Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/agt3GX3KTzTTaDa4N2bW6FVEPMI.roa
File: agt3GX3KTzTTaDa4N2bW6FVEPMI.roa (raw, json)
Hash identifier: fqDcb6/bbW1xMS84DKiItjbvr35FGCf0jB399be63bg=
Subject key identifier: 6A:0B:77:19:7D:CA:4F:34:D3:68:36:B8:37:66:D6:E8:55:44:3C:C2
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 01946B63227DB2968AD471E85E0710584B7E
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/agt3GX3KTzTTaDa4N2bW6FVEPMI.roa
Signing time: Wed 15 Jan 2025 19:14:06 +0000
ROA not before: Wed 15 Jan 2025 19:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 161.8.160.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:63:22:7d:b2:96:8a:d4:71:e8:5e:07:10:58:4b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Jan 15 19:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a0b77197dca4f34d36836b83766d6e855443cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:91:99:ea:e1:be:59:7e:91:3e:32:9a:19:47:
15:56:8b:ef:7e:c9:89:77:cc:32:62:99:1b:18:f1:
1b:90:7c:1a:90:d7:36:2c:49:37:3d:62:4e:2f:72:
77:8c:e7:cd:45:c1:24:0b:b8:12:c3:d5:ef:8c:53:
17:60:be:ee:a8:ad:32:ea:d0:e3:38:36:9c:b7:9d:
1f:23:de:ce:fe:55:08:ca:8c:d5:6e:67:30:f7:e1:
c9:ac:4a:ea:78:59:55:90:08:81:03:16:08:3f:1c:
4e:23:d4:6b:3a:fc:c9:a0:02:aa:7e:9a:fa:45:39:
5c:f1:82:35:37:83:93:0b:9b:57:51:ca:57:b8:1c:
9d:7a:e0:12:c0:0b:38:a9:7c:63:18:51:aa:39:38:
cc:e8:9a:5b:d1:08:89:a1:cc:18:29:17:01:0b:6b:
77:96:95:69:8d:e8:15:ce:c3:63:38:03:39:81:7f:
85:41:c8:64:a8:01:99:f4:8a:32:3f:55:c3:f9:92:
a7:5d:b2:0c:ea:13:85:86:04:a8:2c:98:9f:fd:7b:
f7:36:ad:dc:84:56:00:54:3c:e0:5a:2f:da:5b:0d:
5a:37:31:23:53:f5:51:c8:11:97:91:b4:a3:0c:10:
6e:88:a0:df:18:85:94:fd:eb:37:7a:20:d2:a1:67:
4c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0B:77:19:7D:CA:4F:34:D3:68:36:B8:37:66:D6:E8:55:44:3C:C2
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/agt3GX3KTzTTaDa4N2bW6FVEPMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.8.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:bc:a9:a3:17:1d:5f:b2:85:54:fa:02:f6:0a:77:2f:57:d7:
0d:a5:a3:ef:89:fc:be:e3:0b:a1:cb:7e:e2:8f:64:24:b5:3e:
47:b3:65:5f:a9:39:46:ec:5e:f2:af:c9:20:be:56:59:d5:17:
26:f7:0b:c6:90:8c:52:f6:84:d7:98:02:3e:6f:cb:16:12:83:
66:ba:5a:91:7d:87:cb:ed:b5:b6:7b:c0:d5:75:db:ea:86:7d:
eb:be:2b:5f:6b:74:d4:3f:67:e5:73:4b:1c:e9:90:5f:dd:f1:
28:0d:20:f0:f5:29:3b:b0:3d:b9:cc:23:85:d2:3d:26:2b:44:
88:44:e3:1a:47:2f:ed:49:42:fc:d2:a0:b5:94:fc:99:94:5c:
40:0e:83:36:96:56:6d:53:d2:dd:fc:7e:03:63:9e:bd:ed:c0:
81:b7:bb:d5:c2:f6:34:6b:4c:e4:c0:7d:8b:6f:0f:9d:67:ea:
cd:a1:db:a3:fd:17:7b:4b:0d:59:ce:8b:ff:09:05:1c:de:ef:
69:29:16:63:80:37:1b:f9:0f:fd:33:a9:d9:23:b5:69:45:4b:
00:78:6a:d6:86:ef:6d:11:64:97:fd:89:8f:10:8b:59:85:80:
5c:67:7b:74:79:4c:9f:ca:bc:24:d4:43:0c:97:d4:29:cd:f7:
6a:e0:11:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRrYyJ9spaK1HHoXgcQWEt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjUwMTE1MTkxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBiNzcxOTdkY2E0ZjM0ZDM2ODM2YjgzNzY2ZDZlODU1NDQzY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pGZ6uG+WX6RPjKaGUcVVovvfsmJ
d8wyYpkbGPEbkHwakNc2LEk3PWJOL3J3jOfNRcEkC7gSw9XvjFMXYL7uqK0y6tDj
ODact50fI97O/lUIyozVbmcw9+HJrErqeFlVkAiBAxYIPxxOI9RrOvzJoAKqfpr6
RTlc8YI1N4OTC5tXUcpXuBydeuASwAs4qXxjGFGqOTjM6Jpb0QiJocwYKRcBC2t3
lpVpjegVzsNjOAM5gX+FQchkqAGZ9IoyP1XD+ZKnXbIM6hOFhgSoLJif/Xv3Nq3c
hFYAVDzgWi/aWw1aNzEjU/VRyBGXkbSjDBBuiKDfGIWU/es3eiDSoWdMDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoLdxl9yk8002g2uDdm1uhVRDzCMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvYWd0M0dYM0tUelRUYURhNE4yYlc2RlZFUE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFoQigMA0G
CSqGSIb3DQEBCwUAA4IBAQAsvKmjFx1fsoVU+gL2CncvV9cNpaPvify+4wuhy37i
j2QktT5Hs2VfqTlG7F7yr8kgvlZZ1Rcm9wvGkIxS9oTXmAI+b8sWEoNmulqRfYfL
7bW2e8DVddvqhn3rvitfa3TUP2flc0sc6ZBf3fEoDSDw9Sk7sD25zCOF0j0mK0SI
ROMaRy/tSUL80qC1lPyZlFxADoM2llZtU9Ld/H4DY5697cCBt7vVwvY0a0zkwH2L
bw+dZ+rNoduj/Rd7Sw1Zzov/CQUc3u9pKRZjgDcb+Q/9M6nZI7VpRUsAeGrWhu9t
EWSX/YmPEItZhYBcZ3t0eUyfyrwk1EMMl9Qpzfdq4BGf
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:26 2025 by rpki-client