Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ikvhQakxfpcTm1SsDkVh_0coU7I.roa
File: ikvhQakxfpcTm1SsDkVh_0coU7I.roa (raw, json)
Hash identifier: O4AYroOO+lC9sTKcm9i9WRZxOhyFki3IGvdt3gjlsiA=
Subject key identifier: 8A:4B:E1:41:A9:31:7E:97:13:9B:54:AC:0E:45:61:FF:47:28:53:B2
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: F1B4FA
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ikvhQakxfpcTm1SsDkVh_0coU7I.roa
Signing time: Sun 24 Apr 2022 09:54:35 +0000
ROA not before: Sun 24 Apr 2022 09:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210000
IP address blocks: 176.119.223.0/24 maxlen: 24
194.156.188.0/24 maxlen: 24
2a12:3fc0:7d12::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15840506 (0xf1b4fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Apr 24 09:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a4be141a9317e97139b54ac0e4561ff472853b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:ef:ff:e7:90:8b:2c:f5:58:b1:16:af:75:
61:99:a7:30:c7:97:f5:e9:d8:85:e0:16:6b:a4:13:
81:1e:e7:be:db:34:a5:7a:ff:97:df:77:da:ef:86:
02:fc:c4:1d:21:86:89:56:ba:73:d0:89:0d:19:f9:
68:ee:af:82:b7:92:0f:03:95:0d:63:0a:11:b5:5a:
1a:c6:f7:e3:29:2e:e4:e8:8d:7f:8e:a9:2f:4d:be:
c1:fb:57:2b:52:58:fb:f9:8a:ac:1d:8f:6a:d2:5e:
35:d8:1c:0c:a0:d9:8a:71:7a:24:81:fd:f3:60:87:
f7:f9:a9:6a:45:b2:c8:5f:dc:dc:77:aa:0a:c7:1d:
78:eb:7c:4c:53:ea:3f:a9:67:fb:43:d3:3e:2e:89:
a1:48:fe:45:35:04:ad:0a:b8:bc:60:4a:45:9d:c0:
ee:be:ba:f4:59:30:16:cc:87:48:44:60:08:4b:5b:
9f:a8:3b:8b:c6:d5:10:2b:d5:d8:8c:1e:77:3a:ac:
0a:02:d6:a8:0c:0a:31:5b:2e:f8:38:f6:d4:6c:34:
cf:3e:91:9f:de:1a:dd:fa:b8:70:00:53:9c:3f:fd:
c7:44:27:09:ad:a8:0a:1d:c9:02:a1:42:56:7d:68:
82:3a:6b:da:15:dd:3a:df:76:b9:a1:05:b8:73:7d:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4B:E1:41:A9:31:7E:97:13:9B:54:AC:0E:45:61:FF:47:28:53:B2
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ikvhQakxfpcTm1SsDkVh_0coU7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.223.0/24
194.156.188.0/24
IPv6:
2a12:3fc0:7d12::/48
Signature Algorithm: sha256WithRSAEncryption
36:7d:cf:88:4d:8a:8f:9e:be:75:9a:f3:ec:b9:ff:30:21:66:
f7:a3:7c:d9:cd:ab:31:36:e5:f4:52:38:d5:f6:b4:9b:51:7f:
11:41:43:4b:10:f5:d8:bc:c2:de:05:e7:70:61:79:80:c5:33:
d1:2e:aa:05:ff:f2:ab:c3:e6:f4:75:1b:58:b4:8b:47:6f:3f:
85:a3:01:54:a9:3c:ce:26:6e:1a:bd:ed:ed:02:15:aa:d9:4d:
97:6a:bd:db:c4:68:61:47:b7:c2:ea:8c:fa:11:1c:4f:a7:3b:
1a:41:93:35:07:68:cc:b2:af:00:aa:28:b0:72:bd:e8:76:f0:
25:2e:9d:7c:da:23:be:a4:ba:9b:6d:fe:aa:95:ab:02:4d:8b:
06:64:2c:35:02:28:3d:17:18:18:af:75:86:4f:20:69:c2:ce:
f5:e9:0f:b3:7c:2d:f6:70:4d:67:5f:96:cd:27:48:c3:d4:1e:
96:ec:2a:e6:75:be:61:37:cf:50:0f:0e:6a:52:e9:fc:ea:ea:
44:b9:0d:11:1a:65:41:bd:28:83:7b:72:40:bb:8f:4b:38:d0:
c4:04:c1:66:53:4e:db:70:2b:44:0b:a5:41:07:eb:13:c7:27:
a3:f6:ae:6f:c6:74:de:55:ca:70:7a:7b:6e:f4:ad:6a:e3:e9:
7c:a3:12:b3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEAPG0+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OThmN2IxZmQ4MDJiM2RjNmFiZDdhNWNkYTc4NmE2MzExZTFkNjNkMB4XDTIyMDQy
NDA5NTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE0YmUxNDFhOTMx
N2U5NzEzOWI1NGFjMGU0NTYxZmY0NzI4NTNiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALP97//nkIss9VixFq91YZmnMMeX9enYheAWa6QTgR7nvts0
pXr/l9932u+GAvzEHSGGiVa6c9CJDRn5aO6vgreSDwOVDWMKEbVaGsb34yku5OiN
f46pL02+wftXK1JY+/mKrB2PatJeNdgcDKDZinF6JIH982CH9/mpakWyyF/c3Heq
CscdeOt8TFPqP6ln+0PTPi6JoUj+RTUErQq4vGBKRZ3A7r669FkwFsyHSERgCEtb
n6g7i8bVECvV2IwedzqsCgLWqAwKMVsu+Dj21Gw0zz6Rn94a3fq4cABTnD/9x0Qn
Ca2oCh3JAqFCVn1ogjpr2hXdOt92uaEFuHN9h7MCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSKS+FBqTF+lxObVKwORWH/RyhTsjAfBgNVHSMEGDAWgBR5j3sf2AKz3Gq9
elzaeGpjEeHWPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VZOTdIOWdDczl4cXZYcGMybmhxWXhIaDFqMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMzA4ODNhLTE2ZDctNDIxMi05MTk5LTA5ZDBhYTI4ZTU1MS8x
L2lrdmhRYWt4ZnBjVG0xU3NEa1ZoXzBjb1U3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MzA4ODNhLTE2ZDctNDIxMi05MTk5LTA5ZDBhYTI4ZTU1MS8xL2VZOTdIOWdDczl4
cXZYcGMybmhxWXhIaDFqMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEALB33wMEAMKcvDAPBAIAAjAJAwcA
KhI/wH0SMA0GCSqGSIb3DQEBCwUAA4IBAQA2fc+ITYqPnr51mvPsuf8wIWb3o3zZ
zasxNuX0UjjV9rSbUX8RQUNLEPXYvMLeBedwYXmAxTPRLqoF//Krw+b0dRtYtItH
bz+FowFUqTzOJm4ave3tAhWq2U2Xar3bxGhhR7fC6oz6ERxPpzsaQZM1B2jMsq8A
qiiwcr3odvAlLp182iO+pLqbbf6qlasCTYsGZCw1Aig9FxgYr3WGTyBpws716Q+z
fC32cE1nX5bNJ0jD1B6W7Crmdb5hN89QDw5qUun86upEuQ0RGmVBvSiDe3JAu49L
ONDEBMFmU07bcCtEC6VBB+sTxyej9q5vxnTeVcpwentu9K1q4+l8oxKz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:43 2025 by rpki-client