Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/AHYUxlODE-TUaC5YkvqrJJtGbOY.roa
File: AHYUxlODE-TUaC5YkvqrJJtGbOY.roa (raw, json)
Hash identifier: Kw+1xVm8tW7Z12UNe/m2WHOfo0us50denvPvF/sk57M=
Subject key identifier: 00:76:14:C6:53:83:13:E4:D4:68:2E:58:92:FA:AB:24:9B:46:6C:E6
Certificate issuer: /CN=fd1523694bd5fb92d768435db3bb68ed843e5d53
Certificate serial: 01826F974E7A1FF43E2FFDE1B24640B12D73
Authority key identifier: FD:15:23:69:4B:D5:FB:92:D7:68:43:5D:B3:BB:68:ED:84:3E:5D:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RUjaUvV-5LXaENds7to7YQ-XVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/AHYUxlODE-TUaC5YkvqrJJtGbOY.roa
Signing time: Fri 05 Aug 2022 19:59:23 +0000
ROA not before: Fri 05 Aug 2022 19:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48070
IP address blocks: 94.126.232.0/23 maxlen: 23
94.126.232.0/24 maxlen: 24
94.126.233.0/24 maxlen: 24
94.126.236.0/24 maxlen: 24
94.126.235.0/24 maxlen: 24
94.126.238.0/24 maxlen: 24
94.126.237.0/24 maxlen: 24
94.126.239.0/24 maxlen: 24
94.126.234.0/24 maxlen: 24
2a11:5700::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6f:97:4e:7a:1f:f4:3e:2f:fd:e1:b2:46:40:b1:2d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1523694bd5fb92d768435db3bb68ed843e5d53
Validity
Not Before: Aug 5 19:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=007614c6538313e4d4682e5892faab249b466ce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e9:22:96:9e:f9:b1:f5:6a:f9:3b:90:3e:b6:
eb:63:31:fa:f4:e0:68:70:2b:9e:45:a5:48:95:b5:
ca:56:1e:fe:1e:21:32:03:5e:53:6f:dd:da:8e:a2:
7e:87:e6:47:cf:61:ab:96:95:ef:e8:d3:bc:dc:cf:
43:9b:bf:e1:45:2b:1e:a1:7c:f2:f8:c6:ba:e8:5b:
bd:34:b6:63:88:a3:80:65:fa:26:be:d9:10:39:3e:
a8:e5:8e:9a:37:37:55:fe:1c:82:a3:02:af:c4:c9:
16:7b:2b:13:72:30:b8:d5:b7:58:e8:f1:4f:0f:28:
c4:bd:02:71:02:4a:06:40:13:3a:b9:a0:af:53:79:
94:34:02:72:ed:17:25:05:8d:69:1d:f4:fc:b4:0f:
da:57:20:6e:2d:84:46:c9:08:b4:d7:94:bf:16:18:
41:56:54:ff:2a:4b:e2:a6:d4:68:f7:a8:4f:69:02:
40:bb:ed:a5:84:56:0c:8a:07:47:f9:69:9d:2f:d8:
27:49:fe:27:bc:4c:b4:d7:0c:70:79:c8:2f:e5:1a:
e2:75:15:30:74:b6:b8:11:4b:2f:b6:c5:fb:25:b5:
89:54:ce:7e:9c:fa:19:d8:0f:aa:76:a1:ae:ab:75:
13:1b:1b:82:c4:96:40:d1:49:34:98:9b:d3:24:3c:
95:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:76:14:C6:53:83:13:E4:D4:68:2E:58:92:FA:AB:24:9B:46:6C:E6
X509v3 Authority Key Identifier:
keyid:FD:15:23:69:4B:D5:FB:92:D7:68:43:5D:B3:BB:68:ED:84:3E:5D:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RUjaUvV-5LXaENds7to7YQ-XVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/AHYUxlODE-TUaC5YkvqrJJtGbOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/02a616-e614-45a0-9c90-8ad87e0dd596/1/_RUjaUvV-5LXaENds7to7YQ-XVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.232.0/21
