Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/f0RuL1swXlvp41CLCru-Mt1TNyc.roa
File: f0RuL1swXlvp41CLCru-Mt1TNyc.roa (raw, json)
Hash identifier: rkjC9/AqAR3AXAOW7ubyDoWQhwKzvm+Iu5S5RZdguhM=
Subject key identifier: 7F:44:6E:2F:5B:30:5E:5B:E9:E3:50:8B:0A:BB:BE:32:DD:53:37:27
Certificate issuer: /CN=f169902ad6b7bf4601eeaa5e723ef23d70fa7714
Certificate serial: 019427473E0432978135018EF0B8D7A3E836
Authority key identifier: F1:69:90:2A:D6:B7:BF:46:01:EE:AA:5E:72:3E:F2:3D:70:FA:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WmQKta3v0YB7qpecj7yPXD6dxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/f0RuL1swXlvp41CLCru-Mt1TNyc.roa
Signing time: Thu 02 Jan 2025 13:49:27 +0000
ROA not before: Thu 02 Jan 2025 13:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47998
IP address blocks: 94.228.64.0/20 maxlen: 24
2a00:1068::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3e:04:32:97:81:35:01:8e:f0:b8:d7:a3:e8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f169902ad6b7bf4601eeaa5e723ef23d70fa7714
Validity
Not Before: Jan 2 13:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f446e2f5b305e5be9e3508b0abbbe32dd533727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5c:7c:54:28:9f:8b:1b:8b:31:1b:5f:ab:e9:
7f:5a:b9:12:c5:39:f4:4e:08:b2:97:d7:b8:df:a9:
1f:e2:e3:a2:2b:b0:39:75:19:65:af:31:7e:ac:6d:
3e:87:4f:74:2d:00:f3:a3:e4:e8:15:88:ca:9c:43:
f1:3a:c1:02:88:1e:a4:3f:d3:a9:ba:c6:a1:25:09:
29:ae:e7:8d:7b:4e:90:41:3b:85:6e:99:f3:10:fa:
39:e7:1c:ed:a6:01:b6:7c:26:f7:f2:9b:0b:d5:11:
63:48:04:78:43:23:cd:30:d7:1c:e0:3a:9e:85:b6:
88:93:c5:ec:6d:ed:b6:02:7a:ac:f3:32:9f:15:d1:
ab:ec:7d:2a:08:2f:86:b1:09:ce:1c:8f:41:2b:d7:
87:42:e5:98:15:e9:b3:04:6d:5c:05:a4:df:38:0c:
54:75:e6:05:2c:9c:84:9a:e3:e9:6b:07:da:e8:ed:
4c:4e:73:10:c9:1e:f6:41:b6:01:4e:46:bf:8d:ae:
04:39:b5:3c:20:87:39:29:31:95:71:2a:06:b9:4f:
12:d9:a0:44:31:19:94:d5:1a:fb:3b:fa:44:06:28:
69:15:20:22:3b:06:aa:9c:cd:60:1b:f3:ef:f7:02:
79:44:39:13:47:6f:5d:25:24:36:91:92:a6:5b:e8:
c8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:6E:2F:5B:30:5E:5B:E9:E3:50:8B:0A:BB:BE:32:DD:53:37:27
X509v3 Authority Key Identifier:
keyid:F1:69:90:2A:D6:B7:BF:46:01:EE:AA:5E:72:3E:F2:3D:70:FA:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WmQKta3v0YB7qpecj7yPXD6dxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/f0RuL1swXlvp41CLCru-Mt1TNyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/8WmQKta3v0YB7qpecj7yPXD6dxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.64.0/20
IPv6:
2a00:1068::/32
