Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/rLtg0sbiz7K32b6gnIFuQS2yHMQ.roa
File: rLtg0sbiz7K32b6gnIFuQS2yHMQ.roa (raw, json)
Hash identifier: 4JJcPV2VdA/hBBctpqtw88ScATmrqZqDNyBi5mYlvHY=
Subject key identifier: AC:BB:60:D2:C6:E2:CF:B2:B7:D9:BE:A0:9C:81:6E:41:2D:B2:1C:C4
Certificate issuer: /CN=8c36ad879c645aee98ac4a89fc800b9a974e941f
Certificate serial: 018CCA2948F023760223E4F0A86F676325A5
Authority key identifier: 8C:36:AD:87:9C:64:5A:EE:98:AC:4A:89:FC:80:0B:9A:97:4E:94:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDath5xkWu6YrEqJ_IALmpdOlB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/rLtg0sbiz7K32b6gnIFuQS2yHMQ.roa
Signing time: Tue 02 Jan 2024 12:32:32 +0000
ROA not before: Tue 02 Jan 2024 12:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209792
IP address blocks: 194.93.20.0/22 maxlen: 24
2a09:2280::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:48:f0:23:76:02:23:e4:f0:a8:6f:67:63:25:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c36ad879c645aee98ac4a89fc800b9a974e941f
Validity
Not Before: Jan 2 12:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acbb60d2c6e2cfb2b7d9bea09c816e412db21cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3d:ee:18:a1:74:25:1a:2c:8c:01:81:df:4a:
05:df:14:2b:69:7d:3d:22:13:02:18:48:ca:01:55:
7a:7f:a5:29:3b:df:b1:f0:8a:4e:83:76:a7:a6:38:
65:89:20:5f:10:5d:ea:71:fd:bb:82:40:49:54:d0:
9e:46:81:84:e8:e7:2a:47:6f:e1:93:f7:d5:51:02:
45:fe:16:4e:69:0a:6b:0d:cc:19:fa:82:23:1f:2e:
2f:3e:3e:40:c7:15:22:94:57:b1:55:72:07:f9:19:
90:c1:45:60:f7:ac:51:0c:a9:f9:d5:62:13:ac:0d:
6c:1b:d3:32:ed:3a:ea:27:69:ea:0b:68:82:56:8a:
a6:b6:50:48:d1:48:3a:cc:33:8c:8c:28:8c:1c:31:
fb:0b:aa:b6:e0:b4:3c:c7:14:b3:b8:bf:04:14:e9:
ff:47:d8:86:72:03:71:83:2e:e8:09:75:0d:54:1f:
55:d2:ca:d7:73:61:7c:c7:d8:5f:0c:4b:bf:97:07:
41:18:9e:07:7b:11:b7:3d:da:7f:d7:ba:d5:1a:1f:
9c:10:71:74:42:ae:15:70:1c:01:70:6e:01:1f:2e:
43:fb:ca:1c:19:7d:13:d7:6c:ac:51:52:e7:d9:56:
ee:c2:53:80:a6:e8:60:9b:cf:b3:c9:fb:4d:4f:74:
db:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:BB:60:D2:C6:E2:CF:B2:B7:D9:BE:A0:9C:81:6E:41:2D:B2:1C:C4
X509v3 Authority Key Identifier:
keyid:8C:36:AD:87:9C:64:5A:EE:98:AC:4A:89:FC:80:0B:9A:97:4E:94:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDath5xkWu6YrEqJ_IALmpdOlB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/rLtg0sbiz7K32b6gnIFuQS2yHMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f663a3-684e-4779-88b9-14e6ec020bfa/1/jDath5xkWu6YrEqJ_IALmpdOlB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.93.20.0/22
IPv6:
2a09:2280::/48
Signature Algorithm: sha256WithRSAEncryption
a7:31:d6:45:77:d2:0c:5e:7e:5b:88:78:08:d5:bc:20:7d:03:
82:00:7d:64:85:d0:ad:47:b7:33:5f:89:07:33:ae:9e:e8:02:
20:ec:11:c8:6e:3b:86:28:36:51:4f:15:9c:f8:8e:d1:30:bb:
c8:4e:b0:82:cb:f8:44:66:a9:a2:ee:9c:4e:5a:e3:95:af:f6:
e2:46:8b:ed:cb:64:d3:36:25:95:f3:55:ac:5a:b4:3d:2a:0d:
eb:d4:0b:6a:b6:ea:92:2c:4d:e6:ec:36:78:25:04:56:ed:c3:
e6:07:6c:52:b7:8a:56:3f:15:5b:db:f4:b1:4a:e7:54:59:5a:
c8:eb:a6:f3:6d:91:13:e9:a6:7e:f5:ad:89:29:33:77:b9:6a:
7f:f3:b1:ea:22:fe:45:16:44:ec:db:8e:8e:ac:49:b3:8a:26:
8b:3d:aa:42:66:08:20:d9:74:07:a7:62:10:7d:52:85:14:d9:
0b:20:00:28:bc:c7:2b:45:57:2d:41:81:71:c5:83:a9:f4:e7:
f5:e9:5a:25:4b:7c:c4:d6:2f:b5:e9:c9:ea:f9:e2:20:18:00:
63:b5:26:49:9e:b3:bd:18:b5:d8:da:b3:0f:08:79:fa:63:6f:
ce:26:f2:aa:c3:ce:cc:2a:aa:2f:d5:6c:2c:4d:41:30:16:d0:
52:79:44:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKUjwI3YCI+TwqG9nYyWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzZhZDg3OWM2NDVhZWU5OGFjNGE4OWZjODAwYjlhOTc0
ZTk0MWYwHhcNMjQwMTAyMTIzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2JiNjBkMmM2ZTJjZmIyYjdkOWJlYTA5YzgxNmU0MTJkYjIxY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j3uGKF0JRosjAGB30oF3xQraX09
IhMCGEjKAVV6f6UpO9+x8IpOg3anpjhliSBfEF3qcf27gkBJVNCeRoGE6OcqR2/h
k/fVUQJF/hZOaQprDcwZ+oIjHy4vPj5AxxUilFexVXIH+RmQwUVg96xRDKn51WIT
rA1sG9My7TrqJ2nqC2iCVoqmtlBI0Ug6zDOMjCiMHDH7C6q24LQ8xxSzuL8EFOn/
R9iGcgNxgy7oCXUNVB9V0srXc2F8x9hfDEu/lwdBGJ4HexG3Pdp/17rVGh+cEHF0
Qq4VcBwBcG4BHy5D+8ocGX0T12ysUVLn2VbuwlOApuhgm8+zyftNT3Tb8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKy7YNLG4s+yt9m+oJyBbkEtshzEMB8GA1UdIwQY
MBaAFIw2rYecZFrumKxKifyAC5qXTpQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRhdGg1eGtXdTZZckVxSl9JQUxtcGRPbEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjYzYTMtNjg0ZS00Nzc5LTg4Yjkt
MTRlNmVjMDIwYmZhLzEvckx0ZzBzYml6N0szMmI2Z25JRnVRUzJ5SE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjYzYTMtNjg0ZS00Nzc5LTg4YjktMTRlNmVjMDIwYmZh
LzEvakRhdGg1eGtXdTZZckVxSl9JQUxtcGRPbEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwl0UMA8E
AgACMAkDBwAqCSKAAAAwDQYJKoZIhvcNAQELBQADggEBAKcx1kV30gxefluIeAjV
vCB9A4IAfWSF0K1HtzNfiQczrp7oAiDsEchuO4YoNlFPFZz4jtEwu8hOsILL+ERm
qaLunE5a45Wv9uJGi+3LZNM2JZXzVaxatD0qDevUC2q26pIsTebsNnglBFbtw+YH
bFK3ilY/FVvb9LFK51RZWsjrpvNtkRPppn71rYkpM3e5an/zseoi/kUWROzbjo6s
SbOKJos9qkJmCCDZdAenYhB9UoUU2QsgACi8xytFVy1BgXHFg6n05/XpWiVLfMTW
L7Xpyer54iAYAGO1Jkmes70Ytdjasw8Iefpjb84m8qrDzswqqi/VbCxNQTAW0FJ5
REY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:20:47 2025 by rpki-client