Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/2aWeoubyCIX2rrr8oqUhMKosd8I.roa
File: 2aWeoubyCIX2rrr8oqUhMKosd8I.roa (raw, json)
Hash identifier: ShYYlYuYDt8uQLmAnh1YjnzsFaN3DQokYhYJvHW83No=
Subject key identifier: D9:A5:9E:A2:E6:F2:08:85:F6:AE:BA:FC:A2:A5:21:30:AA:2C:77:C2
Certificate issuer: /CN=c9a36fdfa41c7469ce73dc8bbece9462dcb8c823
Certificate serial: 0187F749DB1028582538BB4D43BD08C47924
Authority key identifier: C9:A3:6F:DF:A4:1C:74:69:CE:73:DC:8B:BE:CE:94:62:DC:B8:C8:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yaNv36QcdGnOc9yLvs6UYty4yCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/2aWeoubyCIX2rrr8oqUhMKosd8I.roa
Signing time: Sun 07 May 2023 17:37:05 +0000
ROA not before: Sun 07 May 2023 17:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3214
IP address blocks: 194.48.101.0/24 maxlen: 24
194.48.103.0/24 maxlen: 24
194.48.100.0/22 maxlen: 24
194.48.100.0/24 maxlen: 24
194.48.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f7:49:db:10:28:58:25:38:bb:4d:43:bd:08:c4:79:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9a36fdfa41c7469ce73dc8bbece9462dcb8c823
Validity
Not Before: May 7 17:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9a59ea2e6f20885f6aebafca2a52130aa2c77c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:60:35:d8:3d:2f:d8:58:1d:62:ea:02:bb:
e9:07:eb:1e:bd:4d:82:0d:53:b6:30:48:a3:6e:39:
df:33:f1:0a:3c:21:0e:eb:b7:a5:b2:bc:44:8f:67:
01:1e:c5:a3:ef:ce:cd:51:2a:5b:4c:11:a4:df:54:
35:85:63:e9:61:e1:ce:9b:ec:23:03:9e:89:8c:2d:
3a:4b:72:54:05:54:21:ff:22:a2:ea:b3:73:08:da:
52:a1:b4:10:9d:6e:0c:4e:a6:43:1a:eb:ab:23:d9:
4d:ab:87:4f:06:f4:23:74:a6:a9:98:ca:39:93:87:
34:f6:8a:c9:6c:2f:fb:8a:00:b4:02:ba:94:e2:3d:
52:78:22:96:4c:89:82:6e:53:d7:38:5b:15:63:57:
51:d2:4f:84:84:6f:5f:2e:21:61:dc:2a:12:dd:db:
fe:c6:c5:22:01:66:7c:0c:f6:b4:39:4d:19:27:93:
2b:bf:13:d7:6a:54:aa:ef:ab:96:de:bc:d0:b5:59:
29:71:88:98:15:63:99:b0:a4:52:c5:24:35:b7:9c:
96:cd:37:7b:12:4f:c6:67:ab:83:0c:97:3d:08:ba:
87:36:44:b8:fb:bc:5f:56:9d:43:e1:56:ce:a9:88:
4b:4e:70:db:cc:84:17:73:59:c0:ea:16:e7:90:0b:
a5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A5:9E:A2:E6:F2:08:85:F6:AE:BA:FC:A2:A5:21:30:AA:2C:77:C2
X509v3 Authority Key Identifier:
keyid:C9:A3:6F:DF:A4:1C:74:69:CE:73:DC:8B:BE:CE:94:62:DC:B8:C8:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yaNv36QcdGnOc9yLvs6UYty4yCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/2aWeoubyCIX2rrr8oqUhMKosd8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/25a8bc-57f0-43f8-bc02-f5a9c437bb28/1/yaNv36QcdGnOc9yLvs6UYty4yCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.100.0/22