Signature Algorithm: sha256WithRSAEncryption
64:75:c4:83:a7:d1:6b:ba:ca:9a:2b:79:2a:d6:79:72:fe:97:
6c:dd:3d:9a:60:b9:94:15:07:3a:0c:5b:dd:f0:37:4c:08:10:
b3:2d:12:96:e0:94:d5:7c:46:aa:d1:75:3d:58:f6:58:1d:8e:
c6:bd:d0:45:26:72:c2:93:13:f7:b8:f3:c9:ff:1e:93:94:93:
7d:a0:51:59:53:e6:e3:da:91:b6:54:51:79:2d:a4:cc:01:77:
a7:6a:20:45:be:a1:0b:79:cb:b8:3a:a9:1f:2e:f0:aa:1f:25:
14:32:5e:2a:82:85:c4:2b:49:a9:fb:75:01:4f:f9:52:a9:e2:
fd:92:84:e0:0f:86:46:11:d4:85:eb:1a:5d:19:9a:15:66:19:
15:ea:42:bf:be:b7:f8:ed:01:59:3a:10:e5:f5:76:f5:9f:22:
39:a7:82:50:52:af:b0:74:79:c3:b3:52:16:e5:58:02:03:7f:
b3:e2:da:c3:6d:d5:a5:ed:88:e8:a4:df:7a:e3:c7:63:2a:73:
f9:8d:3d:b8:7d:d2:b5:83:5c:10:ec:2f:93:44:2c:b4:4c:e3:
85:10:41:8d:3e:2e:13:f9:dd:28:57:39:89:df:10:3d:b1:30:
ae:7a:e5:8a:5c:e4:32:cc:9c:d1:cf:2d:4a:68:80:36:e6:54:
10:f8:74:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRz4EMpeBNQGO8LjXo+g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjk5MDJhZDZiN2JmNDYwMWVlYWE1ZTcyM2VmMjNkNzBm
YTc3MTQwHhcNMjUwMTAyMTM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQ0NmUyZjViMzA1ZTViZTllMzUwOGIwYWJiYmUzMmRkNTMzNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51x8VCifixuLMRtfq+l/WrkSxTn0
Tgiyl9e436kf4uOiK7A5dRllrzF+rG0+h090LQDzo+ToFYjKnEPxOsECiB6kP9Op
usahJQkprueNe06QQTuFbpnzEPo55xztpgG2fCb38psL1RFjSAR4QyPNMNcc4Dqe
hbaIk8Xsbe22Anqs8zKfFdGr7H0qCC+GsQnOHI9BK9eHQuWYFemzBG1cBaTfOAxU
deYFLJyEmuPpawfa6O1MTnMQyR72QbYBTka/ja4EObU8IIc5KTGVcSoGuU8S2aBE
MRmU1Rr7O/pEBihpFSAiOwaqnM1gG/Pv9wJ5RDkTR29dJSQ2kZKmW+jIvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH9Ebi9bMF5b6eNQiwq7vjLdUzcnMB8GA1UdIwQY
MBaAFPFpkCrWt79GAe6qXnI+8j1w+ncUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdtUUt0YTN2MFlCN3FwZWNqN3lQWEQ2ZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80ZjI4MDAtYTU1NS00ZjgyLTg5MzYt
ZjIwODM2NTA1MWNiLzEvZjBSdUwxc3dYbHZwNDFDTENydS1NdDFUTnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80ZjI4MDAtYTU1NS00ZjgyLTg5MzYtZjIwODM2NTA1MWNi
LzEvOFdtUUt0YTN2MFlCN3FwZWNqN3lQWEQ2ZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXuRAMA0E
AgACMAcDBQAqABBoMA0GCSqGSIb3DQEBCwUAA4IBAQBkdcSDp9FrusqaK3kq1nly
/pds3T2aYLmUFQc6DFvd8DdMCBCzLRKW4JTVfEaq0XU9WPZYHY7GvdBFJnLCkxP3
uPPJ/x6TlJN9oFFZU+bj2pG2VFF5LaTMAXenaiBFvqELecu4OqkfLvCqHyUUMl4q
goXEK0mp+3UBT/lSqeL9koTgD4ZGEdSF6xpdGZoVZhkV6kK/vrf47QFZOhDl9Xb1
nyI5p4JQUq+wdHnDs1IW5VgCA3+z4trDbdWl7YjopN9648djKnP5jT24fdK1g1wQ
7C+TRCy0TOOFEEGNPi4T+d0oVzmJ3xA9sTCueuWKXOQyzJzRzy1KaIA25lQQ+HSh
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:46:43 2025 by rpki-client