Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c21c7c-ca36-431d-9336-2d9bf7d4ec0d/1/1-Hy865tZWPhoIQBVGbM1_AfKyF4.roa
File: 1-Hy865tZWPhoIQBVGbM1_AfKyF4.roa (raw, json)
Hash identifier: ev5bRyckdd3NSdVAiSDlb/xC3jGufVcu6/bQIWkHvfc=
Subject key identifier: F8:7C:BC:EB:9B:59:58:F8:68:21:00:55:19:B3:35:FC:07:CA:C8:5E
Certificate issuer: /CN=4c65323aafa5f05036ee3091fd8b6b449c1017c3
Certificate serial: 01856FE704B9B2D236D38A6296FA99475387
Authority key identifier: 4C:65:32:3A:AF:A5:F0:50:36:EE:30:91:FD:8B:6B:44:9C:10:17:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGUyOq-l8FA27jCR_YtrRJwQF8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c21c7c-ca36-431d-9336-2d9bf7d4ec0d/1/1-Hy865tZWPhoIQBVGbM1_AfKyF4.roa
Signing time: Mon 02 Jan 2023 00:34:49 +0000
ROA not before: Mon 02 Jan 2023 00:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3232
IP address blocks: 193.105.132.0/24 maxlen: 24
91.216.220.0/24 maxlen: 24
194.165.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:04:b9:b2:d2:36:d3:8a:62:96:fa:99:47:53:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c65323aafa5f05036ee3091fd8b6b449c1017c3
Validity
Not Before: Jan 2 00:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f87cbceb9b5958f86821005519b335fc07cac85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:de:59:b8:f0:3d:42:73:73:43:d0:9f:a2:5f:
55:aa:8f:45:59:11:b5:82:30:22:9d:ed:56:6e:9b:
8c:ae:ca:61:1c:70:2c:44:cb:8f:da:31:67:d7:31:
a4:c5:41:38:e7:8e:09:42:f9:91:36:67:4f:74:5a:
f1:2f:e6:f2:d2:bc:f4:62:41:7b:13:b1:62:e7:88:
92:7a:3f:9c:8f:82:92:c3:63:65:91:e2:c4:ce:ad:
02:30:4c:f8:eb:bc:b5:88:70:5b:90:07:93:b4:d7:
dd:29:f2:93:86:d8:3d:44:2d:81:8e:cd:42:3f:b5:
75:05:9c:00:fc:3f:5b:a7:b5:f3:45:38:07:3d:58:
53:a5:88:05:35:bd:10:e4:d1:0e:c7:53:a9:fa:13:
e4:7d:5d:9d:48:52:de:56:46:40:7b:fd:16:8a:10:
24:cf:49:4a:c1:76:fa:d6:52:d3:66:af:94:03:05:
e3:de:ca:e2:af:18:03:f9:0a:b4:6b:d9:03:ea:c9:
6b:33:e7:c5:59:94:44:26:d3:75:52:78:01:b3:40:
8d:ca:9e:0f:8e:d8:54:da:30:7c:a6:72:20:83:53:
c4:10:1e:b9:b6:1c:80:fa:ad:03:18:06:1b:2a:2b:
7f:6b:9a:ce:f1:3c:dc:75:67:b5:1d:29:ce:04:bc:
6c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7C:BC:EB:9B:59:58:F8:68:21:00:55:19:B3:35:FC:07:CA:C8:5E
X509v3 Authority Key Identifier:
keyid:4C:65:32:3A:AF:A5:F0:50:36:EE:30:91:FD:8B:6B:44:9C:10:17:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGUyOq-l8FA27jCR_YtrRJwQF8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c21c7c-ca36-431d-9336-2d9bf7d4ec0d/1/1-Hy865tZWPhoIQBVGbM1_AfKyF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c21c7c-ca36-431d-9336-2d9bf7d4ec0d/1/TGUyOq-l8FA27jCR_YtrRJwQF8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.220.0/24
