Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/crbGiT9bOnJKVC_l6w3A6V4X_AA.roa
File: crbGiT9bOnJKVC_l6w3A6V4X_AA.roa (raw, json)
Hash identifier: CxUvDJFcB7lcEuVxbTF3oJHVxU+eKiHDDNZN0FNIc+A=
Subject key identifier: 72:B6:C6:89:3F:5B:3A:72:4A:54:2F:E5:EB:0D:C0:E9:5E:17:FC:00
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 019425216F7889C9DC50339259F294DB5623
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/crbGiT9bOnJKVC_l6w3A6V4X_AA.roa
Signing time: Thu 02 Jan 2025 03:48:55 +0000
ROA not before: Thu 02 Jan 2025 03:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209103
IP address blocks: 194.126.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6f:78:89:c9:dc:50:33:92:59:f2:94:db:56:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: Jan 2 03:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72b6c6893f5b3a724a542fe5eb0dc0e95e17fc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:15:7e:ea:c9:af:40:e3:43:bb:99:7c:62:9b:
dd:59:ad:ee:1f:04:a8:f5:03:ab:64:2a:fb:ed:c6:
0d:d0:07:b0:dc:64:50:a1:f8:3a:18:af:8a:92:3f:
a8:bd:5f:c1:14:e0:2d:72:15:40:03:07:29:cd:64:
be:85:0b:82:34:55:c3:14:8c:f6:0d:ef:7c:86:8e:
6e:df:a9:86:10:f5:3b:07:6a:5a:8c:1a:e9:f2:a6:
82:89:e5:5d:ea:e1:7a:7f:76:38:bf:7b:4f:19:fa:
53:37:bd:43:5b:1a:d0:f5:0e:95:ab:e4:61:09:4d:
51:48:7a:43:26:e2:41:66:f8:78:46:05:52:8d:70:
4c:03:a9:7a:44:09:d6:4a:be:96:80:7d:dc:e8:af:
c5:ac:71:ff:f0:c0:ec:f9:54:75:cd:50:8f:f3:89:
1c:4f:7d:92:bd:30:45:ab:2d:3b:a2:1a:7c:83:eb:
34:f8:45:57:5a:05:ec:97:6b:44:70:55:ed:cd:d4:
c2:23:f5:91:ad:ad:3f:6a:05:d2:10:c3:2c:28:3e:
00:05:a2:cb:f0:92:09:a2:56:d4:49:df:bb:ee:e2:
4b:2f:5e:52:67:77:b6:bd:36:93:c4:b2:9c:0b:f0:
b9:cb:c2:3c:bb:3a:91:76:33:9f:f6:59:6f:37:42:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B6:C6:89:3F:5B:3A:72:4A:54:2F:E5:EB:0D:C0:E9:5E:17:FC:00
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/crbGiT9bOnJKVC_l6w3A6V4X_AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.177.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:14:96:12:a9:84:45:e3:a6:83:e0:2e:7c:43:8c:6e:f5:02:
28:78:75:c4:a4:f9:ff:40:c0:b0:b3:5d:18:67:23:8e:95:59:
14:e6:b4:3d:a5:ca:d2:f4:7c:e5:1a:f4:11:27:4a:ca:cc:2d:
8f:80:de:9f:b2:bc:32:b1:bb:b5:09:c1:e8:6b:1d:d0:58:58:
b0:ee:4a:e9:44:57:2c:5a:b9:40:17:5e:26:6b:70:c3:f9:ba:
8c:92:26:3a:a3:72:c2:7a:79:1b:0a:fd:2b:94:4d:f0:f9:8d:
13:06:4b:17:16:10:83:c4:54:a3:dc:ab:c4:21:fa:cb:12:50:
c5:44:ef:a4:06:aa:c7:0f:71:c0:76:73:13:f4:77:3a:a4:19:
89:0e:cd:af:ab:7c:c5:d1:ba:5d:3b:cb:e5:65:85:26:f3:de:
02:d0:2a:68:ff:10:72:e1:a4:f0:4c:e4:db:25:b2:f8:43:81:
65:a7:95:5f:78:0d:16:2b:bf:aa:4a:7c:ea:46:4d:56:f0:d5:
ae:c3:ff:50:de:3b:e9:1b:ee:13:c2:99:16:9d:81:04:dc:11:
da:f0:d5:79:c5:ba:3f:57:4d:45:ea:80:dd:e8:b0:cd:83:c3:
0f:c3:c2:39:e5:a1:bf:fa:f3:4b:ea:96:58:3d:b1:ae:69:e6:
f7:05:7c:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIW94icncUDOSWfKU21YjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjUwMTAyMDM0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmI2YzY4OTNmNWIzYTcyNGE1NDJmZTVlYjBkYzBlOTVlMTdmYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhV+6smvQONDu5l8YpvdWa3uHwSo
9QOrZCr77cYN0Aew3GRQofg6GK+Kkj+ovV/BFOAtchVAAwcpzWS+hQuCNFXDFIz2
De98ho5u36mGEPU7B2pajBrp8qaCieVd6uF6f3Y4v3tPGfpTN71DWxrQ9Q6Vq+Rh
CU1RSHpDJuJBZvh4RgVSjXBMA6l6RAnWSr6WgH3c6K/FrHH/8MDs+VR1zVCP84kc
T32SvTBFqy07ohp8g+s0+EVXWgXsl2tEcFXtzdTCI/WRra0/agXSEMMsKD4ABaLL
8JIJolbUSd+77uJLL15SZ3e2vTaTxLKcC/C5y8I8uzqRdjOf9llvN0K0sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHK2xok/WzpySlQv5esNwOleF/wAMB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvY3JiR2lUOWJPbkpLVkNfbDZ3M0E2VjRYX0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn6xMA0G
CSqGSIb3DQEBCwUAA4IBAQAbFJYSqYRF46aD4C58Q4xu9QIoeHXEpPn/QMCws10Y
ZyOOlVkU5rQ9pcrS9HzlGvQRJ0rKzC2PgN6fsrwysbu1CcHoax3QWFiw7krpRFcs
WrlAF14ma3DD+bqMkiY6o3LCenkbCv0rlE3w+Y0TBksXFhCDxFSj3KvEIfrLElDF
RO+kBqrHD3HAdnMT9Hc6pBmJDs2vq3zF0bpdO8vlZYUm894C0Cpo/xBy4aTwTOTb
JbL4Q4Flp5VfeA0WK7+qSnzqRk1W8NWuw/9Q3jvpG+4TwpkWnYEE3BHa8NV5xbo/
V01F6oDd6LDNg8MPw8I55aG/+vNL6pZYPbGuaeb3BXwb
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:21 2025 by rpki-client