Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a0b9a9-afa9-4104-9fc6-e26de5753795/1/2bFMXuBeNfweg7Db3RbGmjiJeWM.roa
File: 2bFMXuBeNfweg7Db3RbGmjiJeWM.roa (raw, json)
Hash identifier: A6pWuKY4cMgUcGbr7FM7sUY5qgX5JmXzRlXfibVWz+Y=
Subject key identifier: D9:B1:4C:5E:E0:5E:35:FC:1E:83:B0:DB:DD:16:C6:9A:38:89:79:63
Certificate issuer: /CN=f1893e72d835c080ab4959af5e509d79a5fc39e5
Certificate serial: 0221B73C
Authority key identifier: F1:89:3E:72:D8:35:C0:80:AB:49:59:AF:5E:50:9D:79:A5:FC:39:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Yk-ctg1wICrSVmvXlCdeaX8OeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a0b9a9-afa9-4104-9fc6-e26de5753795/1/2bFMXuBeNfweg7Db3RbGmjiJeWM.roa
Signing time: Sat 01 Jan 2022 05:06:23 +0000
ROA not before: Sat 01 Jan 2022 05:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.53.168.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35764028 (0x221b73c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1893e72d835c080ab4959af5e509d79a5fc39e5
Validity
Not Before: Jan 1 05:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9b14c5ee05e35fc1e83b0dbdd16c69a38897963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:4e:82:5b:02:2d:11:c9:c7:56:34:9b:7a:
54:45:43:f4:0f:59:4b:8c:ec:88:24:fa:14:4e:68:
e8:76:2a:ad:aa:9d:2e:f1:30:26:66:70:d6:14:bf:
b3:e5:2f:af:18:dd:98:ad:40:69:fb:54:85:d0:df:
29:7b:59:49:a8:8a:24:11:4b:a3:fa:5d:25:83:9c:
1d:3f:39:ee:c1:a5:58:21:0b:38:85:72:4d:d0:af:
78:09:a0:0f:1b:6c:e5:3e:c8:3f:0f:53:66:43:b7:
32:37:42:75:72:3c:a9:48:2d:0a:78:93:f4:9c:67:
15:e0:45:2d:74:bb:6f:07:5f:c7:75:24:19:5c:31:
c2:09:d2:0a:48:3a:8a:0a:f2:78:cb:e1:fd:f9:11:
17:71:fa:b0:fc:bd:d9:8a:db:d8:f6:d1:07:9c:5c:
85:ef:1d:7e:c6:e5:ca:00:6c:08:25:a1:71:7d:78:
a8:26:38:2e:55:c1:06:90:d9:50:da:9d:7d:cb:be:
81:a8:c1:7b:f1:c9:5a:c4:f3:3f:a2:0a:86:cc:9d:
89:74:34:ca:b2:83:89:80:a8:c8:84:7c:af:e1:d3:
57:d2:5a:45:1b:99:a3:4b:5b:15:2a:ce:05:6e:db:
d4:fa:e2:34:4e:a4:d0:b6:d1:1f:81:e0:31:76:20:
ae:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B1:4C:5E:E0:5E:35:FC:1E:83:B0:DB:DD:16:C6:9A:38:89:79:63
X509v3 Authority Key Identifier:
keyid:F1:89:3E:72:D8:35:C0:80:AB:49:59:AF:5E:50:9D:79:A5:FC:39:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Yk-ctg1wICrSVmvXlCdeaX8OeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a0b9a9-afa9-4104-9fc6-e26de5753795/1/2bFMXuBeNfweg7Db3RbGmjiJeWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a0b9a9-afa9-4104-9fc6-e26de5753795/1/8Yk-ctg1wICrSVmvXlCdeaX8OeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:b5:ab:81:4d:b1:3f:a8:6c:9b:3b:6c:66:da:6e:4e:e8:9a:
