Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gTlhqmmjOj4Iu6ZKYxXejMJsit0.roa
File: gTlhqmmjOj4Iu6ZKYxXejMJsit0.roa (raw, json)
Hash identifier: rbaWdndXTNDShagPAoZJSNAYgSoXpNtKPl32RT2oE8Y=
Subject key identifier: 81:39:61:AA:69:A3:3A:3E:08:BB:A6:4A:63:15:DE:8C:C2:6C:8A:DD
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE35229AFA5604D32D7B0861F6295E
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gTlhqmmjOj4Iu6ZKYxXejMJsit0.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:35:22:9a:fa:56:04:d3:2d:7b:08:61:f6:29:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=813961aa69a33a3e08bba64a6315de8cc26c8add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5d:98:b6:88:09:97:fa:4d:4a:c6:43:30:b4:
fe:42:c0:91:30:35:d5:92:30:fd:43:76:0c:6c:e6:
3d:04:ce:08:b9:54:91:41:af:3f:0e:d0:ff:49:ae:
61:5c:16:2c:e4:c2:d1:c2:e4:63:91:76:ad:4d:2a:
2f:02:5a:3f:09:7b:32:0f:87:5f:36:fa:2e:73:5b:
72:0f:38:3e:d5:ef:a5:cc:d3:b7:48:e8:18:b6:35:
82:17:61:b8:30:e9:b2:a4:2c:7f:59:32:fe:2c:d4:
1d:8c:79:b0:47:69:66:ff:0b:f9:99:44:b0:63:63:
62:0f:0d:47:b3:22:99:41:96:b7:77:3b:8e:cd:b6:
58:36:ee:f0:ea:13:47:7b:94:6e:8e:ba:e5:5d:d4:
c9:f5:bb:34:a6:cc:78:13:1f:34:a5:54:58:a1:66:
43:31:97:25:cb:bf:18:f3:00:36:7f:08:7b:1f:1a:
b5:77:bb:06:f9:fb:f1:f7:1e:a8:36:d4:9a:f3:5f:
d5:00:87:ae:09:41:ec:ca:9a:08:e3:2c:18:e9:ec:
bb:3a:8f:5a:fd:ee:c0:8f:2d:72:60:6d:47:65:cd:
00:71:36:84:57:c7:7b:88:64:ef:2b:9c:70:e0:c6:
24:06:84:17:3e:49:b7:12:1f:9f:3b:39:e5:04:7a:
22:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:39:61:AA:69:A3:3A:3E:08:BB:A6:4A:63:15:DE:8C:C2:6C:8A:DD
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gTlhqmmjOj4Iu6ZKYxXejMJsit0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
53:8c:61:09:f9:b7:2b:e2:cd:d7:9c:4f:13:95:95:4c:09:c2:
8e:3a:06:73:67:d2:ab:86:90:53:58:67:8a:cb:b9:49:30:27:
ba:39:6e:ee:80:26:c3:a7:78:8f:71:ab:14:28:97:05:4b:d9:
f0:1e:ce:76:1e:f6:1e:7a:cf:a5:a1:31:8d:b6:ff:e2:11:0f:
0f:d6:40:d3:00:dd:c0:86:ad:6a:8c:81:96:3f:f1:fc:a8:c8:
53:a3:67:af:c2:4e:d2:ad:b9:dd:a2:35:c2:d5:d1:21:c8:b9:
54:59:42:ce:ef:11:c6:93:13:2e:a7:1d:59:45:9d:cb:bf:84:
b2:dc:a3:58:1c:05:87:65:ba:99:3e:1e:38:91:1f:a3:50:ec:
6b:7b:6c:39:85:c0:0e:10:88:85:06:2d:83:db:39:ec:0d:75:
f7:62:a5:f9:3c:04:5e:1f:d3:80:e6:bc:52:2f:c6:59:f0:f5:
b2:21:15:a0:22:56:00:e6:98:dc:5c:92:8b:9e:20:ac:62:0e:
cb:98:c5:18:94:9b:7f:6a:cb:b3:90:5f:d5:db:28:7f:0a:7f:
a0:a7:68:80:df:0e:3b:8c:96:79:c5:70:20:8e:d6:45:02:02:
92:84:92:34:25:ec:dc:86:81:27:44:8d:11:d0:92:e9:b1:0e:
b6:cb:17:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jUimvpWBNMtewhh9ileMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTM5NjFhYTY5YTMzYTNlMDhiYmE2NGE2MzE1ZGU4Y2MyNmM4YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol2YtogJl/pNSsZDMLT+QsCRMDXV
kjD9Q3YMbOY9BM4IuVSRQa8/DtD/Sa5hXBYs5MLRwuRjkXatTSovAlo/CXsyD4df
Nvouc1tyDzg+1e+lzNO3SOgYtjWCF2G4MOmypCx/WTL+LNQdjHmwR2lm/wv5mUSw
Y2NiDw1HsyKZQZa3dzuOzbZYNu7w6hNHe5RujrrlXdTJ9bs0psx4Ex80pVRYoWZD
MZcly78Y8wA2fwh7Hxq1d7sG+fvx9x6oNtSa81/VAIeuCUHsypoI4ywY6ey7Oo9a
/e7Ajy1yYG1HZc0AcTaEV8d7iGTvK5xw4MYkBoQXPkm3Eh+fOznlBHoiLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIE5Yappozo+CLumSmMV3ozCbIrdMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZ1RsaHFtbWpPajRJdTZaS1l4WGVqTUpzaXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQBTjGEJ+bcr4s3XnE8TlZVMCcKOOgZzZ9KrhpBTWGeK
y7lJMCe6OW7ugCbDp3iPcasUKJcFS9nwHs52HvYees+loTGNtv/iEQ8P1kDTAN3A
hq1qjIGWP/H8qMhTo2evwk7SrbndojXC1dEhyLlUWULO7xHGkxMupx1ZRZ3Lv4Sy
3KNYHAWHZbqZPh44kR+jUOxre2w5hcAOEIiFBi2D2znsDXX3YqX5PAReH9OA5rxS
L8ZZ8PWyIRWgIlYA5pjcXJKLniCsYg7LmMUYlJt/asuzkF/V2yh/Cn+gp2iA3w47
jJZ5xXAgjtZFAgKShJI0JezchoEnRI0R0JLpsQ62yxcb
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:29 2025 by rpki-client