Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/7nTlCZgU8i_OoyupSzx4fGtIS6c.roa
File: 7nTlCZgU8i_OoyupSzx4fGtIS6c.roa (raw, json)
Hash identifier: NFylJypgvn2N1Z0Y4ZWsqRFkazz8BPWxvKGD78AB5SU=
Subject key identifier: EE:74:E5:09:98:14:F2:2F:CE:A3:2B:A9:4B:3C:78:7C:6B:48:4B:A7
Certificate issuer: /CN=f1c49833f439b9e0677d8d3bf1f52dfbfb2c624f
Certificate serial: 018CC6B790DBFDBB5AB7A8C7E03B7E6B3E9C
Authority key identifier: F1:C4:98:33:F4:39:B9:E0:67:7D:8D:3B:F1:F5:2D:FB:FB:2C:62:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8cSYM_Q5ueBnfY078fUt-_ssYk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/7nTlCZgU8i_OoyupSzx4fGtIS6c.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 194.11.212.0/24 maxlen: 24
194.11.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:90:db:fd:bb:5a:b7:a8:c7:e0:3b:7e:6b:3e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1c49833f439b9e0677d8d3bf1f52dfbfb2c624f
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee74e5099814f22fcea32ba94b3c787c6b484ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:de:51:c4:7d:9b:02:c5:88:31:33:35:6b:b7:
78:0d:9b:b5:1c:85:43:da:fa:3f:e9:4b:68:da:a2:
45:1d:ca:73:49:1f:5d:7e:74:3e:dd:e7:43:59:36:
ab:9b:e8:f4:b4:e9:9f:7c:ab:ca:34:54:3c:f5:62:
19:bc:c5:11:0e:ba:ce:5d:20:46:02:d8:58:97:2d:
77:0e:07:65:d2:9e:be:49:31:1a:62:1d:41:ae:aa:
f2:46:3a:a6:6c:d8:fd:b4:f6:f9:36:12:19:a0:02:
3f:ad:38:3e:e9:36:e4:ad:54:9b:d8:4e:25:1e:db:
b3:ad:60:46:a3:d7:58:36:b8:4a:01:c5:d8:73:1b:
ac:5c:6c:dc:56:89:f1:a9:dc:cc:00:f4:10:b9:51:
bc:32:5d:1a:d3:cd:f2:05:27:23:ab:b2:ae:bb:cf:
1a:88:29:87:87:ad:c2:27:40:54:16:dc:ea:0e:0f:
0b:0e:f8:ca:b9:9e:13:d0:76:a3:f7:2c:b4:54:76:
5e:6f:ca:ba:5c:ea:5a:32:5b:3d:98:59:07:58:59:
2c:5e:89:84:07:e0:50:c6:f9:b9:4f:78:54:95:d2:
c9:14:f3:e5:d6:2d:04:fe:d1:8f:62:8d:3c:bd:7f:
a3:a5:77:c9:3a:ab:b4:98:a2:f8:da:91:d1:d6:ed:
fc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:74:E5:09:98:14:F2:2F:CE:A3:2B:A9:4B:3C:78:7C:6B:48:4B:A7
X509v3 Authority Key Identifier:
keyid:F1:C4:98:33:F4:39:B9:E0:67:7D:8D:3B:F1:F5:2D:FB:FB:2C:62:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8cSYM_Q5ueBnfY078fUt-_ssYk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/7nTlCZgU8i_OoyupSzx4fGtIS6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3ae379-79e1-46ab-b04d-0f0fa6b6e4bd/1/8cSYM_Q5ueBnfY078fUt-_ssYk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.207.0/24
194.11.212.0/24
Signature Algorithm: sha256WithRSAEncryption
