Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/ItK4FWpjS5MvaBYu8Cw9ufPzz8M.roa
File: ItK4FWpjS5MvaBYu8Cw9ufPzz8M.roa (raw, json)
Hash identifier: ZxbilmAi3dMbN07yI1icrylrp1ISWW9blZJUQMbe0tE=
Subject key identifier: 22:D2:B8:15:6A:63:4B:93:2F:68:16:2E:F0:2C:3D:B9:F3:F3:CF:C3
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747BD62087D050FE95CF5336F2F0E45
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/ItK4FWpjS5MvaBYu8Cw9ufPzz8M.roa
Signing time: Thu 02 Jan 2025 13:50:00 +0000
ROA not before: Thu 02 Jan 2025 13:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48165
IP address blocks: 176.124.112.0/24 maxlen: 24
176.124.113.0/24 maxlen: 24
185.187.152.0/24 maxlen: 24
185.187.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:bd:62:08:7d:05:0f:e9:5c:f5:33:6f:2f:0e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22d2b8156a634b932f68162ef02c3db9f3f3cfc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:4d:d1:68:54:b8:c9:55:e2:99:55:81:1e:
48:79:2e:d6:1b:bb:8a:24:2d:0a:7a:85:83:db:8f:
f3:5c:63:d0:85:ae:eb:e6:8c:a6:04:fe:6c:28:8a:
ae:8c:37:b9:b1:ad:4c:fe:8f:16:a3:6a:5e:b5:d0:
bc:c4:d7:ab:43:06:00:28:ad:fe:6f:08:8e:dc:0a:
21:17:f0:ce:e8:7e:c1:a5:4d:51:8d:43:bf:dc:7b:
dc:44:16:7b:79:ce:d3:99:8a:12:a9:94:1c:cb:80:
86:90:bf:34:77:10:16:2c:8c:4f:90:dc:48:54:7b:
3e:76:03:c8:f3:ad:e0:fa:c4:e6:86:15:e9:eb:db:
77:c8:59:7f:86:c1:7e:d1:40:26:2d:28:ea:94:36:
1b:b5:c7:b3:fe:ae:58:cf:b5:bd:9c:2b:60:78:33:
59:06:de:7c:62:bc:d6:7f:aa:d2:b8:4f:8d:cf:6b:
f0:ab:de:93:d1:6a:f5:21:c4:8a:33:af:57:a0:7a:
20:8d:4e:ae:c4:ab:03:50:91:7c:f2:43:ef:ba:28:
15:31:cb:5e:e0:25:9d:0c:f4:8b:f2:41:fd:07:47:
d5:c4:22:4f:68:c7:ac:73:c0:b6:be:64:b6:cc:18:
3a:2f:c2:53:f1:ab:06:ed:5d:0b:fa:27:a3:80:7d:
ad:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D2:B8:15:6A:63:4B:93:2F:68:16:2E:F0:2C:3D:B9:F3:F3:CF:C3
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/ItK4FWpjS5MvaBYu8Cw9ufPzz8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.112.0/23
185.187.152.0/23
Signature Algorithm: sha256WithRSAEncryption
19:36:e4:42:01:94:97:1a:22:2e:54:43:19:8b:6e:7e:37:15:
eb:31:6f:7c:b3:6f:3a:d2:75:73:34:cd:21:bd:a6:ee:75:ad:
2e:2f:b6:03:a0:86:25:3f:33:fb:af:09:87:d2:81:a5:55:43:
fb:b9:9c:9b:80:9e:c3:ac:7b:a9:44:91:6f:b7:ee:d6:78:f7:
a8:ab:b1:43:c6:7d:34:0b:18:86:4f:49:5a:6b:c9:d5:c1:a1:
9e:ef:62:b4:53:c4:33:74:0b:d8:08:04:d2:d4:75:83:35:b3:
4b:cf:7b:8a:95:52:65:ec:4c:2f:d2:f5:c7:21:23:fe:dc:77:
3a:c5:9d:01:73:ca:15:39:3d:8d:db:1d:62:ea:ac:ec:2a:a0:
0e:ae:65:05:90:3f:06:87:1b:45:05:20:6d:00:ce:b4:a3:9f:
e9:e9:49:7f:bc:dd:b8:d7:60:83:bb:8b:87:6a:91:34:a9:57:
e4:6c:45:d3:68:a3:b2:7f:b8:d4:96:1b:f8:a7:9e:71:3b:4c:
76:56:01:67:ba:de:2c:a5:4b:79:7c:e6:8a:a9:4b:26:61:f5:
90:e8:f9:1c:5e:d2:0d:fb:b7:04:e2:d7:83:82:1a:30:44:0d:
66:14:7f:56:41:f3:26:c1:15:d2:0b:92:6c:33:86:03:22:c4:
2a:a1:16:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR71iCH0FD+lc9TNvLw5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQyYjgxNTZhNjM0YjkzMmY2ODE2MmVmMDJjM2RiOWYzZjNjZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzdN0WhUuMlV4plVgR5IeS7WG7uK
JC0KeoWD24/zXGPQha7r5oymBP5sKIqujDe5sa1M/o8Wo2petdC8xNerQwYAKK3+
bwiO3AohF/DO6H7BpU1RjUO/3HvcRBZ7ec7TmYoSqZQcy4CGkL80dxAWLIxPkNxI
VHs+dgPI863g+sTmhhXp69t3yFl/hsF+0UAmLSjqlDYbtcez/q5Yz7W9nCtgeDNZ
Bt58YrzWf6rSuE+Nz2vwq96T0Wr1IcSKM69XoHogjU6uxKsDUJF88kPvuigVMcte
4CWdDPSL8kH9B0fVxCJPaMesc8C2vmS2zBg6L8JT8asG7V0L+iejgH2tmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLSuBVqY0uTL2gWLvAsPbnz88/DMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvSXRLNEZXcGpTNU12YUJZdThDdzl1ZlB6ejhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsHxwAwQB
ubuYMA0GCSqGSIb3DQEBCwUAA4IBAQAZNuRCAZSXGiIuVEMZi25+NxXrMW98s286
0nVzNM0hvabuda0uL7YDoIYlPzP7rwmH0oGlVUP7uZybgJ7DrHupRJFvt+7WePeo
q7FDxn00CxiGT0laa8nVwaGe72K0U8QzdAvYCATS1HWDNbNLz3uKlVJl7Ewv0vXH
ISP+3Hc6xZ0Bc8oVOT2N2x1i6qzsKqAOrmUFkD8GhxtFBSBtAM60o5/p6Ul/vN24
12CDu4uHapE0qVfkbEXTaKOyf7jUlhv4p55xO0x2VgFnut4spUt5fOaKqUsmYfWQ
6PkcXtIN+7cE4teDghowRA1mFH9WQfMmwRXSC5JsM4YDIsQqoRYm
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:08:24 2025 by rpki-client