Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/D3FdOJiFqlUjhOSrc1Z8G-ZTY-A.roa
File: D3FdOJiFqlUjhOSrc1Z8G-ZTY-A.roa (raw, json)
Hash identifier: 1IGQIHYmISf5+9w2vZuhLBKJNjZTtTVXWb1o0j5MfNA=
Subject key identifier: 0F:71:5D:38:98:85:AA:55:23:84:E4:AB:73:56:7C:1B:E6:53:63:E0
Certificate issuer: /CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Certificate serial: 0193969A3A6D05042E6F99F343CEE1268CA1
Authority key identifier: DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/D3FdOJiFqlUjhOSrc1Z8G-ZTY-A.roa
Signing time: Thu 05 Dec 2024 11:35:10 +0000
ROA not before: Thu 05 Dec 2024 11:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204057
IP address blocks: 178.23.189.0/24 maxlen: 24
185.255.96.0/23 maxlen: 23
217.28.140.0/24 maxlen: 24
2a0d:6240::/32 maxlen: 32
2a0d:6241::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:9a:3a:6d:05:04:2e:6f:99:f3:43:ce:e1:26:8c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb1f6e00153a4918611b14b6b03f6812ed88a43
Validity
Not Before: Dec 5 11:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f715d389885aa552384e4ab73567c1be65363e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5c:28:1c:18:b8:04:8a:f0:f9:8d:d8:cf:c8:
c0:93:e5:0f:e0:dc:fc:08:58:88:dc:38:f3:5a:5b:
11:a5:42:e9:9e:dc:19:e2:32:a9:49:31:d6:f2:b6:
76:30:20:6f:10:0f:b9:be:0e:15:8d:2b:ee:e5:7f:
9e:ba:78:ee:cd:3d:27:25:87:25:a6:68:fb:32:d9:
62:df:d0:04:37:83:5f:38:0b:69:77:c6:8b:f1:12:
79:21:2d:c7:ff:9a:54:8d:80:37:9a:53:c2:03:99:
51:97:62:3c:6e:b0:8c:95:3b:c4:83:f2:79:38:1b:
bc:01:ce:ac:1c:2d:8f:ae:e0:10:36:b3:21:ac:b4:
37:bb:43:5b:e9:f8:94:09:93:f8:7f:2a:34:4f:6e:
f3:e8:08:b3:99:b6:b5:26:aa:c3:cb:11:68:eb:5c:
09:2f:90:ba:0c:81:8a:f6:fe:2a:e3:26:0c:8c:f3:
45:e6:12:f6:5f:76:20:3e:e5:b6:c0:78:ad:a3:0d:
1c:87:dd:d2:62:e4:05:b3:0d:c8:a0:40:25:82:7a:
c3:e7:af:a5:f5:fe:f4:61:f0:b0:e1:d4:34:3a:bd:
36:ef:2e:ba:b0:b9:05:61:a5:a7:f3:b3:d6:fa:ae:
37:94:b1:7b:62:8e:e0:b2:f5:28:b6:e6:04:03:04:
b0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:71:5D:38:98:85:AA:55:23:84:E4:AB:73:56:7C:1B:E6:53:63:E0
X509v3 Authority Key Identifier:
keyid:DF:B1:F6:E0:01:53:A4:91:86:11:B1:4B:6B:03:F6:81:2E:D8:8A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37H24AFTpJGGEbFLawP2gS7YikM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/D3FdOJiFqlUjhOSrc1Z8G-ZTY-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5379e5-3d85-41b1-9d71-810627fb2671/1/37H24AFTpJGGEbFLawP2gS7YikM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.189.0/24