35:d5:b5:c8:33:d9:33:00:aa:3c:b9:4b:43:a7:98:0c:12:e2:
7f:8d:17:a7:11:a1:2d:72:7b:db:0a:62:92:c0:6c:58:dd:bb:
d8:e0:aa:2d:a7:a7:3f:2f:c1:ce:e1:46:d3:0b:fa:8a:21:fc:
c8:b1:17:45:ea:36:ae:51:c2:2e:68:d2:75:c9:19:5b:ee:e3:
17:63:9f:46:7f:e3:77:bc:06:65:47:a1:d9:6a:f2:7f:ca:3b:
c4:65:5a:45:af:b6:28:40:41:1f:94:0d:1d:2e:71:41:8c:f8:
e4:63:c3:69:60:2f:b3:9d:05:03:00:41:ed:a4:84:17:ff:b6:
32:26:68:28:52:7e:67:8d:10:62:5a:96:60:8d:4f:38:07:19:
fc:2b:69:a1:86:2e:31:b7:b7:89:e7:29:19:1a:f4:bf:5e:52:
df:c1:dc:6d:ec:74:a5:0f:b7:14:f2:7f:78:d9:cf:2a:30:70:
cb:e8:71:95:40:8b:dc:ce:20:44:4d:b0:61:1f:24:04:d7:ec:
bc:87:a7:fa:c5:63:72:a4:80:86:e8:b0:5b:82:e3:4c:cb:ea:
a2:8a:80:6b:fb:34:a5:3f:40:7a:30:58:9b:34:bf:c2:d7:db:
ef:8f:3b:9e:cf:cb:91:c3:8d:16:e7:13:ba:03:e0:7b:42:dc:
00:01:2a:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5Db/btat6jH4Dt+az6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYzQ5ODMzZjQzOWI5ZTA2NzdkOGQzYmYxZjUyZGZiZmIy
YzYyNGYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc0ZTUwOTk4MTRmMjJmY2VhMzJiYTk0YjNjNzg3YzZiNDg0YmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN5RxH2bAsWIMTM1a7d4DZu1HIVD
2vo/6Uto2qJFHcpzSR9dfnQ+3edDWTarm+j0tOmffKvKNFQ89WIZvMURDrrOXSBG
AthYly13Dgdl0p6+STEaYh1BrqryRjqmbNj9tPb5NhIZoAI/rTg+6TbkrVSb2E4l
HtuzrWBGo9dYNrhKAcXYcxusXGzcVonxqdzMAPQQuVG8Ml0a083yBScjq7Kuu88a
iCmHh63CJ0BUFtzqDg8LDvjKuZ4T0Haj9yy0VHZeb8q6XOpaMls9mFkHWFksXomE
B+BQxvm5T3hUldLJFPPl1i0E/tGPYo08vX+jpXfJOqu0mKL42pHR1u38wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO505QmYFPIvzqMrqUs8eHxrSEunMB8GA1UdIwQY
MBaAFPHEmDP0ObngZ32NO/H1Lfv7LGJPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGNTWU1fUTV1ZUJuZlkwNzhmVXQtX3NzWWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYWUzNzktNzllMS00NmFiLWIwNGQt
MGYwZmE2YjZlNGJkLzEvN25UbENaZ1U4aV9Pb3l1cFN6eDRmR3RJUzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYWUzNzktNzllMS00NmFiLWIwNGQtMGYwZmE2YjZlNGJk
LzEvOGNTWU1fUTV1ZUJuZlkwNzhmVXQtX3NzWWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgvPAwQA
wgvUMA0GCSqGSIb3DQEBCwUAA4IBAQA11bXIM9kzAKo8uUtDp5gMEuJ/jRenEaEt
cnvbCmKSwGxY3bvY4Kotp6c/L8HO4UbTC/qKIfzIsRdF6jauUcIuaNJ1yRlb7uMX
Y59Gf+N3vAZlR6HZavJ/yjvEZVpFr7YoQEEflA0dLnFBjPjkY8NpYC+znQUDAEHt
pIQX/7YyJmgoUn5njRBiWpZgjU84Bxn8K2mhhi4xt7eJ5ykZGvS/XlLfwdxt7HSl
D7cU8n942c8qMHDL6HGVQIvcziBETbBhHyQE1+y8h6f6xWNypICG6LBbguNMy+qi
ioBr+zSlP0B6MFibNL/C19vvjzuez8uRw40W5xO6A+B7QtwAASpF
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:58:41 2025 by rpki-client