Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/0-tXdDrR-oLZlpzR431wpBZzVDs.roa
File: 0-tXdDrR-oLZlpzR431wpBZzVDs.roa (raw, json)
Hash identifier: 3Qhxjo7XLp5av2tTocApU2Mqnhid13KoRPjudQi6tOI=
Subject key identifier: D3:EB:57:74:3A:D1:FA:82:D9:96:9C:D1:E3:7D:70:A4:16:73:54:3B
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01938BA422B4643136162CAC1AC91D42817F
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/0-tXdDrR-oLZlpzR431wpBZzVDs.roa
Signing time: Tue 03 Dec 2024 08:30:10 +0000
ROA not before: Tue 03 Dec 2024 08:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.110.52.0/24 maxlen: 24
86.110.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:a4:22:b4:64:31:36:16:2c:ac:1a:c9:1d:42:81:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Dec 3 08:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3eb57743ad1fa82d9969cd1e37d70a41673543b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:60:45:69:73:1e:eb:3e:e4:df:2b:04:f8:
9d:09:70:9b:ae:91:3c:f4:b5:69:10:cc:67:4d:80:
14:35:5b:68:53:26:9b:d6:b5:a1:b3:22:6d:aa:dc:
1a:2a:21:64:47:74:59:d2:44:af:00:3e:d2:16:e3:
07:39:2c:1c:fe:fa:71:d8:63:ba:8c:90:48:ed:bc:
58:90:f1:ca:f5:c1:f4:ca:2f:7c:84:b3:7c:3a:27:
a9:27:d1:a4:37:15:7c:af:4e:72:63:e2:34:5b:a4:
c8:00:2b:c4:69:fc:43:fd:c2:bb:40:db:b1:e1:79:
e2:4b:aa:19:88:11:ab:4f:0f:94:38:5b:41:7f:27:
26:ea:59:68:41:13:2d:10:0e:11:78:66:0e:94:b0:
5a:38:ec:88:32:fc:52:80:89:a0:1b:49:6f:66:01:
c1:8e:42:11:37:57:cc:33:9c:5a:1b:5d:e3:77:fa:
2e:bb:0c:bf:54:f9:84:83:59:20:cf:b0:92:83:98:
1c:02:a6:6a:42:5f:e7:53:65:bc:90:0e:e6:d1:8d:
62:8d:26:d0:30:48:9f:b8:fe:55:59:d2:73:69:ff:
a5:f9:eb:ac:22:8b:22:bc:2a:a8:b0:c4:da:fa:6e:
5e:5b:79:b9:f5:24:14:48:e5:b8:01:73:3a:16:eb:
ac:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EB:57:74:3A:D1:FA:82:D9:96:9C:D1:E3:7D:70:A4:16:73:54:3B
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/0-tXdDrR-oLZlpzR431wpBZzVDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.52.0/24
86.110.59.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e0:64:e8:a6:8b:4b:ce:02:8f:a4:0b:95:d0:e7:b0:92:3a:
50:c0:63:90:c7:74:33:d4:85:c2:8e:74:09:79:98:4b:48:d7:
ae:ed:23:c8:34:42:64:f2:6b:a2:f3:92:ac:cc:6a:ca:31:32:
73:15:7b:ba:7a:cb:f8:1b:8d:11:38:41:32:44:98:26:cb:4f:
e2:88:e2:0b:c0:6a:41:cf:2d:c7:dd:31:38:ed:63:c4:8e:61:
48:da:c2:86:39:23:c5:59:c2:7d:3d:46:e7:17:2c:ea:8e:51:
15:6b:7f:f5:49:18:d0:5f:7a:ff:92:7b:54:f0:97:56:29:ba:
23:a7:18:14:fb:57:9d:03:6d:a0:0c:9d:71:f5:75:cc:c3:09:
d6:46:90:81:23:ce:49:e2:74:ec:fa:ab:e9:cf:a3:c4:4f:32:
38:a6:f4:6d:03:47:94:f3:35:93:42:05:b8:b5:64:f8:c9:06:
cb:13:93:31:7b:49:28:81:86:cc:4e:1f:d1:08:0b:c5:b4:68:
47:9a:7c:ec:d3:72:7f:ec:d5:f2:8d:b2:82:f8:56:99:33:14:
dd:fe:4c:12:b2:d9:32:f6:e8:82:fa:fb:d5:85:36:03:ae:52:
ae:01:ca:72:a3:56:7b:b4:77:ef:75:8f:7d:8e:c3:61:5e:81:
dc:92:21:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOLpCK0ZDE2FiysGskdQoF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMjAzMDgzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ViNTc3NDNhZDFmYTgyZDk5NjljZDFlMzdkNzBhNDE2NzM1NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmdgRWlzHus+5N8rBPidCXCbrpE8
9LVpEMxnTYAUNVtoUyab1rWhsyJtqtwaKiFkR3RZ0kSvAD7SFuMHOSwc/vpx2GO6
jJBI7bxYkPHK9cH0yi98hLN8OiepJ9GkNxV8r05yY+I0W6TIACvEafxD/cK7QNux
4XniS6oZiBGrTw+UOFtBfycm6lloQRMtEA4ReGYOlLBaOOyIMvxSgImgG0lvZgHB
jkIRN1fMM5xaG13jd/ouuwy/VPmEg1kgz7CSg5gcAqZqQl/nU2W8kA7m0Y1ijSbQ
MEifuP5VWdJzaf+l+eusIosivCqosMTa+m5eW3m59SQUSOW4AXM6Fuus0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNPrV3Q60fqC2Zac0eN9cKQWc1Q7MB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvMC10WGREclItb0xabHB6UjQzMXdwQlp6VkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVm40AwQA
Vm47MA0GCSqGSIb3DQEBCwUAA4IBAQBV4GTopotLzgKPpAuV0OewkjpQwGOQx3Qz
1IXCjnQJeZhLSNeu7SPINEJk8mui85KszGrKMTJzFXu6esv4G40ROEEyRJgmy0/i
iOILwGpBzy3H3TE47WPEjmFI2sKGOSPFWcJ9PUbnFyzqjlEVa3/1SRjQX3r/kntU
8JdWKbojpxgU+1edA22gDJ1x9XXMwwnWRpCBI85J4nTs+qvpz6PETzI4pvRtA0eU
8zWTQgW4tWT4yQbLE5Mxe0kogYbMTh/RCAvFtGhHmnzs03J/7NXyjbKC+FaZMxTd
/kwSstky9uiC+vvVhTYDrlKuAcpyo1Z7tHfvdY99jsNhXoHckiF7
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:43 2025 by rpki-client