Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/_mfQrwWXYdamqJBdPR15ZXqtwE4.roa
File: _mfQrwWXYdamqJBdPR15ZXqtwE4.roa (raw, json)
Hash identifier: Uc6V/Tvm8DDMvhF2i884nFNASZJ4x27sW/PoZKmNP9I=
Subject key identifier: FE:67:D0:AF:05:97:61:D6:A6:A8:90:5D:3D:1D:79:65:7A:AD:C0:4E
Certificate issuer: /CN=08d381ce24231061815f32043c652266adbbd865
Certificate serial: 018CC86FD7E8E6C317FA810F6FA0A5C07830
Authority key identifier: 08:D3:81:CE:24:23:10:61:81:5F:32:04:3C:65:22:66:AD:BB:D8:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNOBziQjEGGBXzIEPGUiZq272GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/_mfQrwWXYdamqJBdPR15ZXqtwE4.roa
Signing time: Tue 02 Jan 2024 04:30:22 +0000
ROA not before: Tue 02 Jan 2024 04:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48173
IP address blocks: 176.117.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:d7:e8:e6:c3:17:fa:81:0f:6f:a0:a5:c0:78:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d381ce24231061815f32043c652266adbbd865
Validity
Not Before: Jan 2 04:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe67d0af059761d6a6a8905d3d1d79657aadc04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:0a:13:e7:56:98:6d:22:9a:a0:59:72:d0:
5a:47:f9:6f:65:2b:b5:33:90:79:5a:17:38:ab:2d:
ef:6b:49:21:1a:52:5a:b7:28:63:a3:3b:0b:b0:78:
05:7a:01:18:53:47:dc:b3:25:07:4a:ce:0a:60:12:
89:6b:14:78:93:be:d9:d2:dc:b6:66:82:67:c1:e7:
b8:75:5b:c2:3d:15:50:d8:3e:cc:ce:19:0e:10:2d:
28:12:ff:9f:19:d1:b6:21:be:32:0b:5a:11:91:fd:
ce:8d:d9:db:b2:68:65:64:75:2f:27:0c:ea:fe:f6:
66:11:f0:a3:a0:12:03:ee:36:27:63:11:87:49:ec:
39:f6:d4:12:b4:cd:44:26:9b:b9:96:2b:78:cd:3e:
1f:d0:2e:e1:9f:46:c4:8b:b3:5b:66:d2:a6:51:6d:
9a:0b:c1:53:47:31:94:85:c6:9d:af:8b:34:57:4c:
69:4b:7b:17:1e:00:b8:aa:e8:06:cc:f9:d8:61:ac:
e7:06:d3:a0:3e:5a:ac:e7:f1:b6:10:61:c4:0c:71:
f8:ff:41:4a:38:ca:a3:98:b3:c8:29:f6:f1:3c:2d:
09:1f:25:69:fb:76:a2:79:68:d1:45:52:90:50:27:
f4:06:ca:41:7c:33:4d:48:e2:00:67:60:be:4b:49:
38:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:67:D0:AF:05:97:61:D6:A6:A8:90:5D:3D:1D:79:65:7A:AD:C0:4E
X509v3 Authority Key Identifier:
keyid:08:D3:81:CE:24:23:10:61:81:5F:32:04:3C:65:22:66:AD:BB:D8:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNOBziQjEGGBXzIEPGUiZq272GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/_mfQrwWXYdamqJBdPR15ZXqtwE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.104.0/21
Signature Algorithm: sha256WithRSAEncryption