193.105.132.0/24
194.165.53.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d7:fd:3e:c7:27:d8:31:0f:e1:5e:13:aa:f5:0f:94:4b:4a:
d1:56:96:39:cf:04:bd:bd:41:23:cc:58:39:df:c8:9c:3e:16:
64:6b:36:d3:d9:c8:0c:4b:6b:5b:f5:ac:41:e9:c0:31:b7:0b:
43:6c:1d:5a:84:6b:ad:4e:e0:ce:f9:a6:ba:5d:ff:8d:b3:c9:
b8:db:93:01:38:cc:81:9e:32:84:82:b6:81:9a:ba:d1:8a:f4:
8f:5b:e5:f7:52:87:1d:fe:48:7e:5b:25:5d:d4:27:d2:47:da:
76:8c:29:90:61:9d:89:cc:44:f7:72:17:83:b2:4f:e0:8d:1b:
18:82:cf:ec:4b:ee:8b:6c:36:c3:92:9a:77:5b:06:40:d1:57:
70:1f:02:62:a6:6c:31:95:8b:2f:ea:27:4b:92:24:5d:51:fd:
dc:bc:39:84:cc:20:91:a0:f4:2b:cd:52:f8:bc:fb:d5:69:dd:
aa:b3:a0:e3:1e:7d:3d:df:a3:2d:77:ea:56:0b:46:2b:37:d1:
45:31:a7:ed:8f:13:d5:27:82:33:b6:57:52:58:45:49:fa:67:
2c:4f:3f:4f:4c:43:81:d2:86:e3:43:6e:a6:16:4b:e0:6b:24:
ab:44:8b:6f:ed:b0:72:0d:77:7a:1a:1b:2f:27:fa:44:bf:d2:
35:13:f2:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVv5wS5stI204pilvqZR1OHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNjUzMjNhYWZhNWYwNTAzNmVlMzA5MWZkOGI2YjQ0OWMx
MDE3YzMwHhcNMjMwMTAyMDAzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdjYmNlYjliNTk1OGY4NjgyMTAwNTUxOWIzMzVmYzA3Y2FjODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN5ZuPA9QnNzQ9Cfol9Vqo9FWRG1
gjAine1WbpuMrsphHHAsRMuP2jFn1zGkxUE4544JQvmRNmdPdFrxL+by0rz0YkF7
E7Fi54iSej+cj4KSw2NlkeLEzq0CMEz467y1iHBbkAeTtNfdKfKThtg9RC2Bjs1C
P7V1BZwA/D9bp7XzRTgHPVhTpYgFNb0Q5NEOx1Op+hPkfV2dSFLeVkZAe/0WihAk
z0lKwXb61lLTZq+UAwXj3srirxgD+Qq0a9kD6slrM+fFWZREJtN1UngBs0CNyp4P
jthU2jB8pnIgg1PEEB65thyA+q0DGAYbKit/a5rO8TzcdWe1HSnOBLxsVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPh8vOubWVj4aCEAVRmzNfwHysheMB8GA1UdIwQY
MBaAFExlMjqvpfBQNu4wkf2La0ScEBfDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEdVeU9xLWw4RkEyN2pDUl9ZdHJSSndRRjhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jMjFjN2MtY2EzNi00MzFkLTkzMzYt
MmQ5YmY3ZDRlYzBkLzEvMS1IeTg2NXRaV1Bob0lRQlZHYk0xX0FmS3lGNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvYzIxYzdjLWNhMzYtNDMxZC05MzM2LTJkOWJmN2Q0ZWMw
ZC8xL1RHVXlPcS1sOEZBMjdqQ1JfWXRyUkp3UUY4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvY3AME
AMFphAMEAMKlNTANBgkqhkiG9w0BAQsFAAOCAQEAMNf9Pscn2DEP4V4TqvUPlEtK
0VaWOc8Evb1BI8xYOd/InD4WZGs209nIDEtrW/WsQenAMbcLQ2wdWoRrrU7gzvmm
ul3/jbPJuNuTATjMgZ4yhIK2gZq60Yr0j1vl91KHHf5IflslXdQn0kfadowpkGGd
icxE93IXg7JP4I0bGILP7Evui2w2w5Kad1sGQNFXcB8CYqZsMZWLL+onS5IkXVH9
3Lw5hMwgkaD0K81S+Lz71WndqrOg4x59Pd+jLXfqVgtGKzfRRTGn7Y8T1SeCM7ZX
UlhFSfpnLE8/T0xDgdKG40NuphZL4Gskq0SLb+2wcg13ehobLyf6RL/SNRPyug==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:31 2025 by rpki-client