Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PO24Po4-XGZf8ENK-7pgm0TanQo.roa
File: PO24Po4-XGZf8ENK-7pgm0TanQo.roa (raw, json)
Hash identifier: lsXGbZThw10u4VtO9tTUe3mLhCLIgbi/8tZdvZS5keQ=
Subject key identifier: 3C:ED:B8:3E:8E:3E:5C:66:5F:F0:43:4A:FB:BA:60:9B:44:DA:9D:0A
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 0193308BD273C9C081BD64C3D5DF2A924153
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PO24Po4-XGZf8ENK-7pgm0TanQo.roa
Signing time: Fri 15 Nov 2024 15:58:09 +0000
ROA not before: Fri 15 Nov 2024 15:58:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43763
IP address blocks: 79.132.32.0/19 maxlen: 19
95.171.128.0/19 maxlen: 19
213.176.192.0/19 maxlen: 19
2a00:ba80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:8b:d2:73:c9:c0:81:bd:64:c3:d5:df:2a:92:41:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Nov 15 15:58:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cedb83e8e3e5c665ff0434afbba609b44da9d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:56:b2:ce:f5:b7:61:05:86:7c:40:8f:31:
03:21:c8:ce:95:af:79:c8:0e:26:9b:e3:cf:f8:bd:
e6:ba:7f:9b:24:3f:eb:f5:f5:04:04:49:01:4a:8a:
05:f7:fa:18:84:17:5e:c8:b5:2c:26:f6:ee:a7:ba:
87:45:ee:e8:d2:5d:17:ba:a1:43:08:d6:da:78:df:
c3:48:37:c5:6f:35:de:ea:a1:33:90:e5:e7:8a:53:
39:f9:8c:0c:8f:3e:ad:c2:bb:fd:50:13:0b:55:af:
be:b4:1d:26:e8:47:e7:9d:e3:43:74:7b:9a:b2:39:
02:dd:10:9a:a4:82:74:66:62:f5:c9:b4:a4:a3:70:
31:6d:fa:f5:11:4f:a5:3c:d4:84:75:82:b8:c1:0e:
21:b6:97:5f:7a:cb:52:e1:c1:9f:68:97:87:4b:58:
e9:88:66:a9:37:6c:69:ad:bf:c0:fa:52:73:b0:9a:
d5:69:6b:a1:ca:77:d7:65:46:84:e5:0a:9c:3b:70:
ad:f7:57:03:50:23:22:e2:d1:e7:c5:61:b2:f8:49:
31:a5:98:70:e1:d1:58:fe:94:75:84:ad:ab:ae:24:
c3:e3:ce:5d:c8:c2:75:b7:40:5b:75:39:ea:21:cc:
d8:0d:ac:0a:9b:02:0a:39:32:01:bf:1b:00:69:54:
e3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:ED:B8:3E:8E:3E:5C:66:5F:F0:43:4A:FB:BA:60:9B:44:DA:9D:0A
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/PO24Po4-XGZf8ENK-7pgm0TanQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.32.0/19
95.171.128.0/19
213.176.192.0/19
IPv6:
2a00:ba80::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ba:b4:44:b6:47:29:7c:a7:0c:0a:4c:b0:76:42:82:84:a6:
08:70:ea:c4:58:91:91:d8:74:45:42:fe:b1:a7:ce:5b:28:fd:
73:20:c9:73:2f:fc:9e:85:69:00:92:51:56:a7:c0:de:2b:ef:
f9:87:63:81:59:0c:6a:c1:cc:77:46:9c:90:be:62:09:56:7e:
a5:a9:ab:b2:d1:f0:0e:7d:5f:2d:28:87:63:5f:89:df:80:93:
8d:df:ab:26:cb:dd:4e:2e:c2:8a:18:85:08:aa:fb:94:6f:75:
66:c0:49:aa:47:51:5b:ad:01:c5:20:e9:17:10:8b:38:18:86:
e0:90:52:5e:eb:77:e4:52:00:f2:6c:85:82:49:00:57:49:8f:
11:02:c2:6a:fb:fb:37:e5:99:9a:19:70:6d:c6:25:24:5b:11:
f1:32:11:fd:8e:8d:2f:16:68:f1:d8:dc:f9:fc:36:e1:91:64:
74:75:d4:c2:e5:0e:fa:db:85:9e:3c:f5:3c:2d:34:fa:ab:3c:
69:70:b2:60:97:5d:ca:e7:8a:33:32:b0:c2:83:94:bc:0d:84:
34:bb:8e:03:9f:58:87:cf:1d:3c:a3:ea:d7:19:48:55:e5:f1:
5d:89:3f:46:6a:4d:57:f9:2b:c2:50:d9:fc:fc:7c:da:05:3e:
e6:7e:1b:8d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMwi9JzycCBvWTD1d8qkkFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQxMTE1MTU1ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2VkYjgzZThlM2U1YzY2NWZmMDQzNGFmYmJhNjA5YjQ0ZGE5ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBBWss71t2EFhnxAjzEDIcjOla95
yA4mm+PP+L3mun+bJD/r9fUEBEkBSooF9/oYhBdeyLUsJvbup7qHRe7o0l0XuqFD
CNbaeN/DSDfFbzXe6qEzkOXnilM5+YwMjz6twrv9UBMLVa++tB0m6EfnneNDdHua
sjkC3RCapIJ0ZmL1ybSko3Axbfr1EU+lPNSEdYK4wQ4htpdfestS4cGfaJeHS1jp
iGapN2xprb/A+lJzsJrVaWuhynfXZUaE5QqcO3Ct91cDUCMi4tHnxWGy+EkxpZhw
4dFY/pR1hK2rriTD485dyMJ1t0BbdTnqIczYDawKmwIKOTIBvxsAaVTj1wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDztuD6OPlxmX/BDSvu6YJtE2p0KMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUE8yNFBvNC1YR1pmOEVOSy03cGdtMFRhblFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFT4QgAwQF
X6uAAwQF1bDAMA0EAgACMAcDBQAqALqAMA0GCSqGSIb3DQEBCwUAA4IBAQClurRE
tkcpfKcMCkywdkKChKYIcOrEWJGR2HRFQv6xp85bKP1zIMlzL/yehWkAklFWp8De
K+/5h2OBWQxqwcx3RpyQvmIJVn6lqauy0fAOfV8tKIdjX4nfgJON36smy91OLsKK
GIUIqvuUb3VmwEmqR1FbrQHFIOkXEIs4GIbgkFJe63fkUgDybIWCSQBXSY8RAsJq
+/s35ZmaGXBtxiUkWxHxMhH9jo0vFmjx2Nz5/DbhkWR0ddTC5Q7624WePPU8LTT6
qzxpcLJgl13K54ozMrDCg5S8DYQ0u44Dn1iHzx08o+rXGUhV5fFdiT9Gak1X+SvC
UNn8/HzaBT7mfhuN
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:54 2025 by rpki-client