Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/coRbXdNKK35ijI6OSF0B34ZQ3CU.roa
File: coRbXdNKK35ijI6OSF0B34ZQ3CU.roa (raw, json)
Hash identifier: +phZWqThOwcqq+/ukacKzwOhER3VyC+zDAEHbRO/KVM=
Subject key identifier: 72:84:5B:5D:D3:4A:2B:7E:62:8C:8E:8E:48:5D:01:DF:86:50:DC:25
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018A736CF1B95BCA93DD66FADD289574EC6E
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/coRbXdNKK35ijI6OSF0B34ZQ3CU.roa
Signing time: Fri 08 Sep 2023 06:13:54 +0000
ROA not before: Fri 08 Sep 2023 06:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 194.32.144.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:6c:f1:b9:5b:ca:93:dd:66:fa:dd:28:95:74:ec:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Sep 8 06:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72845b5dd34a2b7e628c8e8e485d01df8650dc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:b2:57:fe:87:95:de:e3:43:49:34:36:6e:
7a:d4:dc:e1:b2:dc:eb:4e:8b:40:fb:b2:a5:92:52:
ff:9f:e5:ad:64:a2:48:ec:2b:e3:bf:f8:e1:0c:ad:
9b:e3:27:bd:85:4d:32:2c:ae:27:0f:fc:b9:21:b5:
a0:09:eb:49:a6:71:23:7e:2c:97:04:11:8d:65:eb:
eb:4a:3f:5e:e8:b2:a7:76:7b:77:1d:0c:11:f5:df:
46:98:5e:75:f7:b9:fd:4b:75:d2:be:f2:f6:4b:c4:
2a:e1:20:e6:64:36:a8:41:96:1c:5b:d2:71:9e:94:
01:9f:eb:db:a9:30:45:70:66:8c:af:a4:3a:91:f2:
f3:4b:3f:cc:70:e6:1d:ae:2f:d3:54:7e:7c:4b:51:
d3:6d:77:4a:65:d7:7c:83:4d:3c:3a:35:21:f1:2d:
c7:7f:6d:29:29:25:05:6b:48:dd:46:20:22:6c:68:
37:e3:ee:98:ea:d7:5b:88:35:38:5e:61:b1:46:b2:
68:e7:5a:55:0a:6e:c3:34:3a:d0:c0:c0:12:6d:e5:
dc:55:71:49:4b:85:16:57:dd:36:af:26:ef:15:30:
68:cd:1b:e4:f6:84:3b:4c:44:a9:db:30:11:b6:ba:
2d:aa:a6:ab:ab:05:1a:15:aa:d5:62:1e:fd:bb:a2:
f7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:84:5B:5D:D3:4A:2B:7E:62:8C:8E:8E:48:5D:01:DF:86:50:DC:25
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/coRbXdNKK35ijI6OSF0B34ZQ3CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
30:56:9b:66:af:d6:98:82:20:af:6e:b1:78:15:e8:5a:6d:89:
1b:5d:45:91:52:d2:95:2a:86:70:35:5b:97:3c:cd:c6:a3:ed:
b2:17:a4:15:e6:33:1c:a9:3e:8a:df:32:f3:bc:ee:71:60:4d:
c0:88:78:c8:71:73:72:8d:46:9d:05:f3:6f:06:c0:b5:42:13:
e8:73:48:bf:02:14:22:49:9f:0e:37:a9:c9:3a:78:b8:21:e1:
29:94:9d:a4:37:9b:62:5c:80:c1:f6:42:45:dd:b1:76:ce:18:
9c:f6:33:7f:f2:8e:ad:09:29:bf:8a:b5:ce:c8:54:ad:84:ed:
96:1f:8c:dc:a4:0b:cf:63:b6:92:b5:e8:13:57:82:fd:1c:c8:
eb:49:fe:ff:39:13:3e:5b:d3:0a:39:6e:a8:5a:c1:7d:b3:d3:
f9:9c:c3:1e:e7:cf:35:ec:80:54:30:32:c7:83:33:a6:c7:5e:
5d:c1:9b:fc:59:a9:31:00:99:62:0d:ec:f0:47:e4:21:f6:b0:
46:15:1f:a8:34:7b:77:ff:08:10:3c:5e:a5:c6:74:da:9e:08:
3e:72:8b:ee:9e:38:04:5c:12:38:a7:bf:bd:3f:62:38:e2:3e:
90:64:c5:03:4c:c7:f9:65:47:35:09:1c:ae:3f:97:3d:d0:ba:
be:a2:5a:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpzbPG5W8qT3Wb63SiVdOxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwOTA4MDYxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjg0NWI1ZGQzNGEyYjdlNjI4YzhlOGU0ODVkMDFkZjg2NTBkYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnveyV/6Hld7jQ0k0Nm561Nzhstzr
TotA+7KlklL/n+WtZKJI7Cvjv/jhDK2b4ye9hU0yLK4nD/y5IbWgCetJpnEjfiyX
BBGNZevrSj9e6LKndnt3HQwR9d9GmF5197n9S3XSvvL2S8Qq4SDmZDaoQZYcW9Jx
npQBn+vbqTBFcGaMr6Q6kfLzSz/McOYdri/TVH58S1HTbXdKZdd8g008OjUh8S3H
f20pKSUFa0jdRiAibGg34+6Y6tdbiDU4XmGxRrJo51pVCm7DNDrQwMASbeXcVXFJ
S4UWV902rybvFTBozRvk9oQ7TESp2zARtrotqqarqwUaFarVYh79u6L3NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKEW13TSit+YoyOjkhdAd+GUNwlMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvY29SYlhkTktLMzVpakk2T1NGMEIzNFpRM0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAwVptmr9aYgiCvbrF4FehabYkbXUWRUtKVKoZwNVuX
PM3Go+2yF6QV5jMcqT6K3zLzvO5xYE3AiHjIcXNyjUadBfNvBsC1QhPoc0i/AhQi
SZ8ON6nJOni4IeEplJ2kN5tiXIDB9kJF3bF2zhic9jN/8o6tCSm/irXOyFSthO2W
H4zcpAvPY7aStegTV4L9HMjrSf7/ORM+W9MKOW6oWsF9s9P5nMMe58817IBUMDLH
gzOmx15dwZv8WakxAJliDezwR+Qh9rBGFR+oNHt3/wgQPF6lxnTangg+covunjgE
XBI4p7+9P2I44j6QZMUDTMf5ZUc1CRyuP5c90Lq+olq3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:26 2025 by rpki-client