Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/8aAM2lX6alOxdkUWNQ6i-7iIHAc.roa
File: 8aAM2lX6alOxdkUWNQ6i-7iIHAc.roa (raw, json)
Hash identifier: lKXj2Uk8+YnneO2nDlkfLE9kn02SpI2Ps1ZgLlsY0bE=
Subject key identifier: F1:A0:0C:DA:55:FA:6A:53:B1:76:45:16:35:0E:A2:FB:B8:88:1C:07
Certificate issuer: /CN=1bdba013655b9bb0caa285d75c142c1ee30f8854
Certificate serial: 01856F6FEEABCA27972FEB28C13DE0A01397
Authority key identifier: 1B:DB:A0:13:65:5B:9B:B0:CA:A2:85:D7:5C:14:2C:1E:E3:0F:88:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/8aAM2lX6alOxdkUWNQ6i-7iIHAc.roa
Signing time: Sun 01 Jan 2023 22:24:44 +0000
ROA not before: Sun 01 Jan 2023 22:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62054
IP address blocks: 193.176.252.0/24 maxlen: 24
193.176.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ee:ab:ca:27:97:2f:eb:28:c1:3d:e0:a0:13:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bdba013655b9bb0caa285d75c142c1ee30f8854
Validity
Not Before: Jan 1 22:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1a00cda55fa6a53b1764516350ea2fbb8881c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:19:32:c2:22:7d:b4:05:d2:6a:39:c2:12:72:
b2:10:23:a3:6e:84:9f:ec:8b:2f:5f:6e:9d:a9:0b:
da:2c:ef:94:aa:96:25:70:57:0d:b3:64:7e:b3:a0:
dd:89:41:b6:a8:0a:64:ab:a3:27:b7:e7:b1:e5:49:
12:b0:b6:3b:91:3d:87:83:97:e6:ba:72:84:b0:c1:
3e:c7:9c:c1:f4:a5:c0:02:ea:30:aa:52:95:4a:5d:
9d:c2:dc:0a:63:5b:00:57:62:cc:4b:70:ad:8c:9c:
67:7f:2b:9a:b0:f7:ac:f9:1e:0d:90:95:5d:06:da:
7c:04:e8:7a:f9:ce:db:a9:ee:55:81:92:96:8b:69:
aa:1e:75:07:4e:0b:a0:0a:b7:11:8f:33:b1:b8:92:
11:e9:6e:be:57:9a:2d:58:18:a2:dc:cb:b4:ef:18:
95:35:2a:83:28:83:0c:bb:27:7e:e0:87:34:fb:07:
bd:df:81:47:3b:36:14:e4:f1:58:ad:01:81:38:01:
f8:48:c1:e0:95:c9:9e:8c:dd:d2:3f:f4:72:61:8e:
df:72:3c:2e:f7:1a:56:4d:ef:26:4e:b7:81:ab:23:
12:b4:5f:1d:f9:f9:24:16:c1:1a:ea:b3:4d:6e:99:
7a:95:3a:8f:35:30:17:85:d0:d1:32:f1:0f:d2:90:
9c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A0:0C:DA:55:FA:6A:53:B1:76:45:16:35:0E:A2:FB:B8:88:1C:07
X509v3 Authority Key Identifier:
keyid:1B:DB:A0:13:65:5B:9B:B0:CA:A2:85:D7:5C:14:2C:1E:E3:0F:88:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/8aAM2lX6alOxdkUWNQ6i-7iIHAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.252.0/24
193.176.254.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:77:b5:e1:ce:71:ec:8b:97:a4:b0:c8:fb:7f:51:b7:87:54:
45:4f:9b:1b:cf:03:48:f2:d1:e4:69:e9:0c:eb:b7:5e:77:83:
ed:2d:7b:c8:14:d4:15:92:d7:e2:7f:e2:90:0d:c7:54:55:f4:
b8:eb:d2:1d:e2:eb:98:5a:fb:0c:3e:93:13:72:c6:39:6d:88:
34:5f:e9:2d:c3:96:09:a5:1a:73:9a:f1:e0:e5:98:88:1f:a9:
15:70:64:f8:f8:fb:98:4f:cd:d5:5e:b1:02:ab:72:aa:0f:c9:
19:65:e7:4b:77:86:7d:b6:37:d4:28:db:7a:76:75:b1:60:d2:
eb:82:1b:0e:cf:44:18:f9:01:22:c1:ee:c9:e1:37:22:7a:6a:
f3:eb:62:a4:36:13:9a:74:ed:6b:c3:27:ca:6b:bf:67:5b:48:
6d:5e:7e:8f:68:24:c6:98:64:02:20:5a:95:f6:5c:a0:16:96:
a2:0c:d2:8b:09:82:28:8c:bf:ad:20:bb:28:1a:63:61:a9:74:
64:e3:a2:99:51:3c:4f:db:9e:b4:f9:90:83:86:67:5d:92:17:
35:85:f7:67:a4:ce:9c:ec:3d:99:9c:fc:2d:9a:ca:0d:55:f8:
c4:ae:e9:ee:13:45:7a:4b:54:f8:4b:b9:db:78:35:ff:04:45:
9a:80:76:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvb+6ryieXL+sowT3goBOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGJhMDEzNjU1YjliYjBjYWEyODVkNzVjMTQyYzFlZTMw
Zjg4NTQwHhcNMjMwMTAxMjIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWEwMGNkYTU1ZmE2YTUzYjE3NjQ1MTYzNTBlYTJmYmI4ODgxYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBkywiJ9tAXSajnCEnKyECOjboSf
7IsvX26dqQvaLO+UqpYlcFcNs2R+s6DdiUG2qApkq6Mnt+ex5UkSsLY7kT2Hg5fm
unKEsME+x5zB9KXAAuowqlKVSl2dwtwKY1sAV2LMS3CtjJxnfyuasPes+R4NkJVd
Btp8BOh6+c7bqe5VgZKWi2mqHnUHTgugCrcRjzOxuJIR6W6+V5otWBii3Mu07xiV
NSqDKIMMuyd+4Ic0+we934FHOzYU5PFYrQGBOAH4SMHglcmejN3SP/RyYY7fcjwu
9xpWTe8mTreBqyMStF8d+fkkFsEa6rNNbpl6lTqPNTAXhdDRMvEP0pCc4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPGgDNpV+mpTsXZFFjUOovu4iBwHMB8GA1UdIwQY
MBaAFBvboBNlW5uwyqKF11wULB7jD4hUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzl1Z0UyVmJtN0RLb29YWFhCUXNIdU1QaUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82YTI5NDYtZjBhNC00ZTg1LTkzMGUt
ZDRlZGYxNmUwOTc4LzEvOGFBTTJsWDZhbE94ZGtVV05RNmktN2lJSEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82YTI5NDYtZjBhNC00ZTg1LTkzMGUtZDRlZGYxNmUwOTc4
LzEvRzl1Z0UyVmJtN0RLb29YWFhCUXNIdU1QaUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwbD8AwQA
wbD+MA0GCSqGSIb3DQEBCwUAA4IBAQA9d7XhznHsi5eksMj7f1G3h1RFT5sbzwNI
8tHkaekM67ded4PtLXvIFNQVktfif+KQDcdUVfS469Id4uuYWvsMPpMTcsY5bYg0
X+ktw5YJpRpzmvHg5ZiIH6kVcGT4+PuYT83VXrECq3KqD8kZZedLd4Z9tjfUKNt6
dnWxYNLrghsOz0QY+QEiwe7J4Tciemrz62KkNhOadO1rwyfKa79nW0htXn6PaCTG
mGQCIFqV9lygFpaiDNKLCYIojL+tILsoGmNhqXRk46KZUTxP2560+ZCDhmddkhc1
hfdnpM6c7D2ZnPwtmsoNVfjErunuE0V6S1T4S7nbeDX/BEWagHao
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:35 2025 by rpki-client