185.255.96.0/23
217.28.140.0/24
IPv6:
2a0d:6240::/31
Signature Algorithm: sha256WithRSAEncryption
47:de:a5:9b:8b:9f:c2:c1:17:26:9e:be:80:d1:9d:99:af:a7:
4e:1a:dd:b6:18:4c:75:13:66:6c:97:5e:34:61:71:54:3d:8d:
59:04:32:40:1a:6d:98:f7:e9:94:f9:8e:9e:89:90:fe:c3:ed:
45:46:0e:97:d4:dd:81:f0:d2:61:b0:d3:02:c8:bd:ef:8c:1a:
ee:c7:2e:e2:1d:d5:c7:47:4b:ce:61:55:a4:81:2c:3a:75:03:
ac:27:ac:c7:6d:bf:49:15:de:57:be:c9:c2:ba:2b:c4:a1:9b:
10:70:25:e0:dc:2c:a1:54:4a:eb:c6:79:18:e3:d2:22:ed:53:
32:59:ff:be:d8:1b:7b:49:c9:0a:1a:ea:8f:40:15:63:16:db:
ab:91:7d:94:ec:f9:97:55:55:01:28:1f:4b:90:3e:7e:9d:e0:
a9:fd:11:b5:60:1f:fd:a6:d0:b3:a4:e0:3f:f4:88:47:51:1a:
0e:51:23:b2:7b:52:e3:a0:4d:77:a7:68:e0:de:51:76:2e:9f:
67:df:b9:b6:4e:ab:a0:02:66:1e:3e:3a:4e:50:a6:24:e0:10:
0c:43:5f:a7:e6:4c:2a:b9:87:94:bc:41:28:75:bc:77:98:69:
ef:73:58:79:7f:9f:2a:60:ec:0a:64:42:c1:52:bc:e6:3a:aa:
4b:51:82:c2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZOWmjptBQQub5nzQ87hJoyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjFmNmUwMDE1M2E0OTE4NjExYjE0YjZiMDNmNjgxMmVk
ODhhNDMwHhcNMjQxMjA1MTEzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjcxNWQzODk4ODVhYTU1MjM4NGU0YWI3MzU2N2MxYmU2NTM2M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01woHBi4BIrw+Y3Yz8jAk+UP4Nz8
CFiI3DjzWlsRpULpntwZ4jKpSTHW8rZ2MCBvEA+5vg4VjSvu5X+eunjuzT0nJYcl
pmj7Mtli39AEN4NfOAtpd8aL8RJ5IS3H/5pUjYA3mlPCA5lRl2I8brCMlTvEg/J5
OBu8Ac6sHC2PruAQNrMhrLQ3u0Nb6fiUCZP4fyo0T27z6Aizmba1JqrDyxFo61wJ
L5C6DIGK9v4q4yYMjPNF5hL2X3YgPuW2wHitow0ch93SYuQFsw3IoEAlgnrD56+l
9f70YfCw4dQ0Or027y66sLkFYaWn87PW+q43lLF7Yo7gsvUotuYEAwSwaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA9xXTiYhapVI4Tkq3NWfBvmU2PgMB8GA1UdIwQY
MBaAFN+x9uABU6SRhhGxS2sD9oEu2IpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEt
ODEwNjI3ZmIyNjcxLzEvRDNGZE9KaUZxbFVqaE9TcmMxWjhHLVpUWS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81Mzc5ZTUtM2Q4NS00MWIxLTlkNzEtODEwNjI3ZmIyNjcx
LzEvMzdIMjRBRlRwSkdHRWJGTGF3UDJnUzdZaWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAshe9AwQB
uf9gAwQA2RyMMA0EAgACMAcDBQEqDWJAMA0GCSqGSIb3DQEBCwUAA4IBAQBH3qWb
i5/CwRcmnr6A0Z2Zr6dOGt22GEx1E2Zsl140YXFUPY1ZBDJAGm2Y9+mU+Y6eiZD+
w+1FRg6X1N2B8NJhsNMCyL3vjBruxy7iHdXHR0vOYVWkgSw6dQOsJ6zHbb9JFd5X
vsnCuivEoZsQcCXg3CyhVErrxnkY49Ii7VMyWf++2Bt7SckKGuqPQBVjFturkX2U
7PmXVVUBKB9LkD5+neCp/RG1YB/9ptCzpOA/9IhHURoOUSOye1LjoE13p2jg3lF2
Lp9n37m2TqugAmYePjpOUKYk4BAMQ1+n5kwquYeUvEEodbx3mGnvc1h5f58qYOwK
ZELBUrzmOqpLUYLC
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:13:36 2025 by rpki-client