Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gkXzNSnNp6CpOluBtmJMJ2L_fzg.roa
File: gkXzNSnNp6CpOluBtmJMJ2L_fzg.roa (raw, json)
Hash identifier: NSu/3Usw/Ughy/xcJqlUzw/pYoNfNoFtyToU47uxN0Q=
Subject key identifier: 82:45:F3:35:29:CD:A7:A0:A9:3A:5B:81:B6:62:4C:27:62:FF:7F:38
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01946ECD76D43F3BB06BA81485A7A41B9728
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gkXzNSnNp6CpOluBtmJMJ2L_fzg.roa
Signing time: Thu 16 Jan 2025 11:09:06 +0000
ROA not before: Thu 16 Jan 2025 11:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:cd:76:d4:3f:3b:b0:6b:a8:14:85:a7:a4:1b:97:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 16 11:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8245f33529cda7a0a93a5b81b6624c2762ff7f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a1:82:a7:97:c1:7b:a8:31:fc:61:c2:0a:4a:
69:59:89:18:56:18:b9:14:43:f6:f8:0c:42:c1:c1:
2a:1f:79:66:a9:f2:a5:d2:14:ec:0b:58:df:56:d4:
e6:1b:c5:e2:48:6b:96:ae:45:21:e6:5b:78:81:d2:
9b:ab:17:9c:ca:80:3e:c1:17:6b:83:1f:be:fa:1c:
3b:64:49:e3:60:fd:80:84:4f:f4:c2:ac:2d:da:9a:
29:bf:1f:72:dc:d0:5e:fe:2a:97:a2:93:0f:10:ae:
b9:fb:73:21:2d:60:6c:c9:78:e0:1d:72:a5:e2:a7:
f1:b7:89:1f:e9:c1:a3:bd:ce:87:55:a7:0b:38:d5:
91:ba:ed:61:df:3b:72:fa:46:63:d0:05:60:97:e9:
f2:1f:b4:50:18:c6:a1:9c:90:be:14:c4:ca:87:3f:
26:3e:68:e4:42:45:a6:50:0f:aa:a0:41:8a:06:7c:
c8:d4:c3:c6:88:eb:ec:ea:10:6c:05:a5:1b:40:17:
5a:74:e2:ba:9b:d1:4f:c8:22:4e:34:92:4e:51:be:
72:09:e9:b3:7a:cb:90:b5:24:4c:7b:7a:85:95:fa:
be:80:dd:0a:21:cf:e2:7f:80:ed:60:92:77:93:b7:
3c:b0:9c:62:d6:5b:80:e0:6d:fa:b8:05:fc:07:4c:
f3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:45:F3:35:29:CD:A7:A0:A9:3A:5B:81:B6:62:4C:27:62:FF:7F:38
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gkXzNSnNp6CpOluBtmJMJ2L_fzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0/24
159.148.226.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:99:df:02:8e:13:40:fc:b1:56:4e:47:34:c2:3b:50:a0:1d:
84:0c:57:22:d2:94:54:72:c2:88:be:0e:3f:a9:42:19:18:35:
3f:71:ab:18:2b:ad:62:22:34:55:48:97:ae:10:71:c4:11:ca:
e6:8f:f0:a5:94:aa:d5:a6:df:16:54:24:b3:cb:9f:dd:21:04:
05:7e:f9:93:6b:e1:38:17:af:b5:60:0e:9e:77:e1:e6:98:3a:
c9:5e:7b:6a:1a:57:2a:3e:0b:d7:7b:1d:92:8a:01:d0:a8:51:
a9:16:e3:c2:6c:1c:b8:57:31:67:8e:cb:a3:38:1c:9a:fd:8a:
ad:5c:bf:3a:0f:86:5c:c0:2a:60:22:8b:80:22:e7:f5:b9:87:
0d:07:9c:7c:06:8a:06:95:69:ff:e2:9c:b3:9a:47:69:a1:4e:
33:32:14:9c:e8:d0:87:89:04:06:d4:d6:84:01:04:a5:a0:b7:
79:00:10:b5:35:0d:06:fc:0e:a7:8f:22:50:c0:8c:a1:2b:03:
58:a8:f0:a6:a3:a7:11:48:6b:94:61:bb:3e:5b:5d:4c:8d:8f:
a3:c4:4e:5d:0f:05:81:b9:5d:84:4c:f7:10:86:40:16:ca:0f:
65:fc:e7:3c:8e:ab:cd:2b:54:5b:cf:04:9f:f5:f5:25:4d:c5:
64:91:b2:51
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRuzXbUPzuwa6gUhaekG5coMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTE2MTEwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ1ZjMzNTI5Y2RhN2EwYTkzYTViODFiNjYyNGMyNzYyZmY3ZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qGCp5fBe6gx/GHCCkppWYkYVhi5
FEP2+AxCwcEqH3lmqfKl0hTsC1jfVtTmG8XiSGuWrkUh5lt4gdKbqxecyoA+wRdr
gx+++hw7ZEnjYP2AhE/0wqwt2popvx9y3NBe/iqXopMPEK65+3MhLWBsyXjgHXKl
4qfxt4kf6cGjvc6HVacLONWRuu1h3zty+kZj0AVgl+nyH7RQGMahnJC+FMTKhz8m
PmjkQkWmUA+qoEGKBnzI1MPGiOvs6hBsBaUbQBdadOK6m9FPyCJONJJOUb5yCemz
esuQtSRMe3qFlfq+gN0KIc/if4DtYJJ3k7c8sJxi1luA4G36uAX8B0zzLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIJF8zUpzaegqTpbgbZiTCdi/384MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZ2tYek5Tbk5wNkNwT2x1QnRtSk1KMkxfZnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4AwQAn5TgAwQAn5TiMA0GCSqGSIb3DQEBCwUAA4IBAQC4
md8CjhNA/LFWTkc0wjtQoB2EDFci0pRUcsKIvg4/qUIZGDU/casYK61iIjRVSJeu
EHHEEcrmj/CllKrVpt8WVCSzy5/dIQQFfvmTa+E4F6+1YA6ed+HmmDrJXntqGlcq
PgvXex2SigHQqFGpFuPCbBy4VzFnjsujOBya/YqtXL86D4ZcwCpgIouAIuf1uYcN
B5x8BooGlWn/4pyzmkdpoU4zMhSc6NCHiQQG1NaEAQSloLd5ABC1NQ0G/A6njyJQ
wIyhKwNYqPCmo6cRSGuUYbs+W11MjY+jxE5dDwWBuV2ETPcQhkAWyg9l/Oc8jqvN
K1RbzwSf9fUlTcVkkbJR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:57 2025 by rpki-client