Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/345608-0ff2-495a-8a0d-e100cf25ffac/1/rhBQl0nSk_EnnmOkRLSv9ASbIJE.roa
File: rhBQl0nSk_EnnmOkRLSv9ASbIJE.roa (raw, json)
Hash identifier: FfD68teDCKG6rmQYbhpNGnpDB6PsGSsq+eweB1QEVr4=
Subject key identifier: AE:10:50:97:49:D2:93:F1:27:9E:63:A4:44:B4:AF:F4:04:9B:20:91
Certificate issuer: /CN=ed613a33ba72e21789a14931d116242e01e0f536
Certificate serial: 01857030590B6A3486C741062FA6B3DE6AAB
Authority key identifier: ED:61:3A:33:BA:72:E2:17:89:A1:49:31:D1:16:24:2E:01:E0:F5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WE6M7py4heJoUkx0RYkLgHg9TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/345608-0ff2-495a-8a0d-e100cf25ffac/1/rhBQl0nSk_EnnmOkRLSv9ASbIJE.roa
Signing time: Mon 02 Jan 2023 01:54:54 +0000
ROA not before: Mon 02 Jan 2023 01:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59631
IP address blocks: 176.121.64.0/24 maxlen: 24
176.121.64.0/22 maxlen: 22
176.121.64.0/21 maxlen: 21
176.121.69.0/24 maxlen: 24
176.121.68.0/24 maxlen: 24
176.121.67.0/24 maxlen: 24
176.121.66.0/24 maxlen: 24
176.121.65.0/24 maxlen: 24
176.121.71.0/24 maxlen: 24
176.121.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:59:0b:6a:34:86:c7:41:06:2f:a6:b3:de:6a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed613a33ba72e21789a14931d116242e01e0f536
Validity
Not Before: Jan 2 01:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae10509749d293f1279e63a444b4aff4049b2091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e0:f6:48:a4:64:0d:36:1b:34:3a:41:49:c5:
86:8c:de:10:4d:d1:7c:26:54:48:a4:ab:33:65:3b:
a4:3d:11:22:71:f3:a3:35:e7:d3:30:91:aa:ea:43:
87:e2:13:8d:d9:4a:5e:a6:66:9f:07:6a:49:84:fd:
c6:b2:f9:88:f4:31:52:65:69:3d:06:0e:28:ca:e4:
9d:4e:df:46:96:d9:67:55:17:6a:f0:62:af:11:eb:
da:6a:28:b2:60:f6:db:a2:37:bc:31:a4:6c:c9:e2:
29:ca:af:0f:2d:76:35:fa:a2:b3:41:53:0e:2a:7e:
bd:a5:2b:f0:fd:31:2f:27:14:36:98:0f:1d:6d:f4:
f1:76:7f:ea:18:1c:e7:a3:e2:be:bc:9b:a3:4c:fc:
e9:74:6e:72:b4:88:e9:59:6b:64:1a:63:bd:b0:11:
68:c8:f7:fc:98:e7:6d:77:ad:7c:29:ad:2b:f2:7f:
f6:e2:fa:e0:99:72:2a:0c:5e:a9:90:f1:3d:af:77:
ef:ae:6a:db:9f:62:5e:a7:02:04:88:93:4e:5b:f8:
b4:c3:ff:3e:4b:a6:7b:42:98:3e:bd:dc:6e:cb:5f:
19:87:25:3c:6d:a9:67:6d:dd:5c:2c:05:92:e7:af:
8d:8b:86:47:ba:63:58:a9:48:16:cb:f0:35:2a:40:
bb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:10:50:97:49:D2:93:F1:27:9E:63:A4:44:B4:AF:F4:04:9B:20:91
X509v3 Authority Key Identifier:
keyid:ED:61:3A:33:BA:72:E2:17:89:A1:49:31:D1:16:24:2E:01:E0:F5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WE6M7py4heJoUkx0RYkLgHg9TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/345608-0ff2-495a-8a0d-e100cf25ffac/1/rhBQl0nSk_EnnmOkRLSv9ASbIJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/345608-0ff2-495a-8a0d-e100cf25ffac/1/7WE6M7py4heJoUkx0RYkLgHg9TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.64.0/21