Signature Algorithm: sha256WithRSAEncryption
90:c6:00:27:1b:2b:bf:63:d3:ea:ee:29:db:7b:be:26:69:17:
bb:1f:b7:8a:bc:05:42:12:4b:a3:0d:12:eb:88:1a:be:36:67:
e6:31:5d:fa:a3:6b:72:06:fb:52:e4:e8:82:f2:e7:c4:e3:5e:
14:36:2f:32:5b:4e:22:7e:e3:f6:06:03:15:46:af:8e:f7:27:
75:f6:fc:77:2d:44:de:5d:f6:38:a4:12:c6:26:64:1c:4a:73:
23:b2:76:f0:ee:58:c5:e4:93:fa:fe:ad:3d:af:da:b8:22:a8:
20:c5:d4:62:9b:6e:3c:f9:be:25:e2:3f:0f:9a:4c:d3:8e:fc:
45:2f:d5:a1:fe:29:8c:d7:fd:f3:e5:ec:90:30:e4:bc:6a:7c:
6b:97:9d:c7:b7:fb:38:af:02:2b:fd:9f:b5:f7:65:df:43:4d:
8f:a4:99:cf:cb:dd:97:f5:7d:50:6b:cc:c4:02:5c:cb:b7:97:
4d:6b:15:da:6d:48:ef:e1:18:31:af:eb:1d:ca:3c:70:1a:c3:
38:28:4a:f7:7f:67:4f:9e:9c:e3:1f:76:57:75:43:4e:f9:f5:
32:c0:c0:97:72:72:a9:0a:7d:33:75:26:05:e0:7c:30:0e:14:
4b:51:a5:74:65:2f:03:cc:1f:11:c0:72:39:9b:1f:27:d5:35:
dd:f9:04:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf3SdsQKFglOLtNQ70IxHkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YTM2ZmRmYTQxYzc0NjljZTczZGM4YmJlY2U5NDYyZGNi
OGM4MjMwHhcNMjMwNTA3MTczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE1OWVhMmU2ZjIwODg1ZjZhZWJhZmNhMmE1MjEzMGFhMmM3N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09pgNdg9L9hYHWLqArvpB+sevU2C
DVO2MEijbjnfM/EKPCEO67elsrxEj2cBHsWj787NUSpbTBGk31Q1hWPpYeHOm+wj
A56JjC06S3JUBVQh/yKi6rNzCNpSobQQnW4MTqZDGuurI9lNq4dPBvQjdKapmMo5
k4c09orJbC/7igC0ArqU4j1SeCKWTImCblPXOFsVY1dR0k+EhG9fLiFh3CoS3dv+
xsUiAWZ8DPa0OU0ZJ5MrvxPXalSq76uW3rzQtVkpcYiYFWOZsKRSxSQ1t5yWzTd7
Ek/GZ6uDDJc9CLqHNkS4+7xfVp1D4VbOqYhLTnDbzIQXc1nA6hbnkAuluQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmlnqLm8giF9q66/KKlITCqLHfCMB8GA1UdIwQY
MBaAFMmjb9+kHHRpznPci77OlGLcuMgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWFOdjM2UWNkR25PYzl5THZzNlVZdHk0eUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8yNWE4YmMtNTdmMC00M2Y4LWJjMDIt
ZjVhOWM0MzdiYjI4LzEvMmFXZW91YnlDSVgycnJyOG9xVWhNS29zZDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8yNWE4YmMtNTdmMC00M2Y4LWJjMDItZjVhOWM0MzdiYjI4
LzEveWFOdjM2UWNkR25PYzl5THZzNlVZdHk0eUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjBkMA0G
CSqGSIb3DQEBCwUAA4IBAQCQxgAnGyu/Y9Pq7inbe74maRe7H7eKvAVCEkujDRLr
iBq+NmfmMV36o2tyBvtS5OiC8ufE414UNi8yW04ifuP2BgMVRq+O9yd19vx3LUTe
XfY4pBLGJmQcSnMjsnbw7ljF5JP6/q09r9q4IqggxdRim248+b4l4j8PmkzTjvxF
L9Wh/imM1/3z5eyQMOS8anxrl53Ht/s4rwIr/Z+192XfQ02PpJnPy92X9X1Qa8zE
AlzLt5dNaxXabUjv4Rgxr+sdyjxwGsM4KEr3f2dPnpzjH3ZXdUNO+fUywMCXcnKp
Cn0zdSYF4HwwDhRLUaV0ZS8DzB8RwHI5mx8n1TXd+QSD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:00 2025 by rpki-client