Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gT9hQP-UdDCt57mihFVpqqXrFtI.roa
File: gT9hQP-UdDCt57mihFVpqqXrFtI.roa (raw, json)
Hash identifier: kNibPxS2eQrpumYUBGMAqANuhPpfcCuUaU7rkaUGWGs=
Subject key identifier: 81:3F:61:40:FF:94:74:30:AD:E7:B9:A2:84:55:69:AA:A5:EB:16:D2
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D8379D2856A8A2126BCAE970634B4AD3B
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gT9hQP-UdDCt57mihFVpqqXrFtI.roa
Signing time: Wed 07 Feb 2024 12:10:15 +0000
ROA not before: Wed 07 Feb 2024 12:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197737
IP address blocks: 185.21.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:79:d2:85:6a:8a:21:26:bc:ae:97:06:34:b4:ad:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 7 12:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=813f6140ff947430ade7b9a2845569aaa5eb16d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b5:34:9f:4b:b2:f6:26:78:22:1a:d4:79:5d:
0a:51:3c:60:af:f2:cc:aa:4a:36:b7:63:c3:c3:36:
ac:52:e8:43:57:c6:b1:13:f8:ff:ae:0a:b9:39:42:
89:ea:50:a6:a8:56:ae:02:30:e2:c5:d9:39:db:b0:
2a:17:36:bc:ad:dc:9f:d7:e0:05:4a:d2:7b:af:7f:
ed:a4:ca:f5:ff:d5:db:54:1b:29:8c:eb:83:f6:69:
5b:33:33:10:a0:ef:c7:1c:ff:1b:a2:5a:42:5a:01:
1f:53:c3:0f:d6:cd:60:aa:f7:72:75:66:b7:e6:da:
b8:d6:27:bd:04:1a:85:7f:0a:69:dc:ec:34:84:59:
29:c6:ba:8a:60:76:b9:d1:45:1f:92:c7:92:20:99:
2b:43:58:23:a5:63:67:9c:a5:93:08:45:27:dd:07:
b4:40:b0:84:56:88:fc:20:7c:e8:d6:81:26:ee:0f:
95:76:96:75:96:02:40:4e:14:5c:b3:41:57:54:d9:
da:a1:02:76:7e:54:38:61:d3:2c:5d:f7:07:da:20:
22:9e:f0:2f:01:10:0e:f9:ea:e7:97:04:b8:99:89:
bd:7f:0e:e3:5d:58:a5:d6:fb:9c:7f:67:f4:6e:24:
97:6f:eb:2a:ee:62:c5:29:9a:ab:27:d0:37:49:2a:
9b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:3F:61:40:FF:94:74:30:AD:E7:B9:A2:84:55:69:AA:A5:EB:16:D2
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gT9hQP-UdDCt57mihFVpqqXrFtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:8f:af:e1:9f:38:a5:6c:68:0c:73:8b:b2:c1:8c:ca:42:ca:
3a:ec:cc:00:86:cc:59:a3:e7:26:6f:7b:ac:13:2f:47:31:a9:
0d:ef:3c:ab:17:1f:c5:75:26:fe:4c:6c:1a:60:6c:b6:b6:19:
c6:05:09:88:47:7b:bf:ef:46:d9:64:ae:08:54:e6:1c:2d:f6:
5c:42:73:7c:9b:2b:d8:6e:49:70:8a:13:98:db:5f:59:7d:b9:
8b:b6:7a:97:b6:c2:3c:25:60:86:b6:94:38:69:b3:61:05:d6:
00:4d:ba:73:93:4c:5f:25:94:72:52:1b:67:3d:9b:d8:fa:af:
a5:9b:b4:55:9a:8f:c1:d3:cd:ce:a0:e4:ef:d6:0a:da:f1:cc:
15:b3:b6:fa:dd:2d:1e:e4:d1:30:73:78:94:e9:79:b6:93:97:
f3:05:7e:33:70:a1:56:4a:3a:80:e1:75:10:1d:ec:9d:3f:69:
a3:6c:b5:66:87:d2:27:a4:5d:05:a4:72:52:7e:9e:3b:cd:6c:
d2:78:8b:da:2d:26:b6:8f:04:16:19:a6:e5:94:eb:74:cc:14:
56:2c:11:e5:ab:cd:d8:22:c5:43:e9:b2:83:35:61:02:b5:56:
f7:52:fb:27:2b:23:27:0c:67:10:3b:68:d3:17:2a:fc:de:f2:
d3:4a:d0:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2DedKFaoohJryulwY0tK07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjA3MTIxMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTNmNjE0MGZmOTQ3NDMwYWRlN2I5YTI4NDU1NjlhYWE1ZWIxNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LU0n0uy9iZ4IhrUeV0KUTxgr/LM
qko2t2PDwzasUuhDV8axE/j/rgq5OUKJ6lCmqFauAjDixdk527AqFza8rdyf1+AF
StJ7r3/tpMr1/9XbVBspjOuD9mlbMzMQoO/HHP8bolpCWgEfU8MP1s1gqvdydWa3
5tq41ie9BBqFfwpp3Ow0hFkpxrqKYHa50UUfkseSIJkrQ1gjpWNnnKWTCEUn3Qe0
QLCEVoj8IHzo1oEm7g+VdpZ1lgJAThRcs0FXVNnaoQJ2flQ4YdMsXfcH2iAinvAv
ARAO+ernlwS4mYm9fw7jXVil1vucf2f0biSXb+sq7mLFKZqrJ9A3SSqbqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIE/YUD/lHQwree5ooRVaaql6xbSMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZ1Q5aFFQLVVkREN0NTdtaWhGVnBxcVhyRnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX+MA0G
CSqGSIb3DQEBCwUAA4IBAQDCj6/hnzilbGgMc4uywYzKQso67MwAhsxZo+cmb3us
Ey9HMakN7zyrFx/FdSb+TGwaYGy2thnGBQmIR3u/70bZZK4IVOYcLfZcQnN8myvY
bklwihOY219ZfbmLtnqXtsI8JWCGtpQ4abNhBdYATbpzk0xfJZRyUhtnPZvY+q+l
m7RVmo/B083OoOTv1gra8cwVs7b63S0e5NEwc3iU6Xm2k5fzBX4zcKFWSjqA4XUQ
HeydP2mjbLVmh9InpF0FpHJSfp47zWzSeIvaLSa2jwQWGabllOt0zBRWLBHlq83Y
IsVD6bKDNWECtVb3UvsnKyMnDGcQO2jTFyr83vLTStC/
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:54 2025 by rpki-client