Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/qmO8Fiuuh9KuRm81yMzephu_U-o.roa
File: qmO8Fiuuh9KuRm81yMzephu_U-o.roa (raw, json)
Hash identifier: JTX7Cj1zPyi8sR8Cn5QR+pzD+tvVds3MwvVGO5fjdhw=
Subject key identifier: AA:63:BC:16:2B:AE:87:D2:AE:46:6F:35:C8:CC:DE:A6:1B:BF:53:EA
Certificate issuer: /CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Certificate serial: 0194221FF8CE8C0E2B2886ACBA4EC0A3D329
Authority key identifier: 89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/qmO8Fiuuh9KuRm81yMzephu_U-o.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210711
IP address blocks: 94.154.121.0/24 maxlen: 24
2a11:48c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f8:ce:8c:0e:2b:28:86:ac:ba:4e:c0:a3:d3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa63bc162bae87d2ae466f35c8ccdea61bbf53ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:88:e5:72:87:bc:f5:42:25:c4:00:a6:ab:37:
7c:65:fa:ff:2e:2d:aa:d4:d7:dd:a6:69:30:47:61:
57:a8:35:d9:0a:0f:ca:59:ec:0d:e6:52:b0:34:2f:
2e:4d:03:b0:9f:d8:02:61:ce:60:bd:27:bb:93:82:
47:47:00:7a:83:4e:5d:e4:05:a8:76:f8:4a:c0:58:
12:08:5f:59:59:f5:fb:87:be:af:cc:f1:30:10:cc:
bf:32:dc:63:42:58:70:b1:4a:e1:a1:9e:fa:14:db:
a5:da:35:d8:48:2b:1f:f8:44:0e:0f:e7:f6:14:0c:
a7:55:9f:55:e9:85:67:84:86:ea:2e:bf:46:ab:05:
6f:b7:59:d0:a8:49:8d:d8:0c:a3:2a:2e:50:a6:52:
d0:1c:f4:3b:e2:67:4f:93:c6:5c:1a:ed:96:87:59:
c7:4e:cf:2c:5d:34:72:5c:a8:df:83:b5:4e:dc:ea:
0f:64:35:56:92:8b:27:7c:93:9c:62:55:90:3e:1f:
7c:1a:6a:3b:b2:49:35:80:12:40:e7:0d:f0:18:5d:
30:67:75:4f:15:5f:bb:26:eb:31:a9:46:8a:71:95:
93:09:56:90:55:ff:9a:91:a2:e4:dc:c5:d2:f1:e1:
45:3c:2c:62:9a:30:14:16:5f:3c:d6:7a:e5:40:e1:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:63:BC:16:2B:AE:87:D2:AE:46:6F:35:C8:CC:DE:A6:1B:BF:53:EA
X509v3 Authority Key Identifier:
keyid:89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/qmO8Fiuuh9KuRm81yMzephu_U-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.121.0/24
IPv6:
2a11:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:4f:44:04:92:c8:a2:37:bb:59:dd:0a:a4:e0:62:d1:26:2c:
59:bf:a9:7a:58:f8:51:e9:19:86:45:b9:9d:0f:11:04:b6:44:
7e:a0:2e:9c:a4:1e:b6:97:c0:c0:aa:39:ea:c3:96:19:ce:62:
b3:ef:f9:b9:86:ed:99:26:e5:21:5c:e8:4e:05:40:1c:5b:ed:
62:70:fd:0d:66:68:be:34:06:a0:91:d7:7f:b3:58:fc:64:04:
49:3d:ce:11:ec:47:61:25:3c:8b:ba:4c:32:e6:65:02:2d:dc:
ab:28:fa:b3:e9:13:38:31:b7:a0:0a:a9:4b:07:8b:72:63:ac:
7a:bb:45:7b:7a:2d:08:ed:cc:8c:54:f8:3a:0d:96:19:9f:5f:
cc:0d:99:10:5d:67:98:3d:5d:ed:e5:44:2f:dc:32:67:63:32:
e6:fb:67:12:57:04:0b:1c:e6:41:a0:ef:3b:e2:54:6d:cb:54:
22:39:da:26:10:b4:c3:48:b8:71:1e:af:ca:bf:97:fe:36:3e:
64:19:41:c5:03:2b:36:0c:de:81:47:8a:65:25:7b:a5:d6:4d:
af:18:dc:97:8a:f7:30:2f:6c:4a:e3:c8:7b:2b:66:66:4d:b9:
96:3f:28:5f:9e:b7:47:0e:fd:2b:c8:23:c3:67:74:b5:f7:14:
b0:b0:2e:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH/jOjA4rKIasuk7Ao9MpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWUyMjBiNDc2OGRhNmUyNzZlNmE2MmVkZDY3NDZkOGZj
M2MxZmIwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYzYmMxNjJiYWU4N2QyYWU0NjZmMzVjOGNjZGVhNjFiYmY1M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4jlcoe89UIlxACmqzd8Zfr/Li2q
1NfdpmkwR2FXqDXZCg/KWewN5lKwNC8uTQOwn9gCYc5gvSe7k4JHRwB6g05d5AWo
dvhKwFgSCF9ZWfX7h76vzPEwEMy/MtxjQlhwsUrhoZ76FNul2jXYSCsf+EQOD+f2
FAynVZ9V6YVnhIbqLr9GqwVvt1nQqEmN2AyjKi5QplLQHPQ74mdPk8ZcGu2Wh1nH
Ts8sXTRyXKjfg7VO3OoPZDVWkosnfJOcYlWQPh98Gmo7skk1gBJA5w3wGF0wZ3VP
FV+7JusxqUaKcZWTCVaQVf+akaLk3MXS8eFFPCximjAUFl881nrlQOHNZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKpjvBYrrofSrkZvNcjM3qYbv1PqMB8GA1UdIwQY
MBaAFImuIgtHaNpuJ25qYu3WdG2Pw8H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzct
NzQxZmE0ZTEwZTM2LzEvcW1POEZpdXVoOUt1Um04MXlNemVwaHVfVS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzctNzQxZmE0ZTEwZTM2
LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpp5MA0E
AgACMAcDBQMqEUjAMA0GCSqGSIb3DQEBCwUAA4IBAQB9T0QEksiiN7tZ3Qqk4GLR
JixZv6l6WPhR6RmGRbmdDxEEtkR+oC6cpB62l8DAqjnqw5YZzmKz7/m5hu2ZJuUh
XOhOBUAcW+1icP0NZmi+NAagkdd/s1j8ZARJPc4R7EdhJTyLukwy5mUCLdyrKPqz
6RM4MbegCqlLB4tyY6x6u0V7ei0I7cyMVPg6DZYZn1/MDZkQXWeYPV3t5UQv3DJn
YzLm+2cSVwQLHOZBoO874lRty1QiOdomELTDSLhxHq/Kv5f+Nj5kGUHFAys2DN6B
R4plJXul1k2vGNyXivcwL2xK48h7K2ZmTbmWPyhfnrdHDv0ryCPDZ3S19xSwsC7S
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:01 2025 by rpki-client on console.sobornost.net