67:82:c0:c1:35:f4:b1:63:c4:2a:4a:5d:95:8c:8c:09:52:c8:
86:da:e7:46:25:7c:ab:ad:f7:df:ce:66:15:f1:1b:84:ac:7b:
dd:18:21:19:55:31:87:db:f7:84:d5:f0:2c:10:98:5e:71:33:
01:78:5a:32:56:c2:09:a9:ec:2c:8e:74:d0:37:71:81:45:96:
1f:5b:41:3b:03:15:2d:ef:74:8a:c7:f2:be:9f:20:72:1b:bb:
7d:04:ea:60:c7:40:12:9b:8b:16:50:4b:47:ae:d1:f0:58:49:
4b:3e:df:a6:37:1f:f9:38:53:a1:7b:e6:47:3e:e1:67:03:3d:
38:5b:af:5e:11:62:65:55:e5:4f:d9:9b:43:5b:90:88:40:92:
14:65:1f:35:65:f6:29:e8:f2:7e:2d:fb:f8:cb:72:be:fe:54:
fd:ab:53:90:1a:80:54:55:00:5e:d3:96:7a:cf:ea:37:ec:4c:
39:cf:dc:09:08:1c:93:8f:7d:65:94:a2:b8:a7:28:09:a8:1d:
29:3e:9f:49:bf:9e:cf:03:97:a9:fb:b1:f2:0c:6e:31:b8:d1:
18:45:dc:0b:9a:9c:9f:ed:00:46:a2:4d:29:ad:0f:0c:cf:56:
55:40:d5:bd:35:14:c8:61:67:42:e0:67:9c:d1:ff:17:ed:89:
5f:f5:4f:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb9fo5sMX+oEPb6ClwHgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDM4MWNlMjQyMzEwNjE4MTVmMzIwNDNjNjUyMjY2YWRi
YmQ4NjUwHhcNMjQwMTAyMDQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY3ZDBhZjA1OTc2MWQ2YTZhODkwNWQzZDFkNzk2NTdhYWRjMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn60KE+dWmG0imqBZctBaR/lvZSu1
M5B5Whc4qy3va0khGlJatyhjozsLsHgFegEYU0fcsyUHSs4KYBKJaxR4k77Z0ty2
ZoJnwee4dVvCPRVQ2D7MzhkOEC0oEv+fGdG2Ib4yC1oRkf3OjdnbsmhlZHUvJwzq
/vZmEfCjoBID7jYnYxGHSew59tQStM1EJpu5lit4zT4f0C7hn0bEi7NbZtKmUW2a
C8FTRzGUhcadr4s0V0xpS3sXHgC4qugGzPnYYaznBtOgPlqs5/G2EGHEDHH4/0FK
OMqjmLPIKfbxPC0JHyVp+3aieWjRRVKQUCf0BspBfDNNSOIAZ2C+S0k4OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5n0K8Fl2HWpqiQXT0deWV6rcBOMB8GA1UdIwQY
MBaAFAjTgc4kIxBhgV8yBDxlImatu9hlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05PQnppUWpFR0dCWHpJRVBHVWlacTI3MkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS81YjdlZjgtZTcxZi00MjllLWFhZGYt
NmNiNzhlOTVhYjQ0LzEvX21mUXJ3V1hZZGFtcUpCZFBSMTVaWHF0d0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS81YjdlZjgtZTcxZi00MjllLWFhZGYtNmNiNzhlOTVhYjQ0
LzEvQ05PQnppUWpFR0dCWHpJRVBHVWlacTI3MkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHVoMA0G
CSqGSIb3DQEBCwUAA4IBAQBngsDBNfSxY8QqSl2VjIwJUsiG2udGJXyrrfffzmYV
8RuErHvdGCEZVTGH2/eE1fAsEJhecTMBeFoyVsIJqewsjnTQN3GBRZYfW0E7AxUt
73SKx/K+nyByG7t9BOpgx0ASm4sWUEtHrtHwWElLPt+mNx/5OFOhe+ZHPuFnAz04
W69eEWJlVeVP2ZtDW5CIQJIUZR81ZfYp6PJ+Lfv4y3K+/lT9q1OQGoBUVQBe05Z6
z+o37Ew5z9wJCByTj31llKK4pygJqB0pPp9Jv57PA5ep+7HyDG4xuNEYRdwLmpyf
7QBGok0prQ8Mz1ZVQNW9NRTIYWdC4Gec0f8X7Ylf9U/7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:22 2025 by rpki-client