Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RBF-lTOuXJgSnV5YbECMARITRdc.roa
File: RBF-lTOuXJgSnV5YbECMARITRdc.roa (raw, json)
Hash identifier: p8ovf6K8AV+k/qRZsKHkNEPpIbtOxYOToKAR+qQOXhc=
Subject key identifier: 44:11:7E:95:33:AE:5C:98:12:9D:5E:58:6C:40:8C:01:12:13:45:D7
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018A412DF2370F1DC9F7B95B75198FA0C873
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RBF-lTOuXJgSnV5YbECMARITRdc.roa
Signing time: Tue 29 Aug 2023 12:04:04 +0000
ROA not before: Tue 29 Aug 2023 12:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21700
IP address blocks: 159.148.114.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:2d:f2:37:0f:1d:c9:f7:b9:5b:75:19:8f:a0:c8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 29 12:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44117e9533ae5c98129d5e586c408c01121345d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:3c:a9:56:ff:f6:7f:83:66:b0:a3:f1:db:
43:27:09:70:24:0f:00:f4:21:3b:9e:a6:86:de:b2:
51:cc:0f:93:69:82:8e:c9:c3:67:1e:a6:80:1a:71:
25:0e:a7:9b:fe:9b:7f:c1:6f:bf:11:b5:45:cc:54:
1e:4a:85:f3:8d:ae:e7:bb:45:4f:63:33:70:72:fa:
a6:36:da:fb:16:95:11:0d:a5:49:d3:7d:be:31:ab:
99:4f:18:01:69:ef:df:5d:3e:85:d4:e4:15:90:d2:
88:eb:a5:d2:5b:c6:92:71:16:cf:8b:92:f9:5c:e8:
5d:91:02:3d:7f:17:f8:90:2e:01:d5:3a:1f:85:67:
d7:b7:2e:0b:35:c2:5b:a3:1a:10:a1:97:ed:d8:3f:
8a:9a:e8:35:88:27:75:4c:ee:c4:9b:6d:dd:0a:23:
6b:48:df:02:1f:fc:3e:d5:1a:c4:f0:5b:f5:fe:69:
12:4c:d1:16:bb:e6:d1:26:2e:cd:bf:af:cb:ed:19:
de:5d:9a:11:02:66:46:50:84:52:f0:23:db:88:9f:
4c:65:8b:0f:b9:b0:35:e1:b1:ec:55:15:77:c4:db:
79:01:a4:af:28:1a:be:ca:52:f3:c3:4f:ea:09:6c:
1e:74:4d:d9:78:1b:30:32:ef:31:12:02:3d:8a:e6:
b8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:11:7E:95:33:AE:5C:98:12:9D:5E:58:6C:40:8C:01:12:13:45:D7
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/RBF-lTOuXJgSnV5YbECMARITRdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.114.0/24
159.148.125.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:0a:ef:e3:41:3e:15:34:24:86:fd:ea:37:38:fa:da:d3:e9:
fe:aa:f4:20:3c:6f:01:d6:6f:e7:8f:5f:43:46:f4:35:bc:4d:
7a:2a:b8:9c:a2:ac:30:49:fe:92:d1:9d:13:9e:e5:05:bd:17:
e1:7c:59:90:d9:53:a8:3c:a6:dc:1b:df:2f:d9:94:5f:2a:68:
5b:29:04:64:1c:d6:1a:d1:ad:e5:d1:c5:b1:3f:00:27:db:5c:
ad:d5:b3:25:a4:d4:2e:71:31:be:48:a8:d3:c5:e3:e8:80:c8:
fc:41:e8:e6:63:69:03:30:76:75:8b:b2:3c:fb:54:07:f5:34:
f4:59:5e:3b:7d:a2:32:06:55:45:5c:6e:91:b5:5a:7d:35:35:
f3:71:a1:cd:8f:b4:b0:a7:28:e7:cf:47:92:07:2f:60:10:26:
ea:3a:ff:fb:30:92:7d:d2:2c:30:10:bc:1c:b6:99:c1:a2:2b:
a3:03:99:32:bd:01:10:b8:88:a4:e4:32:a7:f0:cc:79:ae:5e:
ef:f6:12:41:de:eb:7b:d0:41:b9:aa:68:cb:e2:03:c1:6b:43:
68:d3:9a:b0:9c:b9:1f:76:a5:01:3c:d3:62:ad:98:27:9e:05:
e4:43:9b:3b:78:9c:d8:33:b7:83:1f:15:4e:d0:24:f0:80:d9:
2a:5e:75:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpBLfI3Dx3J97lbdRmPoMhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwODI5MTIwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDExN2U5NTMzYWU1Yzk4MTI5ZDVlNTg2YzQwOGMwMTEyMTM0NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtY8qVb/9n+DZrCj8dtDJwlwJA8A
9CE7nqaG3rJRzA+TaYKOycNnHqaAGnElDqeb/pt/wW+/EbVFzFQeSoXzja7nu0VP
YzNwcvqmNtr7FpURDaVJ032+MauZTxgBae/fXT6F1OQVkNKI66XSW8aScRbPi5L5
XOhdkQI9fxf4kC4B1TofhWfXty4LNcJboxoQoZft2D+Kmug1iCd1TO7Em23dCiNr
SN8CH/w+1RrE8Fv1/mkSTNEWu+bRJi7Nv6/L7RneXZoRAmZGUIRS8CPbiJ9MZYsP
ubA14bHsVRV3xNt5AaSvKBq+ylLzw0/qCWwedE3ZeBswMu8xEgI9iua4fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEQRfpUzrlyYEp1eWGxAjAESE0XXMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUkJGLWxUT3VYSmdTblY1WWJFQ01BUklUUmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAn5RyAwQA
n5R9MA0GCSqGSIb3DQEBCwUAA4IBAQBLCu/jQT4VNCSG/eo3OPra0+n+qvQgPG8B
1m/nj19DRvQ1vE16KricoqwwSf6S0Z0TnuUFvRfhfFmQ2VOoPKbcG98v2ZRfKmhb
KQRkHNYa0a3l0cWxPwAn21yt1bMlpNQucTG+SKjTxePogMj8QejmY2kDMHZ1i7I8
+1QH9TT0WV47faIyBlVFXG6RtVp9NTXzcaHNj7Swpyjnz0eSBy9gECbqOv/7MJJ9
0iwwELwctpnBoiujA5kyvQEQuIik5DKn8Mx5rl7v9hJB3ut70EG5qmjL4gPBa0No
05qwnLkfdqUBPNNirZgnngXkQ5s7eJzYM7eDHxVO0CTwgNkqXnVe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:23 2025 by rpki-client