Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/ngnhG7uE9YHHo9YXMg4zT5zGeQk.roa
File: ngnhG7uE9YHHo9YXMg4zT5zGeQk.roa (raw, json)
Hash identifier: a+4S0fbb+Q4assLZ0oTVcSUfUQDBn8eYYqxTad0XqL0=
Subject key identifier: 9E:09:E1:1B:BB:84:F5:81:C7:A3:D6:17:32:0E:33:4F:9C:C6:79:09
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB346AE8687238D275DF62D0CD530E
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/ngnhG7uE9YHHo9YXMg4zT5zGeQk.roa
Signing time: Wed 01 Jan 2025 17:47:55 +0000
ROA not before: Wed 01 Jan 2025 17:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41844
IP address blocks: 94.26.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:34:6a:e8:68:72:38:d2:75:df:62:d0:cd:53:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e09e11bbb84f581c7a3d617320e334f9cc67909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4f:4e:4b:49:9e:6f:3d:07:74:00:51:84:56:
59:a2:81:f5:18:f5:4e:40:8f:19:f1:88:90:5c:0b:
35:82:ae:84:b9:aa:c5:33:73:ed:8d:a7:eb:6f:19:
99:48:4e:67:45:7d:69:df:67:cc:1d:4b:01:c1:ae:
a1:e0:3d:20:aa:16:4b:d1:3e:b0:39:61:07:56:34:
f6:2f:b4:ff:64:97:c3:56:b0:77:21:3e:84:f9:66:
52:3f:aa:ca:46:0c:09:df:7b:c3:3c:15:ec:59:c5:
3b:e4:9e:fb:36:41:b7:1d:ca:33:e6:d8:ad:60:30:
bb:22:d5:55:51:e6:0f:36:2d:c8:d9:27:f0:21:7a:
71:ad:60:fe:25:8b:49:02:4d:a7:7b:a9:49:23:40:
2f:e7:6f:1a:9e:4a:a8:98:10:a7:fb:56:bf:2b:df:
af:3c:39:10:8c:e7:b6:eb:da:c4:09:98:47:df:62:
9c:66:00:6d:8f:9b:b0:8a:96:1f:a7:20:1d:b7:eb:
92:fa:b0:38:9d:15:f6:31:a3:e5:a0:d7:77:55:71:
48:24:e4:76:ad:c8:ce:5a:8a:a6:37:56:3c:ac:64:
12:ce:c0:58:84:2f:84:64:7e:e9:81:75:7d:f4:be:
70:49:63:15:59:80:25:8c:fc:d4:40:58:2d:67:e1:
23:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:09:E1:1B:BB:84:F5:81:C7:A3:D6:17:32:0E:33:4F:9C:C6:79:09
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/ngnhG7uE9YHHo9YXMg4zT5zGeQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:76:49:1c:56:e7:e3:d4:d6:f8:08:0f:66:25:43:06:b7:27:
d6:c8:87:40:1f:c3:ef:a9:ed:54:49:8f:a0:89:1c:d3:ed:42:
b2:e3:a2:ee:ea:bc:4b:b7:31:83:ff:9e:a1:f7:97:d1:56:1b:
91:b7:37:49:14:59:b0:83:fe:bf:44:63:56:f0:94:c2:c1:57:
89:9d:30:30:39:ed:a6:87:10:ff:76:c1:40:c2:b4:ca:95:be:
5c:3e:da:c3:10:9d:70:b9:2d:cc:5d:9d:83:bf:3f:61:1d:f6:
08:9d:6b:0a:c8:24:2b:dd:77:4b:fe:ae:c6:69:f1:5e:45:4d:
5f:85:dc:1b:19:74:9e:e4:82:35:de:a7:6a:d8:78:8f:4f:36:
97:78:92:4c:7f:da:fd:92:79:0a:c5:17:5a:e2:d6:36:89:6e:
b8:06:9a:bd:69:38:fc:3d:05:62:7f:c0:0f:44:7c:3e:05:e1:
19:fc:cc:a4:de:dd:01:0d:d1:50:9a:d7:83:22:13:09:df:f8:
4f:8a:0b:cd:dc:fd:95:3e:76:a8:1a:65:b1:57:ae:93:c4:b2:
45:29:61:b5:b8:53:f6:67:c5:1e:e9:c9:13:24:1f:f8:34:5c:
b8:67:5a:f6:1a:39:7b:6f:86:96:0f:5e:3b:14:27:03:c9:20:
ad:c4:33:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zRq6GhyONJ132LQzVMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA5ZTExYmJiODRmNTgxYzdhM2Q2MTczMjBlMzM0ZjljYzY3OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk9OS0mebz0HdABRhFZZooH1GPVO
QI8Z8YiQXAs1gq6EuarFM3PtjafrbxmZSE5nRX1p32fMHUsBwa6h4D0gqhZL0T6w
OWEHVjT2L7T/ZJfDVrB3IT6E+WZSP6rKRgwJ33vDPBXsWcU75J77NkG3Hcoz5tit
YDC7ItVVUeYPNi3I2SfwIXpxrWD+JYtJAk2ne6lJI0Av528ankqomBCn+1a/K9+v
PDkQjOe269rECZhH32KcZgBtj5uwipYfpyAdt+uS+rA4nRX2MaPloNd3VXFIJOR2
rcjOWoqmN1Y8rGQSzsBYhC+EZH7pgXV99L5wSWMVWYAljPzUQFgtZ+EjlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4J4Ru7hPWBx6PWFzIOM0+cxnkJMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvbmduaEc3dUU5WUhIbzlZWE1nNHpUNXpHZVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXhooMA0G
CSqGSIb3DQEBCwUAA4IBAQCgdkkcVufj1Nb4CA9mJUMGtyfWyIdAH8Pvqe1USY+g
iRzT7UKy46Lu6rxLtzGD/56h95fRVhuRtzdJFFmwg/6/RGNW8JTCwVeJnTAwOe2m
hxD/dsFAwrTKlb5cPtrDEJ1wuS3MXZ2Dvz9hHfYInWsKyCQr3XdL/q7GafFeRU1f
hdwbGXSe5II13qdq2HiPTzaXeJJMf9r9knkKxRda4tY2iW64Bpq9aTj8PQVif8AP
RHw+BeEZ/Myk3t0BDdFQmteDIhMJ3/hPigvN3P2VPnaoGmWxV66TxLJFKWG1uFP2
Z8Ue6ckTJB/4NFy4Z1r2Gjl7b4aWD147FCcDySCtxDOB
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:02:20 2025 by rpki-client