Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/CGDRIjVItsR7KraNF0yje901VKc.roa
File: CGDRIjVItsR7KraNF0yje901VKc.roa (raw, json)
Hash identifier: a/vdfVI8A1udUhJDwMOX/i6MyuW4sQ/QNXzz1bBalhw=
Subject key identifier: 08:60:D1:22:35:48:B6:C4:7B:2A:B6:8D:17:4C:A3:7B:DD:35:54:A7
Certificate issuer: /CN=dd4bdcd28c8735098199aec093ca897c077d7c90
Certificate serial: 018CC8702EF354863E6B3D5D0EEF7DBFAEF3
Authority key identifier: DD:4B:DC:D2:8C:87:35:09:81:99:AE:C0:93:CA:89:7C:07:7D:7C:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/CGDRIjVItsR7KraNF0yje901VKc.roa
Signing time: Tue 02 Jan 2024 04:30:44 +0000
ROA not before: Tue 02 Jan 2024 04:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206858
IP address blocks: 193.228.143.0/24 maxlen: 24
2a10:11c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:2e:f3:54:86:3e:6b:3d:5d:0e:ef:7d:bf:ae:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4bdcd28c8735098199aec093ca897c077d7c90
Validity
Not Before: Jan 2 04:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0860d1223548b6c47b2ab68d174ca37bdd3554a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0d:ba:c8:ee:c7:14:71:ec:81:ec:12:f2:9b:
de:6c:d8:8e:03:2e:bc:23:75:36:73:40:92:a5:64:
0c:8e:79:21:d9:06:1a:12:db:73:76:e7:e5:4a:c3:
f0:c0:84:ff:19:20:a7:cd:72:1b:0c:aa:d6:e4:7a:
f8:66:90:f0:d6:63:36:7d:1a:4c:27:d7:4f:21:30:
ec:e0:57:98:63:91:07:dd:ea:5b:99:a0:97:09:68:
f7:01:0e:75:7e:26:cf:32:2e:bd:c6:50:06:97:10:
0e:9b:42:50:20:69:1b:a1:6e:5c:44:18:b8:3b:4e:
11:23:e9:c6:1f:b2:f1:9a:c3:94:a0:1c:29:73:d0:
70:9b:5d:89:36:bc:ea:69:2b:ba:32:b7:10:ba:4f:
14:13:2d:83:ba:4e:84:f3:e6:ad:dd:ca:5b:7f:57:
b9:af:e9:12:80:50:1e:fa:ae:dc:df:d8:bd:95:37:
a4:ff:e8:51:cb:f5:92:fb:41:8e:b4:1b:ad:fa:cb:
53:61:83:2d:2c:ac:5d:3a:fb:cc:4e:f7:de:6e:fc:
48:b0:76:f7:9d:4a:4d:ba:f3:18:ac:71:c0:1e:30:
34:14:7d:ce:2d:ba:d1:d0:0a:f0:a2:9d:ca:73:6c:
23:f7:cd:fb:2b:8a:81:fa:39:e7:76:ad:41:ff:e5:
03:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:60:D1:22:35:48:B6:C4:7B:2A:B6:8D:17:4C:A3:7B:DD:35:54:A7
X509v3 Authority Key Identifier:
keyid:DD:4B:DC:D2:8C:87:35:09:81:99:AE:C0:93:CA:89:7C:07:7D:7C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/CGDRIjVItsR7KraNF0yje901VKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.143.0/24
IPv6:
2a10:11c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8e:b5:3b:3a:35:d0:37:3c:00:3e:fa:53:48:60:6d:16:95:
7d:1b:49:38:13:ea:36:f1:82:c0:00:3b:90:27:0b:09:bd:2b:
