Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gd2FSMybDZxY9Dtd3LafC6WBTX0.roa
File: gd2FSMybDZxY9Dtd3LafC6WBTX0.roa (raw, json)
Hash identifier: CdNofDhXlVqPXNWyc8T9raUArrLXpwIlMyFRIlK1ajc=
Subject key identifier: 81:DD:85:48:CC:9B:0D:9C:58:F4:3B:5D:DC:B6:9F:0B:A5:81:4D:7D
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018CC2DAEB655CCC437E4A9A9F0D9D3DD078
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gd2FSMybDZxY9Dtd3LafC6WBTX0.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29321
IP address blocks: 217.195.160.0/20 maxlen: 20
80.243.96.0/20 maxlen: 20
94.143.168.0/21 maxlen: 21
109.239.64.0/20 maxlen: 20
194.59.240.0/22 maxlen: 22
2a02:b20::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:65:5c:cc:43:7e:4a:9a:9f:0d:9d:3d:d0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81dd8548cc9b0d9c58f43b5ddcb69f0ba5814d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a7:8b:15:a0:aa:92:50:9d:50:f6:4f:47:d9:
43:8f:2c:54:38:46:b1:80:31:e8:f8:7b:ae:38:87:
8d:76:dd:4a:d1:0b:c9:16:1a:d2:fe:f0:c9:1c:12:
7c:a4:39:09:15:27:a6:7b:86:a4:8a:ee:69:2d:06:
31:35:bd:d0:8b:bc:cb:6d:7d:c3:a5:93:03:a4:fb:
a9:3e:7a:87:7f:e1:c7:49:be:7d:62:6e:be:64:12:
55:a7:7a:7c:5a:d5:75:6a:e4:79:82:61:a3:c2:f9:
f4:28:23:d1:9a:db:63:75:39:92:33:d0:d3:51:54:
9d:35:10:35:91:60:9f:5e:52:f0:76:53:ca:92:22:
2b:af:4b:a6:2d:da:92:fd:61:ec:a5:b9:7f:06:05:
f8:47:80:8a:55:76:84:32:ae:df:b6:8c:28:2c:7e:
0b:3a:97:e0:c0:f2:0c:ee:ae:c4:a7:5b:86:54:79:
02:66:37:53:b1:43:49:29:ca:bd:04:51:02:92:00:
d1:e2:ad:ce:d1:4d:89:96:c6:1b:b6:83:0f:7d:85:
c0:fe:14:a3:aa:df:1a:15:67:fb:20:d8:1d:ab:95:
fe:49:a2:82:48:21:96:aa:c3:51:c0:57:d6:19:f0:
13:7c:85:9d:42:3b:9e:9a:7c:cb:4e:c6:cb:8f:d9:
05:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DD:85:48:CC:9B:0D:9C:58:F4:3B:5D:DC:B6:9F:0B:A5:81:4D:7D
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/gd2FSMybDZxY9Dtd3LafC6WBTX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.96.0/20
94.143.168.0/21
109.239.64.0/20
194.59.240.0/22
217.195.160.0/20
IPv6:
2a02:b20::/32
Signature Algorithm: sha256WithRSAEncryption
6e:f5:27:11:69:b1:5c:d0:23:97:72:95:74:b6:81:f0:7a:e8:
52:41:26:64:11:06:14:c7:9a:fe:6e:a3:7c:d5:15:6a:05:18:
41:86:18:f1:3f:11:4c:e7:f8:8c:00:54:3b:ea:8f:2d:fc:58:
46:e1:53:42:3e:96:a4:3d:fb:6d:75:4f:ce:bf:31:da:a0:5c:
8d:28:b3:c9:7a:74:ab:01:1e:bc:66:66:41:32:19:69:55:b6:
b3:1b:6c:e5:96:ba:84:01:97:5a:ae:56:ee:19:a7:df:12:4c:
68:1e:73:d9:19:52:49:06:a9:80:f2:fa:dc:70:6d:df:35:3d:
6c:57:2a:3c:15:eb:72:bd:c8:ac:a3:30:cf:de:3e:20:8f:d3:
2b:f5:2e:39:3f:a7:f9:6d:6a:7c:ca:74:07:45:2a:32:7d:88:
40:a0:5d:78:45:52:f2:a0:4d:29:c8:b3:4f:03:d4:59:ba:54:
68:33:55:20:0c:45:64:b0:99:d2:80:a0:41:29:48:11:0f:fa:
ec:7d:fa:1d:66:75:4d:5f:69:45:4c:49:47:04:2f:bc:1f:2b:
f6:ed:68:7e:b6:93:d7:7b:72:9b:11:de:d9:e8:15:82:98:4e:
f3:7d:61:19:b7:4f:ce:00:82:28:bc:33:df:57:4e:42:a4:0d:
dd:f6:6e:56
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzC2utlXMxDfkqanw2dPdB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWRkODU0OGNjOWIwZDljNThmNDNiNWRkY2I2OWYwYmE1ODE0ZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqeLFaCqklCdUPZPR9lDjyxUOEax
gDHo+HuuOIeNdt1K0QvJFhrS/vDJHBJ8pDkJFSeme4akiu5pLQYxNb3Qi7zLbX3D
pZMDpPupPnqHf+HHSb59Ym6+ZBJVp3p8WtV1auR5gmGjwvn0KCPRmttjdTmSM9DT
UVSdNRA1kWCfXlLwdlPKkiIrr0umLdqS/WHspbl/BgX4R4CKVXaEMq7ftowoLH4L
OpfgwPIM7q7Ep1uGVHkCZjdTsUNJKcq9BFECkgDR4q3O0U2JlsYbtoMPfYXA/hSj
qt8aFWf7INgdq5X+SaKCSCGWqsNRwFfWGfATfIWdQjuemnzLTsbLj9kF+wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIHdhUjMmw2cWPQ7Xdy2nwulgU19MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvZ2QyRlNNeWJEWnhZOUR0ZDNMYWZDNldCVFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUPNgAwQD
Xo+oAwQEbe9AAwQCwjvwAwQE2cOgMA0EAgACMAcDBQAqAgsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBu9ScRabFc0COXcpV0toHweuhSQSZkEQYUx5r+bqN81RVqBRhBhhjx
PxFM5/iMAFQ76o8t/FhG4VNCPpakPfttdU/OvzHaoFyNKLPJenSrAR68ZmZBMhlp
VbazG2zllrqEAZdarlbuGaffEkxoHnPZGVJJBqmA8vrccG3fNT1sVyo8Fetyvcis
ozDP3j4gj9Mr9S45P6f5bWp8ynQHRSoyfYhAoF14RVLyoE0pyLNPA9RZulRoM1Ug
DEVksJnSgKBBKUgRD/rsffodZnVNX2lFTElHBC+8Hyv27Wh+tpPXe3KbEd7Z6BWC
mE7zfWEZt0/OAIIovDPfV05CpA3d9m5W
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:33 2025 by rpki-client