Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/800359-09c0-42a8-9762-ea3a2096e357/1/v0ecZEo3lPLg2JI3yY8OUz9Txu8.roa
File: v0ecZEo3lPLg2JI3yY8OUz9Txu8.roa (raw, json)
Hash identifier: jt1oxVS7BC8fdq82zK6pFfZFZlUN/SnEokZ1BH6/myI=
Subject key identifier: BF:47:9C:64:4A:37:94:F2:E0:D8:92:37:C9:8F:0E:53:3F:53:C6:EF
Certificate issuer: /CN=653557475c0d87c665322168c45437d10d253a5e
Certificate serial: 018DAE9A4357EDAD568DCE90EA5FCFF4D6AD
Authority key identifier: 65:35:57:47:5C:0D:87:C6:65:32:21:68:C4:54:37:D1:0D:25:3A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZTVXR1wNh8ZlMiFoxFQ30Q0lOl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/800359-09c0-42a8-9762-ea3a2096e357/1/v0ecZEo3lPLg2JI3yY8OUz9Txu8.roa
Signing time: Thu 15 Feb 2024 21:09:21 +0000
ROA not before: Thu 15 Feb 2024 21:09:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58173
IP address blocks: 134.0.80.0/21 maxlen: 21
134.0.80.0/22 maxlen: 22
134.0.80.0/24 maxlen: 24
134.0.84.0/22 maxlen: 22
185.205.160.0/22 maxlen: 22
185.205.160.0/23 maxlen: 23
185.205.162.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:9a:43:57:ed:ad:56:8d:ce:90:ea:5f:cf:f4:d6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653557475c0d87c665322168c45437d10d253a5e
Validity
Not Before: Feb 15 21:09:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf479c644a3794f2e0d89237c98f0e533f53c6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:33:02:0f:db:6e:7f:c5:ce:eb:dc:68:2d:
3d:35:c0:ac:32:8b:ee:b3:0d:29:ae:3d:7c:ad:5a:
70:af:71:e4:01:02:e6:a0:30:84:e0:8c:b8:45:48:
ef:65:08:1c:50:7c:61:b9:18:64:f7:58:45:21:a0:
4b:3c:28:5a:a4:4b:df:3c:50:f3:6a:6d:0f:9d:81:
95:f6:d5:48:b9:fd:b1:db:82:78:fa:35:0f:86:c5:
e9:8b:40:ca:77:c4:17:69:18:cc:15:3a:97:29:39:
eb:49:7d:9b:77:87:6b:c3:14:77:3d:68:ca:af:0c:
61:29:37:44:7f:f2:7a:5e:6c:83:d3:a6:46:d6:00:
39:5e:a4:f6:96:05:88:b4:08:0a:cc:91:c4:e7:1c:
75:8e:3d:82:d4:63:ac:34:3c:0f:92:19:d8:07:61:
20:ba:f0:97:3b:5d:04:00:45:75:95:51:dd:31:f2:
91:3a:52:8d:3a:a9:e6:b1:7f:e2:99:38:a7:8d:a3:
89:94:d6:f7:6c:cd:04:ad:0b:2e:cd:63:2a:a8:c7:
47:17:c6:bd:f6:90:3e:93:b9:50:ec:ed:ae:64:d7:
a8:03:01:c0:56:08:16:0f:63:a1:4e:ab:3b:81:52:
0b:ab:3d:5c:eb:1a:fa:8f:76:34:a8:13:5d:ef:ba:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:47:9C:64:4A:37:94:F2:E0:D8:92:37:C9:8F:0E:53:3F:53:C6:EF
X509v3 Authority Key Identifier:
keyid:65:35:57:47:5C:0D:87:C6:65:32:21:68:C4:54:37:D1:0D:25:3A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTVXR1wNh8ZlMiFoxFQ30Q0lOl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/800359-09c0-42a8-9762-ea3a2096e357/1/v0ecZEo3lPLg2JI3yY8OUz9Txu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/800359-09c0-42a8-9762-ea3a2096e357/1/ZTVXR1wNh8ZlMiFoxFQ30Q0lOl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.0.80.0/21