IPv6:
2a11:5700::/32
Signature Algorithm: sha256WithRSAEncryption
2e:11:52:3c:7b:29:63:42:00:a0:60:d3:43:ee:49:13:c6:93:
cf:f3:a7:51:b0:df:a7:5a:46:38:4d:b8:74:61:8c:d6:ef:16:
8d:22:fe:f6:fb:ac:e7:b3:2e:c0:fb:95:0d:aa:6f:4e:74:90:
ab:4e:56:b0:48:e3:29:7c:b8:07:f2:3a:be:ae:12:b5:dd:bb:
fd:58:f7:e7:aa:0a:ee:df:54:b3:3f:7f:14:c1:c7:b1:6a:0c:
00:76:8e:85:bf:64:f1:35:29:0b:0b:41:c2:ea:ef:de:c7:cd:
ca:1a:6d:bb:84:49:e0:65:c2:65:d4:b0:2b:bf:28:79:4d:8a:
2e:bf:5c:85:6a:5f:53:44:8e:73:75:a6:48:e1:b1:17:ca:18:
5e:b8:79:9d:1f:fc:ca:cb:9f:a6:05:b1:cc:a4:ad:51:81:cb:
bf:b9:e0:5b:b2:24:ea:e7:9b:b5:0d:a7:64:39:8d:d3:97:40:
e8:4d:5f:72:d6:68:ee:a9:1c:f7:55:74:72:9c:5d:37:72:3c:
11:90:0b:71:24:c1:61:f5:32:79:65:95:ff:85:e0:c0:fc:21:
0a:53:3c:c3:0a:ec:70:03:60:a6:5d:bb:ca:15:19:ae:09:f5:
d6:d9:ff:d9:94:a1:40:d4:40:22:ce:fa:f9:94:e2:90:1f:17:
25:64:b7:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJvl056H/Q+L/3hskZAsS1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTUyMzY5NGJkNWZiOTJkNzY4NDM1ZGIzYmI2OGVkODQz
ZTVkNTMwHhcNMjIwODA1MTk1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc2MTRjNjUzODMxM2U0ZDQ2ODJlNTg5MmZhYWIyNDliNDY2Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgekilp75sfVq+TuQPrbrYzH69OBo
cCueRaVIlbXKVh7+HiEyA15Tb93ajqJ+h+ZHz2GrlpXv6NO83M9Dm7/hRSseoXzy
+Ma66Fu9NLZjiKOAZfomvtkQOT6o5Y6aNzdV/hyCowKvxMkWeysTcjC41bdY6PFP
DyjEvQJxAkoGQBM6uaCvU3mUNAJy7RclBY1pHfT8tA/aVyBuLYRGyQi015S/FhhB
VlT/KkviptRo96hPaQJAu+2lhFYMigdH+WmdL9gnSf4nvEy01wxwecgv5RridRUw
dLa4EUsvtsX7JbWJVM5+nPoZ2A+qdqGuq3UTGxuCxJZA0Uk0mJvTJDyV/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAB2FMZTgxPk1GguWJL6qySbRmzmMB8GA1UdIwQY
MBaAFP0VI2lL1fuS12hDXbO7aO2EPl1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JVamFVdlYtNUxYYUVOZHM3dG83WVEtWFZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wMmE2MTYtZTYxNC00NWEwLTljOTAt
OGFkODdlMGRkNTk2LzEvQUhZVXhsT0RFLVRVYUM1WWt2cXJKSnRHYk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wMmE2MTYtZTYxNC00NWEwLTljOTAtOGFkODdlMGRkNTk2
LzEvX1JVamFVdlYtNUxYYUVOZHM3dG83WVEtWFZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXn7oMA0E
AgACMAcDBQAqEVcAMA0GCSqGSIb3DQEBCwUAA4IBAQAuEVI8eyljQgCgYNND7kkT
xpPP86dRsN+nWkY4Tbh0YYzW7xaNIv72+6znsy7A+5UNqm9OdJCrTlawSOMpfLgH
8jq+rhK13bv9WPfnqgru31SzP38UwcexagwAdo6Fv2TxNSkLC0HC6u/ex83KGm27
hEngZcJl1LArvyh5TYouv1yFal9TRI5zdaZI4bEXyhheuHmdH/zKy5+mBbHMpK1R
gcu/ueBbsiTq55u1DadkOY3Tl0DoTV9y1mjuqRz3VXRynF03cjwRkAtxJMFh9TJ5
ZZX/heDA/CEKUzzDCuxwA2CmXbvKFRmuCfXW2f/ZlKFA1EAizvr5lOKQHxclZLfi
-----END CERTIFICATE-----
Generated at Mon May 12 22:12:04 2025 by rpki-client