Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/ThimgMsZYScLOqyY1QCUHUW4ZAo.roa
File: ThimgMsZYScLOqyY1QCUHUW4ZAo.roa (raw, json)
Hash identifier: X+BTO/M0Cv1H+rXfOzjNjKpHtf8owQzGZPR3h6URHhI=
Subject key identifier: 4E:18:A6:80:CB:19:61:27:0B:3A:AC:98:D5:00:94:1D:45:B8:64:0A
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 018DF07705A4FB405B772BBDDACF79DDFDD3
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/ThimgMsZYScLOqyY1QCUHUW4ZAo.roa
Signing time: Wed 28 Feb 2024 16:05:48 +0000
ROA not before: Wed 28 Feb 2024 16:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396073
IP address blocks: 92.118.37.0/24 maxlen: 24
2a0c:9f00:a001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:77:05:a4:fb:40:5b:77:2b:bd:da:cf:79:dd:fd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Feb 28 16:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e18a680cb1961270b3aac98d500941d45b8640a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:2d:54:01:cb:1b:82:12:43:4b:8a:fd:68:
0e:bc:a5:b6:8b:04:52:c4:12:e5:bb:bb:11:21:3b:
56:52:8f:a4:bf:b2:2a:fc:d1:8d:01:f1:b8:2a:d4:
a5:12:60:a2:be:d2:67:fb:f8:a5:67:6f:4a:30:09:
c2:bf:9d:bb:f4:f3:27:60:d8:d0:5d:f1:19:49:eb:
cb:bc:fc:fd:3f:8e:5d:f7:40:67:e7:15:a6:4f:f5:
20:11:dd:7a:17:b2:61:2f:6d:6a:7b:22:95:82:84:
1d:7c:ec:4f:9e:d2:00:22:d2:d0:2f:af:2b:e4:c9:
ea:13:ea:bb:68:da:c7:d7:84:bd:87:26:57:a9:7c:
b6:e8:b7:65:ab:58:ce:55:27:12:91:21:e7:83:cf:
be:8b:fe:c8:c5:d5:e3:ec:15:ac:6c:84:3f:03:89:
f8:98:cb:14:d0:2c:5c:4a:4e:9e:63:bd:f6:94:dc:
40:e2:21:3a:97:5e:9c:72:bb:d7:47:fd:45:75:64:
b2:48:a6:4e:d9:d7:0b:33:a4:e8:15:4a:75:53:82:
fb:2a:58:45:48:1b:f6:f3:43:f0:f2:bb:f2:dc:fb:
16:06:2a:f3:aa:40:6d:92:df:98:04:93:c6:d5:f4:
b1:5f:b2:ea:c6:11:60:d0:38:58:ab:b3:b5:85:91:
55:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:18:A6:80:CB:19:61:27:0B:3A:AC:98:D5:00:94:1D:45:B8:64:0A
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/ThimgMsZYScLOqyY1QCUHUW4ZAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.37.0/24
IPv6:
2a0c:9f00:a001::/48
Signature Algorithm: sha256WithRSAEncryption
70:db:cc:d5:20:b3:40:13:76:e7:bb:5f:5a:e5:4b:70:8c:3b:
44:e3:b9:f4:01:d2:0e:4d:3d:ed:0b:0d:07:e3:30:45:50:88:
05:e0:19:f4:cb:89:27:16:e9:fd:03:9f:9c:4e:8c:0f:44:4b:
28:ce:f5:d6:01:1c:f4:68:b1:97:bc:4f:bd:ea:33:21:9c:17:
03:ba:57:77:9b:60:e7:51:5b:8b:e1:7f:67:a6:52:8e:7d:dc:
44:af:06:53:6c:f4:a0:73:fa:40:06:8f:9b:24:af:00:98:2b:
9b:df:7a:60:19:69:f7:d9:8c:b3:2b:45:ee:13:97:a0:db:a3:
16:bc:65:58:39:b3:45:7c:ce:43:29:17:e4:cb:f7:ff:ef:f5:
ce:66:ef:d9:79:ee:12:2d:92:64:8f:a9:af:28:aa:93:d4:b9:
26:b4:6a:0c:20:38:f5:db:74:a8:f8:ab:cb:5f:27:a8:b3:e9:
03:e0:03:c0:39:68:15:f8:d5:6d:67:23:41:e6:76:a9:9c:d0:
55:0a:82:b7:db:25:84:d7:40:6f:21:e7:29:55:50:1c:51:e0:
20:37:df:11:54:4c:9c:6d:a7:da:50:a9:03:16:69:75:b3:ff:
3a:44:d7:0d:3f:b5:eb:28:db:ef:d5:a5:29:81:bd:a5:b4:15:
44:f1:1c:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3wdwWk+0Bbdyu92s953f3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQwMjI4MTYwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE4YTY4MGNiMTk2MTI3MGIzYWFjOThkNTAwOTQxZDQ1Yjg2NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt00tVAHLG4ISQ0uK/WgOvKW2iwRS
xBLlu7sRITtWUo+kv7Iq/NGNAfG4KtSlEmCivtJn+/ilZ29KMAnCv5279PMnYNjQ
XfEZSevLvPz9P45d90Bn5xWmT/UgEd16F7JhL21qeyKVgoQdfOxPntIAItLQL68r
5MnqE+q7aNrH14S9hyZXqXy26Ldlq1jOVScSkSHng8++i/7IxdXj7BWsbIQ/A4n4
mMsU0CxcSk6eY732lNxA4iE6l16ccrvXR/1FdWSySKZO2dcLM6ToFUp1U4L7KlhF
SBv280Pw8rvy3PsWBirzqkBtkt+YBJPG1fSxX7LqxhFg0DhYq7O1hZFVHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE4YpoDLGWEnCzqsmNUAlB1FuGQKMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvVGhpbWdNc1pZU2NMT3F5WTFRQ1VIVVc0WkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXHYlMA8E
AgACMAkDBwAqDJ8AoAEwDQYJKoZIhvcNAQELBQADggEBAHDbzNUgs0ATdue7X1rl
S3CMO0TjufQB0g5NPe0LDQfjMEVQiAXgGfTLiScW6f0Dn5xOjA9ESyjO9dYBHPRo
sZe8T73qMyGcFwO6V3ebYOdRW4vhf2emUo593ESvBlNs9KBz+kAGj5skrwCYK5vf
emAZaffZjLMrRe4Tl6Dboxa8ZVg5s0V8zkMpF+TL9//v9c5m79l57hItkmSPqa8o
qpPUuSa0agwgOPXbdKj4q8tfJ6iz6QPgA8A5aBX41W1nI0Hmdqmc0FUKgrfbJYTX
QG8h5ylVUBxR4CA33xFUTJxtp9pQqQMWaXWz/zpE1w0/teso2+/VpSmBvaW0FUTx
HHE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:21 2025 by rpki-client