Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/gBESvnsZMDWMnh0WGIMktqAdfnE.roa
File: gBESvnsZMDWMnh0WGIMktqAdfnE.roa (raw, json)
Hash identifier: 5Gp+wN9WENRC+t0vd6kszmnfd+RP8bk6RiGOfP3y8hg=
Subject key identifier: 80:11:12:BE:7B:19:30:35:8C:9E:1D:16:18:83:24:B6:A0:1D:7E:71
Certificate issuer: /CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Certificate serial: 01856F70002C7E91C8878BA8B24A6233A41A
Authority key identifier: 2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/gBESvnsZMDWMnh0WGIMktqAdfnE.roa
Signing time: Sun 01 Jan 2023 22:24:48 +0000
ROA not before: Sun 01 Jan 2023 22:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 217.198.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:00:2c:7e:91:c8:87:8b:a8:b2:4a:62:33:a4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf3834cdab5abbcdb6bc5cf4e5503d16e84623a
Validity
Not Before: Jan 1 22:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=801112be7b1930358c9e1d16188324b6a01d7e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:1f:e6:81:ef:0a:12:5c:5d:ea:9f:cc:83:
20:da:f0:9e:57:bd:91:29:d8:29:5f:88:68:bd:5c:
01:a2:17:bb:0e:d9:6f:db:8a:07:7d:b8:fc:0a:5f:
a7:73:2c:0f:72:06:7a:46:59:c2:97:33:cc:da:53:
95:25:99:44:2d:39:81:14:33:17:2e:35:84:a4:23:
b0:be:6c:b9:19:22:e4:a8:74:04:ac:73:dd:da:d5:
6a:dc:2d:2d:4d:36:ac:94:3c:7c:46:24:95:fe:cb:
4a:1c:99:27:51:98:1d:66:87:40:a1:0b:b0:b1:d0:
dd:c2:74:3c:e6:1b:ff:e6:c1:78:2c:e8:1f:bc:c0:
18:1c:bb:7f:64:f9:c5:88:87:54:86:85:2a:2e:79:
42:a7:e3:50:fa:c0:a8:86:09:f7:4f:e4:e9:4a:35:
ad:bf:7d:20:08:96:5a:d7:4b:0c:12:dd:4b:4d:46:
78:dc:9b:08:ec:00:fe:13:16:7a:7d:6f:cd:25:15:
2a:8c:62:93:d3:82:5c:60:a5:80:32:0f:2c:c7:4a:
0d:60:6f:29:6d:5c:1c:ab:1c:00:26:89:a7:1d:6f:
ba:e8:14:e5:4f:ab:92:44:ca:40:df:91:ef:45:59:
db:9c:8f:14:1d:45:04:ee:39:0e:ce:a1:74:d1:3f:
29:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:11:12:BE:7B:19:30:35:8C:9E:1D:16:18:83:24:B6:A0:1D:7E:71
X509v3 Authority Key Identifier:
keyid:2C:F3:83:4C:DA:B5:AB:BC:DB:6B:C5:CF:4E:55:03:D1:6E:84:62:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPODTNq1q7zba8XPTlUD0W6EYjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/gBESvnsZMDWMnh0WGIMktqAdfnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7e5552-0b7d-400c-95fd-856f43f69aa3/1/LPODTNq1q7zba8XPTlUD0W6EYjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.178.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:39:03:d8:a6:de:d2:b6:d9:e3:6b:2a:91:da:c3:b8:fa:50:
68:18:13:cb:bc:61:1f:9b:86:94:08:55:ee:82:4d:a9:c0:86:
56:b3:68:a8:5b:46:03:9b:e2:8e:dc:db:f6:d3:dc:60:ea:37:
4e:60:36:d8:85:51:15:0e:78:cc:f8:a7:63:e7:d7:91:1e:66:
28:0f:91:cd:82:63:1d:99:b7:57:7a:33:e5:d3:32:53:d8:2d:
df:31:15:3c:c7:cc:97:0d:4f:18:da:42:27:92:cb:6b:af:29:
0d:7e:69:13:03:b6:88:0a:f1:3f:cf:64:79:c5:32:4f:65:87:
6a:dd:9a:1b:e0:1b:ff:22:2c:9d:80:3d:ef:38:0a:fa:b6:c8:
b0:0b:04:31:e9:9a:57:fb:29:43:00:d0:97:85:15:56:d0:9d:
5d:fb:27:ce:5e:49:d4:34:b3:17:4a:bb:59:6c:45:42:5a:09:
27:f0:aa:cf:5a:e4:38:7d:9e:f8:b0:89:62:01:0f:7c:f7:88:
76:4c:f3:07:2a:2d:9b:ed:10:f6:db:21:0e:c4:f1:89:1d:cd:
6c:e5:d2:71:38:5a:93:29:19:de:07:6a:84:54:5e:a3:7f:09:
ba:78:de:25:3f:f4:e0:3f:7b:9a:6c:58:87:a1:62:e9:24:08:
5d:b1:fa:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcAAsfpHIh4uoskpiM6QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjM4MzRjZGFiNWFiYmNkYjZiYzVjZjRlNTUwM2QxNmU4
NDYyM2EwHhcNMjMwMTAxMjIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDExMTJiZTdiMTkzMDM1OGM5ZTFkMTYxODgzMjRiNmEwMWQ3ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJYf5oHvChJcXeqfzIMg2vCeV72R
KdgpX4hovVwBohe7Dtlv24oHfbj8Cl+ncywPcgZ6RlnClzPM2lOVJZlELTmBFDMX
LjWEpCOwvmy5GSLkqHQErHPd2tVq3C0tTTaslDx8RiSV/stKHJknUZgdZodAoQuw
sdDdwnQ85hv/5sF4LOgfvMAYHLt/ZPnFiIdUhoUqLnlCp+NQ+sCohgn3T+TpSjWt
v30gCJZa10sMEt1LTUZ43JsI7AD+ExZ6fW/NJRUqjGKT04JcYKWAMg8sx0oNYG8p
bVwcqxwAJomnHW+66BTlT6uSRMpA35HvRVnbnI8UHUUE7jkOzqF00T8p9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAREr57GTA1jJ4dFhiDJLagHX5xMB8GA1UdIwQY
MBaAFCzzg0zatau822vFz05VA9FuhGI6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQt
ODU2ZjQzZjY5YWEzLzEvZ0JFU3Zuc1pNRFdNbmgwV0dJTWt0cUFkZm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83ZTU1NTItMGI3ZC00MDBjLTk1ZmQtODU2ZjQzZjY5YWEz
LzEvTFBPRFROcTFxN3piYThYUFRsVUQwVzZFWWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cayMA0G
CSqGSIb3DQEBCwUAA4IBAQA/OQPYpt7SttnjayqR2sO4+lBoGBPLvGEfm4aUCFXu
gk2pwIZWs2ioW0YDm+KO3Nv209xg6jdOYDbYhVEVDnjM+Kdj59eRHmYoD5HNgmMd
mbdXejPl0zJT2C3fMRU8x8yXDU8Y2kInkstrrykNfmkTA7aICvE/z2R5xTJPZYdq
3Zob4Bv/IiydgD3vOAr6tsiwCwQx6ZpX+ylDANCXhRVW0J1d+yfOXknUNLMXSrtZ
bEVCWgkn8KrPWuQ4fZ74sIliAQ9894h2TPMHKi2b7RD22yEOxPGJHc1s5dJxOFqT
KRneB2qEVF6jfwm6eN4lP/TgP3uabFiHoWLpJAhdsfon
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:59 2025 by rpki-client