185.205.160.0/22
Signature Algorithm: sha256WithRSAEncryption
84:e5:09:ef:13:df:87:1b:b3:0a:e8:89:b0:6f:d0:62:5b:86:
a1:b8:5c:a3:bc:b9:81:92:78:2d:67:02:7f:e3:22:9a:56:d5:
51:29:65:8a:9d:8b:77:36:e8:03:df:4a:8e:36:6e:27:f7:6c:
df:99:5f:19:d3:56:81:c1:fe:6a:22:41:16:c7:63:10:11:03:
45:32:07:60:54:96:87:4b:a9:7b:21:a2:c8:55:72:0e:7e:84:
f1:81:50:fb:e6:a0:48:dd:3e:a2:83:56:7f:7a:04:73:83:73:
8d:8c:ba:d7:43:e3:15:2b:58:88:0a:b8:c8:72:01:78:66:bf:
0b:9f:a4:42:59:dd:1d:1f:8d:52:fc:05:e0:ab:91:5c:f3:67:
0b:bf:ce:4f:b9:17:e5:0d:e9:cd:14:d2:d8:91:db:14:7f:80:
46:13:fc:b8:2d:2b:f4:fb:cc:ae:80:16:6a:2c:d8:1b:6a:b5:
7e:c3:b3:7e:74:10:34:73:51:98:d5:d5:80:8e:e8:76:c1:aa:
6a:53:96:cb:b8:2a:3c:61:12:54:fe:f4:d1:27:11:46:5f:08:
00:2b:dc:ed:06:65:68:f2:e7:fe:70:3d:79:82:0e:90:65:a9:
3c:21:89:96:24:8a:b8:f2:ca:08:b5:9e:00:79:0e:bb:0f:cd:
ca:d3:3d:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2umkNX7a1Wjc6Q6l/P9NatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MzU1NzQ3NWMwZDg3YzY2NTMyMjE2OGM0NTQzN2QxMGQy
NTNhNWUwHhcNMjQwMjE1MjEwOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQ3OWM2NDRhMzc5NGYyZTBkODkyMzdjOThmMGU1MzNmNTNjNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB0zAg/bbn/FzuvcaC09NcCsMovu
sw0prj18rVpwr3HkAQLmoDCE4Iy4RUjvZQgcUHxhuRhk91hFIaBLPChapEvfPFDz
am0PnYGV9tVIuf2x24J4+jUPhsXpi0DKd8QXaRjMFTqXKTnrSX2bd4drwxR3PWjK
rwxhKTdEf/J6XmyD06ZG1gA5XqT2lgWItAgKzJHE5xx1jj2C1GOsNDwPkhnYB2Eg
uvCXO10EAEV1lVHdMfKROlKNOqnmsX/imTinjaOJlNb3bM0ErQsuzWMqqMdHF8a9
9pA+k7lQ7O2uZNeoAwHAVggWD2OhTqs7gVILqz1c6xr6j3Y0qBNd77oXYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL9HnGRKN5Ty4NiSN8mPDlM/U8bvMB8GA1UdIwQY
MBaAFGU1V0dcDYfGZTIhaMRUN9ENJTpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlRWWFIxd05oOFpsTWlGb3hGUTMwUTBsT2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MDAzNTktMDljMC00MmE4LTk3NjIt
ZWEzYTIwOTZlMzU3LzEvdjBlY1pFbzNsUExnMkpJM3lZOE9VejlUeHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84MDAzNTktMDljMC00MmE4LTk3NjItZWEzYTIwOTZlMzU3
LzEvWlRWWFIxd05oOFpsTWlGb3hGUTMwUTBsT2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDhgBQAwQC
uc2gMA0GCSqGSIb3DQEBCwUAA4IBAQCE5QnvE9+HG7MK6Imwb9BiW4ahuFyjvLmB
kngtZwJ/4yKaVtVRKWWKnYt3NugD30qONm4n92zfmV8Z01aBwf5qIkEWx2MQEQNF
MgdgVJaHS6l7IaLIVXIOfoTxgVD75qBI3T6ig1Z/egRzg3ONjLrXQ+MVK1iICrjI
cgF4Zr8Ln6RCWd0dH41S/AXgq5Fc82cLv85PuRflDenNFNLYkdsUf4BGE/y4LSv0
+8yugBZqLNgbarV+w7N+dBA0c1GY1dWAjuh2wapqU5bLuCo8YRJU/vTRJxFGXwgA
K9ztBmVo8uf+cD15gg6QZak8IYmWJIq48soItZ4AeQ67D83K0z0X
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:12 2025 by rpki-client