f9:2e:db:a8:24:d1:79:6f:d6:f1:60:9e:37:f3:6d:0a:c3:d8:
39:10:86:7a:47:8e:e8:ad:b7:c3:bc:00:74:52:bc:70:cc:73:
3e:ad:1c:f9:26:40:cc:da:05:fc:e2:30:e6:6e:8f:95:fa:f0:
f8:71:07:ef:65:46:fd:23:1a:c7:58:75:25:ec:0d:b1:7b:54:
c0:de:47:3e:e1:0e:3a:17:81:fb:45:90:dc:af:11:75:c2:aa:
7a:24:ad:7b:06:04:9f:41:dd:1c:ef:27:9e:7a:04:66:d4:93:
db:36:3a:8c:d8:4b:40:21:45:8a:10:e6:a7:2a:e4:15:6c:41:
42:7c:3d:2b:b4:33:fb:3c:6a:35:9a:81:19:85:0e:a5:37:76:
51:8c:1b:ca:d2:d6:34:37:27:18:fa:81:9b:03:c1:1f:b1:8c:
57:a1:b7:a9:c9:96:ea:41:57:4c:c2:81:a1:29:4c:9b:17:cd:
59:fb:30:01:1b:67:76:8d:cb:40:bc:3d:57:b9:8e:d5:b7:b0:
77:0e:37:55:bd:40:b4:cf:98:9f:69:9e:c2:6a:35:d7:9b:71:
ae:b7:d1:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcC7zVIY+az1dDu99v67zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNGJkY2QyOGM4NzM1MDk4MTk5YWVjMDkzY2E4OTdjMDc3
ZDdjOTAwHhcNMjQwMTAyMDQzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYwZDEyMjM1NDhiNmM0N2IyYWI2OGQxNzRjYTM3YmRkMzU1NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw26yO7HFHHsgewS8pvebNiOAy68
I3U2c0CSpWQMjnkh2QYaEttzduflSsPwwIT/GSCnzXIbDKrW5Hr4ZpDw1mM2fRpM
J9dPITDs4FeYY5EH3epbmaCXCWj3AQ51fibPMi69xlAGlxAOm0JQIGkboW5cRBi4
O04RI+nGH7LxmsOUoBwpc9Bwm12JNrzqaSu6MrcQuk8UEy2Duk6E8+at3cpbf1e5
r+kSgFAe+q7c39i9lTek/+hRy/WS+0GOtBut+stTYYMtLKxdOvvMTvfebvxIsHb3
nUpNuvMYrHHAHjA0FH3OLbrR0Arwop3Kc2wj9837K4qB+jnndq1B/+UDiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhg0SI1SLbEeyq2jRdMo3vdNVSnMB8GA1UdIwQY
MBaAFN1L3NKMhzUJgZmuwJPKiXwHfXyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1V2YzBveUhOUW1CbWE3QWs4cUpmQWQ5ZkpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iMTcwMWYtZDc1NS00ZDAyLTkzZTYt
MGFjZmZmNjE4OWJkLzEvQ0dEUklqVkl0c1I3S3JhTkYweWplOTAxVktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9iMTcwMWYtZDc1NS00ZDAyLTkzZTYtMGFjZmZmNjE4OWJk
LzEvM1V2YzBveUhOUW1CbWE3QWs4cUpmQWQ5ZkpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAweSPMA0E
AgACMAcDBQAqEBHAMA0GCSqGSIb3DQEBCwUAA4IBAQAcjrU7OjXQNzwAPvpTSGBt
FpV9G0k4E+o28YLAADuQJwsJvSv5LtuoJNF5b9bxYJ43820Kw9g5EIZ6R47orbfD
vAB0UrxwzHM+rRz5JkDM2gX84jDmbo+V+vD4cQfvZUb9IxrHWHUl7A2xe1TA3kc+
4Q46F4H7RZDcrxF1wqp6JK17BgSfQd0c7yeeegRm1JPbNjqM2EtAIUWKEOanKuQV
bEFCfD0rtDP7PGo1moEZhQ6lN3ZRjBvK0tY0NycY+oGbA8EfsYxXobepyZbqQVdM
woGhKUybF81Z+zABG2d2jctAvD1XuY7Vt7B3DjdVvUC0z5ifaZ7CajXXm3Gut9F9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:30 2025 by rpki-client