Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/rebnVkzuwfocR9qpyis_hgbzUuM.roa
File: rebnVkzuwfocR9qpyis_hgbzUuM.roa (raw, json)
Hash identifier: CW9f08MlMUmJRatAUtl+RKR7H6yPx4GjfcxaBcCSmjc=
Subject key identifier: AD:E6:E7:56:4C:EE:C1:FA:1C:47:DA:A9:CA:2B:3F:86:06:F3:52:E3
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 018CCA990FB0FC2921CD0DBF0DDB70B680F8
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/rebnVkzuwfocR9qpyis_hgbzUuM.roa
Signing time: Tue 02 Jan 2024 14:34:37 +0000
ROA not before: Tue 02 Jan 2024 14:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56603
IP address blocks: 192.145.96.0/24 maxlen: 24
2a09:6280:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:0f:b0:fc:29:21:cd:0d:bf:0d:db:70:b6:80:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 2 14:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ade6e7564ceec1fa1c47daa9ca2b3f8606f352e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2f:a9:c8:bd:a5:9a:45:c1:43:85:c6:f7:6f:
2f:4d:6b:f1:7f:9d:ac:13:67:58:7d:5b:b7:d8:b5:
1a:9c:fe:c6:f7:c4:35:16:ca:14:6e:c6:4b:e0:41:
e0:5f:29:51:85:4e:88:41:49:92:96:17:68:37:c3:
6e:bd:a8:7a:04:da:3d:e1:36:85:ad:88:0e:b6:b4:
81:56:dc:8c:cc:ed:b2:59:35:88:72:4e:80:39:c3:
75:bd:8e:a3:57:a4:b2:3a:0c:30:31:19:ea:c7:ab:
e3:ff:88:6e:02:61:d4:50:7c:fa:9f:3e:54:23:46:
3d:42:c1:c7:3b:54:f9:31:51:7a:c1:41:d9:bf:69:
81:29:88:3c:34:88:ac:57:7e:2b:17:6c:a7:78:52:
c6:a8:90:5d:19:e2:43:32:2f:50:c4:f5:17:68:49:
1c:26:cb:71:6d:d8:5d:44:e5:d6:c5:c7:11:98:1d:
7a:95:0d:2d:e7:5d:f3:a1:72:91:95:ac:ad:47:eb:
00:e0:79:bb:02:8d:61:68:15:85:c1:73:f1:62:e3:
1c:34:00:5a:23:fa:2f:e0:00:01:45:a2:a4:aa:df:
bb:63:8d:ac:95:05:39:12:1c:2a:a8:4f:87:99:75:
84:71:fb:6f:d9:f6:a3:b3:70:da:d1:82:75:8d:9e:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E6:E7:56:4C:EE:C1:FA:1C:47:DA:A9:CA:2B:3F:86:06:F3:52:E3
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/rebnVkzuwfocR9qpyis_hgbzUuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.96.0/24
IPv6:
2a09:6280:1::/48
Signature Algorithm: sha256WithRSAEncryption
69:73:c6:b5:8e:08:4c:22:b8:27:d3:67:3e:f2:9d:db:41:b4:
69:a2:8e:97:b2:1c:ea:e2:31:1e:f5:81:37:a1:3e:74:d0:ff:
56:d2:e0:6d:9f:13:a8:59:e4:5b:93:bb:1b:97:8e:61:39:9a:
1e:e2:96:65:d0:e8:f4:9d:d4:4b:ef:43:e6:d6:14:a2:49:3f:
ff:0d:02:6f:3b:0e:94:29:99:76:dd:7e:61:be:dd:6c:50:70:
5b:9a:a9:66:0e:21:f8:da:e6:1f:e7:52:33:9e:59:11:cd:f5:
ea:f6:b3:5e:6e:14:cb:26:46:a3:b2:01:c6:f9:75:79:85:e7:
17:d4:97:ac:cb:7c:74:30:7f:c6:26:66:db:52:c8:aa:c0:9e:
86:e6:85:17:b2:a2:09:f5:1e:1a:4e:af:6d:97:c4:ed:5e:6b:
04:47:c4:26:1f:bf:c1:c2:4a:c4:06:2b:79:80:d3:9e:5a:0d:
a7:ce:ff:ac:a3:38:5d:ed:b6:06:c4:18:61:8f:37:ac:43:d3:
86:e4:c7:35:4e:be:96:1c:6c:b3:6b:aa:fc:c3:b3:fa:70:e8:
73:29:60:b4:6c:ae:33:0d:47:80:a0:78:68:48:c2:8a:53:14:
37:80:8d:22:ff:75:1b:52:86:4c:a9:02:eb:20:11:f6:4c:57:
4a:78:fa:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmQ+w/CkhzQ2/DdtwtoD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDAxZTU4ODkwYmYyMzBkY2FlNWQwMzA1MTE5ZmYyYzJi
OGQ0MzMwHhcNMjQwMTAyMTQzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU2ZTc1NjRjZWVjMWZhMWM0N2RhYTljYTJiM2Y4NjA2ZjM1MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC+pyL2lmkXBQ4XG928vTWvxf52s
E2dYfVu32LUanP7G98Q1FsoUbsZL4EHgXylRhU6IQUmSlhdoN8Nuvah6BNo94TaF
rYgOtrSBVtyMzO2yWTWIck6AOcN1vY6jV6SyOgwwMRnqx6vj/4huAmHUUHz6nz5U
I0Y9QsHHO1T5MVF6wUHZv2mBKYg8NIisV34rF2yneFLGqJBdGeJDMi9QxPUXaEkc
JstxbdhdROXWxccRmB16lQ0t513zoXKRlaytR+sA4Hm7Ao1haBWFwXPxYuMcNABa
I/ov4AABRaKkqt+7Y42slQU5EhwqqE+HmXWEcftv2fajs3Da0YJ1jZ5gKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK3m51ZM7sH6HEfaqcorP4YG81LjMB8GA1UdIwQY
MBaAFDhAHliJC/Iw3K5dAwURn/LCuNQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYt
OGI5Y2RkYjczNDA4LzEvcmViblZrenV3Zm9jUjlxcHlpc19oZ2J6VXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82N2QzYjgtYzQzZC00NGI3LWFmYTYtOGI5Y2RkYjczNDA4
LzEvT0VBZVdJa0w4akRjcmwwREJSR2Y4c0s0MURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJFgMA8E
AgACMAkDBwAqCWKAAAEwDQYJKoZIhvcNAQELBQADggEBAGlzxrWOCEwiuCfTZz7y
ndtBtGmijpeyHOriMR71gTehPnTQ/1bS4G2fE6hZ5FuTuxuXjmE5mh7ilmXQ6PSd
1EvvQ+bWFKJJP/8NAm87DpQpmXbdfmG+3WxQcFuaqWYOIfja5h/nUjOeWRHN9er2
s15uFMsmRqOyAcb5dXmF5xfUl6zLfHQwf8YmZttSyKrAnobmhReyogn1HhpOr22X
xO1eawRHxCYfv8HCSsQGK3mA055aDafO/6yjOF3ttgbEGGGPN6xD04bkxzVOvpYc
bLNrqvzDs/pw6HMpYLRsrjMNR4CgeGhIwopTFDeAjSL/dRtShkypAusgEfZMV0p4
+sI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:42:42 2025 by rpki-client