Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ba19e4-71cc-470e-bda5-9da4cc620533/1/1qu70rxHLlsLAV5g5Efa66s6iag.roa
File: 1qu70rxHLlsLAV5g5Efa66s6iag.roa (raw, json)
Hash identifier: YmJJTTwGISEG6l96iV4cbfKm+Xa4J2z07ynSRxjgi3U=
Subject key identifier: D6:AB:BB:D2:BC:47:2E:5B:0B:01:5E:60:E4:47:DA:EB:AB:3A:89:A8
Certificate issuer: /CN=e2aec3c8ab11fc058c9a8ef400ef1c3d144a7ba8
Certificate serial: 0194228E34D55DF9A510EF8B7F7EB1207C4D
Authority key identifier: E2:AE:C3:C8:AB:11:FC:05:8C:9A:8E:F4:00:EF:1C:3D:14:4A:7B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4q7DyKsR_AWMmo70AO8cPRRKe6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ba19e4-71cc-470e-bda5-9da4cc620533/1/1qu70rxHLlsLAV5g5Efa66s6iag.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204555
IP address blocks: 94.125.143.0/24 maxlen: 24
193.176.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:34:d5:5d:f9:a5:10:ef:8b:7f:7e:b1:20:7c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2aec3c8ab11fc058c9a8ef400ef1c3d144a7ba8
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6abbbd2bc472e5b0b015e60e447daebab3a89a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:48:30:8d:42:7f:53:ef:96:42:f6:9f:8a:
f6:3e:94:1a:38:ed:d7:9e:ca:64:c9:68:9c:57:77:
22:b1:bf:46:06:a8:85:72:c8:e4:0d:af:73:82:d4:
3f:32:d7:1b:bb:de:53:6d:04:ff:3e:0f:67:26:e7:
46:71:ab:b9:fa:79:8b:f1:bc:08:c7:e3:3a:c4:39:
a2:0e:9e:97:dd:60:65:fb:0d:e6:71:40:08:2c:cc:
11:36:b2:d4:ef:43:55:aa:70:5e:19:11:28:76:aa:
c1:03:0c:c3:43:3b:6d:f2:72:86:81:05:7a:41:68:
54:5b:4a:b6:d8:05:b8:14:4e:25:a9:66:61:b0:7e:
cf:fd:65:6d:27:b8:0b:ac:ed:47:36:13:03:b1:a6:
06:c0:88:67:92:ae:02:cb:ef:db:d2:51:07:d3:22:
ad:ad:96:62:68:57:89:26:86:a9:46:7c:e5:1f:f7:
d3:2a:ca:9d:48:c0:a9:b9:0b:b7:5d:2f:e6:40:51:
f0:d8:96:5c:4d:1a:ab:6b:75:49:22:c4:c0:91:57:
d1:0d:f9:f5:5e:00:aa:84:5d:07:ad:d7:31:b8:68:
00:a4:d4:3c:a4:78:bc:d0:60:95:4b:14:9a:79:f1:
e3:ed:e1:04:a7:2d:55:e6:d7:d3:94:15:2c:cd:29:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AB:BB:D2:BC:47:2E:5B:0B:01:5E:60:E4:47:DA:EB:AB:3A:89:A8
X509v3 Authority Key Identifier:
keyid:E2:AE:C3:C8:AB:11:FC:05:8C:9A:8E:F4:00:EF:1C:3D:14:4A:7B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q7DyKsR_AWMmo70AO8cPRRKe6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ba19e4-71cc-470e-bda5-9da4cc620533/1/1qu70rxHLlsLAV5g5Efa66s6iag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ba19e4-71cc-470e-bda5-9da4cc620533/1/4q7DyKsR_AWMmo70AO8cPRRKe6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.143.0/24
193.176.100.0/24
