Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/_oTNJq83cNVZ-QhCAIaCLIHfzks.roa
File: _oTNJq83cNVZ-QhCAIaCLIHfzks.roa (raw, json)
Hash identifier: 9yqRTT+fkdCDIuj2Us56RajObwmYevUPRdhYg/mF4ew=
Subject key identifier: FE:84:CD:26:AF:37:70:D5:59:F9:08:42:00:86:82:2C:81:DF:CE:4B
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018D599FC6841D6D6B450F625A02B56ACF0F
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/_oTNJq83cNVZ-QhCAIaCLIHfzks.roa
Signing time: Tue 30 Jan 2024 09:07:39 +0000
ROA not before: Tue 30 Jan 2024 09:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 82.206.2.0/23 maxlen: 24
82.206.32.0/21 maxlen: 24
82.206.40.0/21 maxlen: 24
82.206.48.0/21 maxlen: 24
82.206.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:9f:c6:84:1d:6d:6b:45:0f:62:5a:02:b5:6a:cf:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Jan 30 09:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe84cd26af3770d559f908420086822c81dfce4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:20:38:93:56:be:ac:32:b9:f6:5d:c4:2d:04:
85:05:2f:63:c7:5a:ce:86:f5:77:e7:8f:92:c5:6c:
bb:06:44:d2:6e:6f:23:ae:1a:13:40:05:8c:0f:0e:
6b:06:ff:af:f4:51:2a:b0:e0:03:45:9a:65:fe:e9:
7a:6b:1f:cb:bc:14:4e:08:f9:8e:1a:9a:6b:51:5d:
f6:e0:57:15:6e:4e:61:57:38:64:e2:5b:7b:b8:e7:
19:81:7f:6c:1f:bf:13:bb:c0:d6:0f:93:cd:f2:23:
af:ac:84:d5:4f:e0:2d:ba:84:20:9c:97:a0:1d:a4:
85:dd:f6:8a:75:af:af:67:29:82:3a:e2:7b:2f:79:
c9:85:67:8b:1f:40:33:20:48:23:70:fc:85:07:a9:
d7:f8:a3:ea:2f:90:90:c5:71:32:ab:07:fe:f6:59:
c7:42:97:b0:d3:97:c3:c9:10:af:9f:a6:16:40:fc:
47:c5:b9:b8:ef:db:8a:b2:35:f6:63:c1:a7:30:ff:
96:cc:5f:f8:1b:32:96:d0:64:96:13:a3:e5:8c:0b:
b3:b9:bf:1b:1b:14:71:80:bb:7f:e3:74:69:ee:6f:
82:76:74:38:83:f5:f3:e4:17:1f:7c:fa:cc:19:99:
bd:79:94:12:72:eb:3f:03:30:c0:72:22:28:db:66:
3d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:84:CD:26:AF:37:70:D5:59:F9:08:42:00:86:82:2C:81:DF:CE:4B
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/_oTNJq83cNVZ-QhCAIaCLIHfzks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0/23
82.206.32.0/19
Signature Algorithm: sha256WithRSAEncryption
23:71:62:d0:d1:ec:39:33:49:74:60:79:0d:60:c7:14:e2:49:
8c:4f:3c:03:88:dc:cf:39:19:a8:47:e0:00:2e:1d:dc:d5:d1:
fb:68:8e:1b:a0:72:85:37:ac:dd:b8:11:c7:ad:45:1f:e2:b1:
f5:e2:12:7b:72:f0:bc:32:1b:c8:b9:4c:91:86:8f:e1:ac:1d:
0b:45:c0:75:4e:38:dc:a9:df:37:25:38:a2:ce:8b:1d:d4:ed:
e3:5c:c9:dc:2e:2a:14:a6:80:d1:42:3f:05:fb:b9:7d:37:ce:
4f:6d:ad:ac:9d:b5:24:07:d4:94:ce:1a:fa:3c:a3:5c:40:f7:
ba:ac:b1:d8:ee:07:b4:b1:bb:ef:58:f9:0f:f9:97:ec:b9:4e:
f6:15:a5:18:34:67:a7:0e:9b:eb:23:1a:1f:aa:e7:d5:eb:04:
5e:94:be:9b:d7:99:73:72:03:4e:8e:fb:8f:8f:25:c3:1e:ef:
db:0f:5e:4b:d9:b4:20:29:9c:05:2b:47:27:55:19:df:3c:49:
4f:16:1a:ba:b9:7c:86:ed:50:ed:b0:87:11:3e:e1:35:45:71:
e5:63:4a:81:5d:1f:b0:cc:92:7f:c8:de:85:fb:3d:73:1e:05:
1a:c9:bc:2e:e9:82:83:54:10:52:c7:99:5c:3b:03:5f:92:65:
fe:d0:e4:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1Zn8aEHW1rRQ9iWgK1as8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMTMwMDkwNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg0Y2QyNmFmMzc3MGQ1NTlmOTA4NDIwMDg2ODIyYzgxZGZjZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSA4k1a+rDK59l3ELQSFBS9jx1rO
hvV354+SxWy7BkTSbm8jrhoTQAWMDw5rBv+v9FEqsOADRZpl/ul6ax/LvBROCPmO
GpprUV324FcVbk5hVzhk4lt7uOcZgX9sH78Tu8DWD5PN8iOvrITVT+AtuoQgnJeg
HaSF3faKda+vZymCOuJ7L3nJhWeLH0AzIEgjcPyFB6nX+KPqL5CQxXEyqwf+9lnH
Qpew05fDyRCvn6YWQPxHxbm479uKsjX2Y8GnMP+WzF/4GzKW0GSWE6PljAuzub8b
GxRxgLt/43Rp7m+CdnQ4g/Xz5BcffPrMGZm9eZQScus/AzDAciIo22Y9NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP6EzSavN3DVWfkIQgCGgiyB385LMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvX29UTkpxODNjTlZaLVFoQ0FJYUNMSUhmemtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUs4CAwQF
Us4gMA0GCSqGSIb3DQEBCwUAA4IBAQAjcWLQ0ew5M0l0YHkNYMcU4kmMTzwDiNzP
ORmoR+AALh3c1dH7aI4boHKFN6zduBHHrUUf4rH14hJ7cvC8MhvIuUyRho/hrB0L
RcB1Tjjcqd83JTiizosd1O3jXMncLioUpoDRQj8F+7l9N85Pba2snbUkB9SUzhr6
PKNcQPe6rLHY7ge0sbvvWPkP+ZfsuU72FaUYNGenDpvrIxofqufV6wRelL6b15lz
cgNOjvuPjyXDHu/bD15L2bQgKZwFK0cnVRnfPElPFhq6uXyG7VDtsIcRPuE1RXHl
Y0qBXR+wzJJ/yN6F+z1zHgUaybwu6YKDVBBSx5lcOwNfkmX+0OT0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:55 2025 by rpki-client