Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/ikXndZsudgRMF6Fbx7UqWC7niHw.roa
File: ikXndZsudgRMF6Fbx7UqWC7niHw.roa (raw, json)
Hash identifier: k9HVHmu5HPDKxQLmmqe0Lfo3YT07kaKC2wH3geIoCmo=
Subject key identifier: 8A:45:E7:75:9B:2E:76:04:4C:17:A1:5B:C7:B5:2A:58:2E:E7:88:7C
Certificate issuer: /CN=ec68368c5d294160f4d2d0ceaf7531e4475fa533
Certificate serial: 08ED3B7E
Authority key identifier: EC:68:36:8C:5D:29:41:60:F4:D2:D0:CE:AF:75:31:E4:47:5F:A5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/ikXndZsudgRMF6Fbx7UqWC7niHw.roa
Signing time: Sat 01 Jan 2022 14:06:18 +0000
ROA not before: Sat 01 Jan 2022 14:06:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 138.124.184.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149764990 (0x8ed3b7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec68368c5d294160f4d2d0ceaf7531e4475fa533
Validity
Not Before: Jan 1 14:06:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a45e7759b2e76044c17a15bc7b52a582ee7887c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:1a:60:8c:0b:61:f8:4f:68:b3:26:bf:e6:
b1:52:22:01:fc:22:27:16:9c:f4:bf:58:40:2f:65:
52:ba:33:32:83:05:b4:05:d9:5b:d6:44:5a:9f:53:
2d:8b:cb:56:64:9a:4d:91:36:5b:36:5a:a8:14:72:
b1:8c:05:94:cc:1e:5b:4f:d1:48:67:2f:5b:5d:53:
9f:a9:19:7b:4b:e7:00:32:73:25:a0:1a:67:7d:e2:
49:d6:32:0a:42:ba:c9:c7:ed:07:b0:dc:8b:1d:46:
7b:d0:c2:be:9e:59:7a:6f:31:99:5a:c3:a2:88:f5:
38:a5:c7:95:3f:e0:3a:ab:60:4f:0d:e6:35:1f:0c:
0d:94:0b:a4:fc:6c:ec:6b:8e:5f:11:c6:1e:d6:3d:
7a:81:bb:2a:71:b6:e2:53:57:e6:68:c7:c2:53:ef:
5e:40:6d:60:40:a3:8f:a9:a5:6b:c2:c8:4f:a8:83:
6c:01:dc:3b:b9:22:79:5d:9a:af:04:aa:88:87:0a:
43:ad:e3:7c:9c:b1:51:4e:44:f7:4c:53:83:d9:2c:
d1:b3:3c:07:ca:0c:d1:c3:38:ee:63:62:53:8b:99:
eb:a3:03:63:b9:bc:47:3a:ad:01:46:15:6c:a4:4e:
26:4d:f5:79:29:c9:05:cb:ca:e8:85:a4:47:3d:fc:
35:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:45:E7:75:9B:2E:76:04:4C:17:A1:5B:C7:B5:2A:58:2E:E7:88:7C
X509v3 Authority Key Identifier:
keyid:EC:68:36:8C:5D:29:41:60:F4:D2:D0:CE:AF:75:31:E4:47:5F:A5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/ikXndZsudgRMF6Fbx7UqWC7niHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7fbb64-ff75-4082-9d1c-50f597043655/1/7Gg2jF0pQWD00tDOr3Ux5EdfpTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.180.0/24
138.124.183.0-138.124.184.255
138.124.187.0/24
Signature Algorithm: sha256WithRSAEncryption
48:84:f1:be:90:f2:c5:89:f5:37:5f:0c:8c:b5:69:ff:05:4e:
06:51:3a:b3:34:27:a9:1b:19:cc:fb:f3:39:22:a8:c2:39:d5:
ac:c0:2c:d9:63:6f:eb:b4:16:04:02:92:22:9c:f9:7c:0c:18:
7f:6c:37:9f:ce:ad:cd:81:6e:f7:ee:1d:48:9d:a8:4f:de:7e:
e8:5c:f7:6b:31:23:09:52:dc:3a:e7:96:e3:99:9c:fb:f6:72:
3e:93:20:19:ca:db:53:6e:b5:99:ca:9f:bb:75:89:2b:aa:0f:
70:a4:35:5b:7e:bc:f6:5e:9d:44:83:6c:ce:15:2c:5a:a9:59:
72:94:ce:cd:1d:81:b1:71:fa:77:8f:f1:41:e6:89:b4:f5:44:
03:3c:b1:87:52:55:49:76:67:64:db:18:c0:85:07:c7:ed:08:
72:10:67:5d:e8:12:27:d1:7f:07:e3:4c:49:c7:35:f5:d0:93:
b0:1f:35:2e:31:6a:33:7e:80:33:d2:36:c9:09:24:4a:53:6a:
8d:a6:36:d1:c7:18:c8:a0:77:f8:de:af:42:35:68:e4:e3:ac:
15:eb:a4:07:df:3e:3d:d5:47:34:a3:43:42:9a:61:c5:74:38:
8c:36:6a:88:cb:2c:4e:11:42:f7:25:cb:0a:40:13:49:6d:eb:
4b:43:10:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECO07fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzY4MzY4YzVkMjk0MTYwZjRkMmQwY2VhZjc1MzFlNDQ3NWZhNTMzMB4XDTIyMDEw
MTE0MDYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE0NWU3NzU5YjJl
NzYwNDRjMTdhMTViYzdiNTJhNTgyZWU3ODg3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6IGmCMC2H4T2izJr/msVIiAfwiJxac9L9YQC9lUrozMoMF
tAXZW9ZEWp9TLYvLVmSaTZE2WzZaqBRysYwFlMweW0/RSGcvW11Tn6kZe0vnADJz
JaAaZ33iSdYyCkK6ycftB7Dcix1Ge9DCvp5Zem8xmVrDooj1OKXHlT/gOqtgTw3m
NR8MDZQLpPxs7GuOXxHGHtY9eoG7KnG24lNX5mjHwlPvXkBtYECjj6mla8LIT6iD
bAHcO7kieV2arwSqiIcKQ63jfJyxUU5E90xTg9ks0bM8B8oM0cM47mNiU4uZ66MD
Y7m8RzqtAUYVbKROJk31eSnJBcvK6IWkRz38NW0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSKRed1my52BEwXoVvHtSpYLueIfDAfBgNVHSMEGDAWgBTsaDaMXSlBYPTS
0M6vdTHkR1+lMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdHZzJqRjBwUVdEMDB0RE9yM1V4NUVkZnBUTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvN2ZiYjY0LWZmNzUtNDA4Mi05ZDFjLTUwZjU5NzA0MzY1NS8x
L2lrWG5kWnN1ZGdSTUY2RmJ4N1VxV0M3bmlIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
N2ZiYjY0LWZmNzUtNDA4Mi05ZDFjLTUwZjU5NzA0MzY1NS8xLzdHZzJqRjBwUVdE
MDB0RE9yM1V4NUVkZnBUTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAIp8tDAMAwQAiny3AwQAiny4AwQA
iny7MA0GCSqGSIb3DQEBCwUAA4IBAQBIhPG+kPLFifU3XwyMtWn/BU4GUTqzNCep
GxnM+/M5IqjCOdWswCzZY2/rtBYEApIinPl8DBh/bDefzq3NgW737h1InahP3n7o
XPdrMSMJUtw655bjmZz79nI+kyAZyttTbrWZyp+7dYkrqg9wpDVbfrz2Xp1Eg2zO
FSxaqVlylM7NHYGxcfp3j/FB5om09UQDPLGHUlVJdmdk2xjAhQfH7QhyEGdd6BIn
0X8H40xJxzX10JOwHzUuMWozfoAz0jbJCSRKU2qNpjbRxxjIoHf43q9CNWjk46wV
66QH3z491Uc0o0NCmmHFdDiMNmqIyyxOEUL3JcsKQBNJbetLQxAV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:53 2025 by rpki-client