
File: x5l8qEvHFAodUzHlAYY9fZfeP50.roa (raw, json)
Hash identifier: 5fz4EELeopKN9VQpT1bfsiRn+eP5FD0InYFQsgis6hE=
Subject key identifier: C7:99:7C:A8:4B:C7:14:0A:1D:53:31:E5:01:86:3D:7D:97:DE:3F:9D
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019424448BD917EA2F83F478CDC0DFB4C168
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/x5l8qEvHFAodUzHlAYY9fZfeP50.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35537
IP address blocks: 94.124.116.0/24 maxlen: 24
2a09:7:2004::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8b:d9:17:ea:2f:83:f4:78:cd:c0:df:b4:c1:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7997ca84bc7140a1d5331e501863d7d97de3f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:10:3b:7c:e4:eb:1c:fd:43:d4:5e:be:f6:6a:
5a:f6:3a:cb:9c:67:75:c0:e4:a8:3a:3a:87:53:ee:
70:d8:9a:d2:80:d6:27:0e:84:30:3b:12:7e:a6:c6:
8e:9d:8b:b3:51:25:e0:a0:93:07:31:e8:fd:18:30:
d6:75:d5:6c:eb:ad:d8:d3:0c:c7:82:4e:db:4c:35:
ea:9e:a4:c6:1a:19:69:62:1c:92:56:22:d0:d3:7e:
33:8c:57:62:ec:42:eb:4f:e6:ae:f8:76:ca:82:27:
1b:c1:87:db:c8:4f:80:fb:ee:a7:44:bb:de:cb:1e:
b0:f8:16:2a:a5:d5:32:02:a0:96:c6:77:cc:c9:f1:
83:8c:fb:11:b4:fc:c8:ae:36:16:8f:a9:f0:8e:ae:
62:ef:dd:39:b8:02:6b:90:22:b5:58:14:3e:20:a9:
6a:68:ad:f2:0b:4a:73:78:2f:9f:f1:76:5a:c5:3f:
58:70:87:48:d6:e5:58:d9:54:84:0f:26:be:c3:91:
ed:20:ef:6c:79:7c:3b:e6:72:0c:89:c2:9d:85:08:
c5:9e:1a:d2:f7:bf:09:ee:42:84:ff:3d:42:f9:85:
ef:32:bd:04:d0:90:91:a3:2f:e0:e8:14:01:e4:00:
9c:8b:ea:80:ad:e7:88:a5:28:67:47:24:b6:f7:47:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:99:7C:A8:4B:C7:14:0A:1D:53:31:E5:01:86:3D:7D:97:DE:3F:9D
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/x5l8qEvHFAodUzHlAYY9fZfeP50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.116.0/24
IPv6:
2a09:7:2004::/48
Signature Algorithm: sha256WithRSAEncryption
0f:56:7c:5b:ab:30:32:ae:5a:f3:e5:01:84:db:f9:4d:0b:72:
b9:a4:24:54:e7:c9:fb:22:1e:e3:58:58:90:66:72:c0:b4:84:
82:30:52:dc:a2:4e:d4:e4:3b:cc:df:f2:48:da:a2:4e:de:3d:
d8:5d:ce:9e:21:b9:24:18:60:50:fd:02:9b:5f:d4:9a:55:b0:
4b:d0:ac:a2:07:eb:7b:00:c2:79:31:42:4e:2f:ca:ec:6a:29:
56:c5:05:ea:3e:ec:2f:8b:b6:27:fb:51:37:ee:42:24:ef:4e:
64:50:80:b2:42:b3:cf:e3:d7:91:eb:d8:f1:67:ad:49:e2:a9:
9d:c2:c5:26:5e:4f:e9:89:8f:80:9b:27:b2:24:b4:2e:dd:5d:
4c:1b:5a:cb:7e:b8:ff:47:3c:d4:4b:04:c2:d8:3f:5f:5d:1b:
b2:4c:59:08:32:41:a9:a6:28:5b:f9:3e:ad:38:83:eb:40:0c:
77:6d:0f:01:02:8a:94:86:b8:6f:34:e2:0b:b9:3c:ec:f7:29:
b7:46:2a:e5:a7:4c:42:e0:3c:7c:91:dc:e4:74:18:57:49:80:
58:6d:d4:fe:e4:e2:91:9e:31:f9:0f:60:09:ec:0d:8e:9b:31:
49:e2:6e:ff:58:af:e0:62:d0:aa:e8:16:7b:bb:38:2d:dc:ea:
84:06:94:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRIvZF+ovg/R4zcDftMFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk5N2NhODRiYzcxNDBhMWQ1MzMxZTUwMTg2M2Q3ZDk3ZGUzZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xA7fOTrHP1D1F6+9mpa9jrLnGd1
wOSoOjqHU+5w2JrSgNYnDoQwOxJ+psaOnYuzUSXgoJMHMej9GDDWddVs663Y0wzH
gk7bTDXqnqTGGhlpYhySViLQ034zjFdi7ELrT+au+HbKgicbwYfbyE+A++6nRLve
yx6w+BYqpdUyAqCWxnfMyfGDjPsRtPzIrjYWj6nwjq5i7905uAJrkCK1WBQ+IKlq
aK3yC0pzeC+f8XZaxT9YcIdI1uVY2VSEDya+w5HtIO9seXw75nIMicKdhQjFnhrS
978J7kKE/z1C+YXvMr0E0JCRoy/g6BQB5ACci+qAreeIpShnRyS290dbmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMeZfKhLxxQKHVMx5QGGPX2X3j+dMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEveDVsOHFFdkhGQW9kVXpIbEFZWTlmWmZlUDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXnx0MA8E
AgACMAkDBwAqCQAHIAQwDQYJKoZIhvcNAQELBQADggEBAA9WfFurMDKuWvPlAYTb
+U0LcrmkJFTnyfsiHuNYWJBmcsC0hIIwUtyiTtTkO8zf8kjaok7ePdhdzp4huSQY
YFD9Aptf1JpVsEvQrKIH63sAwnkxQk4vyuxqKVbFBeo+7C+Ltif7UTfuQiTvTmRQ
gLJCs8/j15Hr2PFnrUniqZ3CxSZeT+mJj4CbJ7IktC7dXUwbWst+uP9HPNRLBMLY
P19dG7JMWQgyQammKFv5Pq04g+tADHdtDwECipSGuG804gu5POz3KbdGKuWnTELg
PHyR3OR0GFdJgFht1P7k4pGeMfkPYAnsDY6bMUnibv9Yr+Bi0KroFnu7OC3c6oQG
lJ4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:29:14 2025 by rpki-client