Signature Algorithm: sha256WithRSAEncryption
56:23:f6:15:74:82:63:12:e1:6c:c2:79:43:ef:96:52:ad:26:
29:b3:c8:46:ec:29:53:46:c5:e0:26:43:2a:31:9c:08:06:8f:
a2:27:db:fc:fd:a1:22:91:d2:17:eb:f5:77:9a:c6:85:89:6f:
73:ef:fd:28:43:a9:a8:fc:63:83:0d:d4:fc:fd:42:a8:09:51:
2e:05:bd:73:27:17:0b:10:dd:31:34:9d:b1:67:1a:ef:d0:21:
90:b8:d7:38:95:2b:f3:23:6e:f4:fe:4f:ff:58:74:46:4d:3c:
12:d1:12:de:cb:c0:f3:84:3d:09:1c:c0:1d:c7:c8:0c:16:9b:
b7:ba:6a:19:05:af:5c:d8:d7:c8:28:dd:0f:a4:7a:58:80:44:
42:86:e6:a8:8e:25:64:de:61:46:04:bd:3d:6c:58:e8:d7:66:
05:c0:1c:8d:bf:17:3e:22:dc:74:e6:c0:f4:0c:af:2a:f6:c8:
d0:4e:d1:ae:fa:98:2b:78:59:8f:53:1c:da:0d:e2:97:56:18:
b2:85:3f:3a:f2:f7:02:3d:8b:df:60:74:ba:52:c8:a1:e0:fe:
32:14:19:ea:f9:73:08:9d:a8:f8:44:83:fb:b6:a4:76:1e:1b:
b8:3d:9c:7d:a3:32:ac:a0:53:4a:91:f6:0d:55:87:89:71:bd:
ee:ba:a0:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijjTVXfmlEO+Lf36xIHxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWVjM2M4YWIxMWZjMDU4YzlhOGVmNDAwZWYxYzNkMTQ0
YTdiYTgwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFiYmJkMmJjNDcyZTViMGIwMTVlNjBlNDQ3ZGFlYmFiM2E4OWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ5IMI1Cf1PvlkL2n4r2PpQaOO3X
nspkyWicV3cisb9GBqiFcsjkDa9zgtQ/Mtcbu95TbQT/Pg9nJudGcau5+nmL8bwI
x+M6xDmiDp6X3WBl+w3mcUAILMwRNrLU70NVqnBeGREodqrBAwzDQztt8nKGgQV6
QWhUW0q22AW4FE4lqWZhsH7P/WVtJ7gLrO1HNhMDsaYGwIhnkq4Cy+/b0lEH0yKt
rZZiaFeJJoapRnzlH/fTKsqdSMCpuQu3XS/mQFHw2JZcTRqra3VJIsTAkVfRDfn1
XgCqhF0HrdcxuGgApNQ8pHi80GCVSxSaefHj7eEEpy1V5tfTlBUszSkwAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNaru9K8Ry5bCwFeYORH2uurOomoMB8GA1UdIwQY
MBaAFOKuw8irEfwFjJqO9ADvHD0USnuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHE3RHlLc1JfQVdNbW83MEFPOGNQUlJLZTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iYTE5ZTQtNzFjYy00NzBlLWJkYTUt
OWRhNGNjNjIwNTMzLzEvMXF1NzByeEhMbHNMQVY1ZzVFZmE2NnM2aWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iYTE5ZTQtNzFjYy00NzBlLWJkYTUtOWRhNGNjNjIwNTMz
LzEvNHE3RHlLc1JfQVdNbW83MEFPOGNQUlJLZTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXn2PAwQA
wbBkMA0GCSqGSIb3DQEBCwUAA4IBAQBWI/YVdIJjEuFswnlD75ZSrSYps8hG7ClT
RsXgJkMqMZwIBo+iJ9v8/aEikdIX6/V3msaFiW9z7/0oQ6mo/GODDdT8/UKoCVEu
Bb1zJxcLEN0xNJ2xZxrv0CGQuNc4lSvzI270/k//WHRGTTwS0RLey8DzhD0JHMAd
x8gMFpu3umoZBa9c2NfIKN0PpHpYgERChuaojiVk3mFGBL09bFjo12YFwByNvxc+
Itx05sD0DK8q9sjQTtGu+pgreFmPUxzaDeKXVhiyhT868vcCPYvfYHS6Usih4P4y
FBnq+XMInaj4RIP7tqR2Hhu4PZx9ozKsoFNKkfYNVYeJcb3uuqBI
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:57 2025 by rpki-client on console.sobornost.net