Signature Algorithm: sha256WithRSAEncryption
70:e1:65:85:f2:46:f5:20:ec:59:12:ab:1e:93:06:0e:e3:50:
bb:7c:65:51:ad:96:bf:aa:94:7e:00:23:6b:20:a8:d1:c1:30:
00:51:21:c4:d1:6c:9f:7a:98:f5:92:ef:e7:c4:0e:c7:fc:a6:
c8:30:1b:47:cf:2a:ea:cc:6a:33:93:33:6e:94:24:6e:55:02:
a7:ee:aa:a9:b7:40:e6:65:93:14:76:b6:d8:15:71:bb:09:7f:
96:38:1e:10:f3:6c:85:ac:43:11:da:0a:53:43:b4:04:6d:29:
7e:ba:c6:ef:ce:68:86:8e:2c:1b:db:84:39:1b:8a:ee:c6:c1:
9d:2e:fd:69:b8:37:f7:e0:ff:58:2c:72:cc:e6:a7:dc:ec:a2:
1f:67:90:45:7b:d7:2f:fe:d6:50:47:ae:97:16:e0:95:19:d5:
5d:f8:e5:fc:b2:0a:e2:9d:eb:dc:de:3a:70:47:8a:38:67:f6:
9a:34:10:f3:7e:96:1f:6b:11:55:ad:e8:ae:15:a4:45:5c:d7:
1f:c7:62:79:ab:96:d4:9f:68:9a:8b:b7:8b:63:41:07:52:09:
c4:bc:a7:4f:ba:b3:7a:f6:11:da:e6:dc:f9:8f:6b:9c:c4:36:
00:4d:5c:79:aa:33:4c:87:c3:1b:89:9e:14:ca:e2:b1:d5:6c:
2e:77:a7:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFkLajSGx0EGL6az3mqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjEzYTMzYmE3MmUyMTc4OWExNDkzMWQxMTYyNDJlMDFl
MGY1MzYwHhcNMjMwMTAyMDE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTEwNTA5NzQ5ZDI5M2YxMjc5ZTYzYTQ0NGI0YWZmNDA0OWIyMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOD2SKRkDTYbNDpBScWGjN4QTdF8
JlRIpKszZTukPREicfOjNefTMJGq6kOH4hON2UpepmafB2pJhP3GsvmI9DFSZWk9
Bg4oyuSdTt9GltlnVRdq8GKvEevaaiiyYPbboje8MaRsyeIpyq8PLXY1+qKzQVMO
Kn69pSvw/TEvJxQ2mA8dbfTxdn/qGBzno+K+vJujTPzpdG5ytIjpWWtkGmO9sBFo
yPf8mOdtd618Ka0r8n/24vrgmXIqDF6pkPE9r3fvrmrbn2JepwIEiJNOW/i0w/8+
S6Z7Qpg+vdxuy18ZhyU8balnbd1cLAWS56+Ni4ZHumNYqUgWy/A1KkC7awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4QUJdJ0pPxJ55jpES0r/QEmyCRMB8GA1UdIwQY
MBaAFO1hOjO6cuIXiaFJMdEWJC4B4PU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dFNk03cHk0aGVKb1VreDBSWWtMZ0hnOVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNDU2MDgtMGZmMi00OTVhLThhMGQt
ZTEwMGNmMjVmZmFjLzEvcmhCUWwwblNrX0Vubm1Pa1JMU3Y5QVNiSUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNDU2MDgtMGZmMi00OTVhLThhMGQtZTEwMGNmMjVmZmFj
LzEvN1dFNk03cHk0aGVKb1VreDBSWWtMZ0hnOVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHlAMA0G
CSqGSIb3DQEBCwUAA4IBAQBw4WWF8kb1IOxZEqsekwYO41C7fGVRrZa/qpR+ACNr
IKjRwTAAUSHE0Wyfepj1ku/nxA7H/KbIMBtHzyrqzGozkzNulCRuVQKn7qqpt0Dm
ZZMUdrbYFXG7CX+WOB4Q82yFrEMR2gpTQ7QEbSl+usbvzmiGjiwb24Q5G4ruxsGd
Lv1puDf34P9YLHLM5qfc7KIfZ5BFe9cv/tZQR66XFuCVGdVd+OX8sgrinevc3jpw
R4o4Z/aaNBDzfpYfaxFVreiuFaRFXNcfx2J5q5bUn2iai7eLY0EHUgnEvKdPurN6
9hHa5tz5j2ucxDYATVx5qjNMh8MbiZ4UyuKx1Wwud6en
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:33 2025 by rpki-client