6b:04:67:bd:96:ac:ec:dc:9d:51:6f:43:e0:2f:54:ee:f9:25:
49:06:91:4b:26:ed:31:31:11:40:11:5a:b5:1d:04:96:96:6c:
a2:f9:cb:de:c0:b3:0f:aa:84:11:06:06:d1:93:66:c8:e8:03:
63:0e:26:ef:95:ba:40:28:4f:fd:13:61:5e:11:14:47:f4:fc:
a5:0c:55:d4:05:17:97:30:70:a4:73:32:30:42:5f:f8:9e:a5:
d3:dc:c4:d4:55:0b:08:67:5f:12:a1:8e:0b:54:5c:8d:fc:a4:
3b:99:d7:f4:96:bb:29:49:a7:f9:c8:41:97:b7:25:31:ba:5d:
10:8b:8d:c0:1d:7b:b2:4e:72:2e:b9:ca:95:e6:5e:fb:1c:d4:
11:a4:5e:e9:57:9d:6f:68:a7:08:26:50:86:af:18:be:79:c9:
bf:4b:ee:67:75:04:d1:89:c6:8c:af:94:97:9c:61:34:06:45:
2e:59:93:84:05:03:87:7e:8e:b6:ee:26:a2:99:f7:3c:32:b3:
1c:c0:2f:44:d5:3a:e4:17:9c:10:25:fe:a5:32:06:52:d9:d0:
a0:8f:f5:10:32:a6:5e:48:18:fe:5f:75:c2:07:da:73:5b:7c:
93:7a:85:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiG3PDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTg5M2U3MmQ4MzVjMDgwYWI0OTU5YWY1ZTUwOWQ3OWE1ZmMzOWU1MB4XDTIyMDEw
MTA1MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDliMTRjNWVlMDVl
MzVmYzFlODNiMGRiZGQxNmM2OWEzODg5Nzk2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIgGToJbAi0RycdWNJt6VEVD9A9ZS4zsiCT6FE5o6HYqraqd
LvEwJmZw1hS/s+UvrxjdmK1AaftUhdDfKXtZSaiKJBFLo/pdJYOcHT857sGlWCEL
OIVyTdCveAmgDxts5T7IPw9TZkO3MjdCdXI8qUgtCniT9JxnFeBFLXS7bwdfx3Uk
GVwxwgnSCkg6igryeMvh/fkRF3H6sPy92Yrb2PbRB5xche8dfsblygBsCCWhcX14
qCY4LlXBBpDZUNqdfcu+gajBe/HJWsTzP6IKhsydiXQ0yrKDiYCoyIR8r+HTV9Ja
RRuZo0tbFSrOBW7b1PriNE6k0LbRH4HgMXYgrpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZsUxe4F41/B6DsNvdFsaaOIl5YzAfBgNVHSMEGDAWgBTxiT5y2DXAgKtJ
Wa9eUJ15pfw55TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhZay1jdGcxd0lDclNWbXZYbENkZWFYOE9lVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYTBiOWE5LWFmYTktNDEwNC05ZmM2LWUyNmRlNTc1Mzc5NS8x
LzJiRk1YdUJlTmZ3ZWc3RGIzUmJHbWppSmVXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YTBiOWE5LWFmYTktNDEwNC05ZmM2LWUyNmRlNTc1Mzc5NS8xLzhZay1jdGcxd0lD
clNWbXZYbENkZWFYOE9lVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA1qDANBgkqhkiG9w0BAQsFAAOC
AQEATbWrgU2xP6hsmztsZtpuTuiaawRnvZas7NydUW9D4C9U7vklSQaRSybtMTER
QBFatR0ElpZsovnL3sCzD6qEEQYG0ZNmyOgDYw4m75W6QChP/RNhXhEUR/T8pQxV
1AUXlzBwpHMyMEJf+J6l09zE1FULCGdfEqGOC1RcjfykO5nX9Ja7KUmn+chBl7cl
MbpdEIuNwB17sk5yLrnKleZe+xzUEaRe6Vedb2inCCZQhq8YvnnJv0vuZ3UE0YnG
jK+Ul5xhNAZFLlmThAUDh36Otu4mopn3PDKzHMAvRNU65BecECX+pTIGUtnQoI/1
EDKmXkgY/l91wgfac1t8k3qFsQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:59 2025 by rpki-client