Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/t3qxJJyM5R0Joe-Jffxhe0UvQcw.roa
File: t3qxJJyM5R0Joe-Jffxhe0UvQcw.roa (raw, json)
Hash identifier: 3ppPzXyyFmLpNzNEdbbrZf9h3UdmGyRhNL4ed+F58tk=
Subject key identifier: B7:7A:B1:24:9C:8C:E5:1D:09:A1:EF:89:7D:FC:61:7B:45:2F:41:CC
Certificate issuer: /CN=0297a58998f0974347081c17f25eedd65fad9661
Certificate serial: 01856E5D77AF0252CEC6CFEC4A5230FF5D04
Authority key identifier: 02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/t3qxJJyM5R0Joe-Jffxhe0UvQcw.roa
Signing time: Sun 01 Jan 2023 17:24:57 +0000
ROA not before: Sun 01 Jan 2023 17:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199365
IP address blocks: 164.138.1.0/24 maxlen: 24
164.138.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:77:af:02:52:ce:c6:cf:ec:4a:52:30:ff:5d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0297a58998f0974347081c17f25eedd65fad9661
Validity
Not Before: Jan 1 17:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b77ab1249c8ce51d09a1ef897dfc617b452f41cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:52:88:a3:c6:71:a1:d8:58:be:d4:6f:39:
97:bd:94:38:f8:6f:39:99:f0:14:2f:e2:d2:c2:71:
c4:5c:e6:35:a6:23:40:15:1d:0b:df:42:b9:66:8f:
80:32:03:67:6a:08:ab:67:3a:4b:73:cd:e1:66:56:
88:d9:f4:07:54:49:18:cd:f3:47:1b:87:07:9d:8a:
64:41:6c:5e:96:ee:4a:1f:11:40:d3:2a:cf:92:83:
7c:bc:1b:d6:da:38:10:90:25:39:09:b0:19:61:62:
f2:7d:8c:61:d7:f1:11:37:78:fb:3b:90:32:9f:88:
f7:df:f1:e3:5e:9f:2b:db:4f:61:1a:b8:6e:b3:0f:
ff:95:41:55:48:a6:cc:90:cb:70:d0:66:17:3c:11:
6e:d9:2b:d7:66:04:9b:47:88:db:b8:1d:47:93:86:
80:24:8b:af:05:5a:2d:8c:ca:70:89:66:43:d2:41:
eb:a5:34:64:58:f5:33:e2:83:35:c4:f9:2d:3d:dd:
be:f4:19:31:d1:6f:f2:72:69:4b:96:62:28:e3:08:
df:88:9f:25:a1:5c:4e:b3:54:1e:a2:26:ff:ca:67:
14:e4:a1:56:c1:ec:c3:7c:53:0c:61:af:3c:62:45:
9c:2f:4a:62:52:d4:af:89:c7:99:cf:c7:57:2d:6f:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7A:B1:24:9C:8C:E5:1D:09:A1:EF:89:7D:FC:61:7B:45:2F:41:CC
X509v3 Authority Key Identifier:
keyid:02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/t3qxJJyM5R0Joe-Jffxhe0UvQcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/ApeliZjwl0NHCBwX8l7t1l-tlmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.1.0/24
164.138.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1f:37:f9:10:11:e4:1d:6c:ef:02:3a:c0:92:f1:7f:7b:36:
01:bf:f8:77:f7:ac:62:95:b5:95:4c:f2:d9:68:c9:c7:3f:17:
d3:d6:7c:09:6a:24:6d:f2:c6:d5:2e:af:93:5c:2c:8e:41:c6:
cd:08:68:dc:e6:bf:95:7c:ed:7e:18:ad:f9:90:fd:df:e8:7c:
13:95:7c:16:02:92:e9:1a:91:6f:5c:e2:3d:c1:0e:0f:fc:a3:
5f:61:38:dd:3e:f4:29:23:02:78:8a:81:07:2c:3f:56:16:54:
78:b9:c6:99:4f:b1:ca:c4:e0:be:8d:b1:c4:eb:cd:8e:cb:ea:
3b:99:8c:19:3b:f9:b3:ff:b9:dc:ce:19:1c:bd:1b:a2:47:c2:
b6:c9:18:59:5c:0f:dc:d0:75:63:bd:18:6d:82:70:19:aa:ed:
4a:33:56:59:e2:e1:fa:57:21:9e:1f:cd:a8:1b:48:3c:6b:d2:
17:c3:7a:56:af:fe:fb:95:e3:15:f6:2a:f5:52:eb:3e:bd:1a:
3a:71:38:fb:af:4c:4b:48:bc:85:77:cb:05:e5:af:35:73:2f:
73:c6:96:15:67:3e:35:92:81:76:7d:81:f6:3d:93:aa:31:51:
cb:18:d8:c2:8e:be:26:d8:a6:9c:58:db:49:73:d0:b5:fb:d9:
3c:d3:df:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuXXevAlLOxs/sSlIw/10EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTdhNTg5OThmMDk3NDM0NzA4MWMxN2YyNWVlZGQ2NWZh
ZDk2NjEwHhcNMjMwMTAxMTcyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdhYjEyNDljOGNlNTFkMDlhMWVmODk3ZGZjNjE3YjQ1MmY0MWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyxSiKPGcaHYWL7UbzmXvZQ4+G85
mfAUL+LSwnHEXOY1piNAFR0L30K5Zo+AMgNnagirZzpLc83hZlaI2fQHVEkYzfNH
G4cHnYpkQWxelu5KHxFA0yrPkoN8vBvW2jgQkCU5CbAZYWLyfYxh1/ERN3j7O5Ay
n4j33/HjXp8r209hGrhusw//lUFVSKbMkMtw0GYXPBFu2SvXZgSbR4jbuB1Hk4aA
JIuvBVotjMpwiWZD0kHrpTRkWPUz4oM1xPktPd2+9Bkx0W/ycmlLlmIo4wjfiJ8l
oVxOs1Qeoib/ymcU5KFWwezDfFMMYa88YkWcL0piUtSviceZz8dXLW8E/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLd6sSScjOUdCaHviX38YXtFL0HMMB8GA1UdIwQY
MBaAFAKXpYmY8JdDRwgcF/Je7dZfrZZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2Qt
NTc5NTMxZTVhMDBmLzEvdDNxeEpKeU01UjBKb2UtSmZmeGhlMFV2UWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2QtNTc5NTMxZTVhMDBm
LzEvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQApIoBAwQA
pIoDMA0GCSqGSIb3DQEBCwUAA4IBAQA7Hzf5EBHkHWzvAjrAkvF/ezYBv/h396xi
lbWVTPLZaMnHPxfT1nwJaiRt8sbVLq+TXCyOQcbNCGjc5r+VfO1+GK35kP3f6HwT
lXwWApLpGpFvXOI9wQ4P/KNfYTjdPvQpIwJ4ioEHLD9WFlR4ucaZT7HKxOC+jbHE
682Oy+o7mYwZO/mz/7nczhkcvRuiR8K2yRhZXA/c0HVjvRhtgnAZqu1KM1ZZ4uH6
VyGeH82oG0g8a9IXw3pWr/77leMV9ir1Uus+vRo6cTj7r0xLSLyFd8sF5a81cy9z
xpYVZz41koF2fYH2PZOqMVHLGNjCjr4m2KacWNtJc9C1+9k8098c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:50 2025 by rpki-client