Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/GmnNt0EjIXbV34o7g0cU260oPb8.roa
File: GmnNt0EjIXbV34o7g0cU260oPb8.roa (raw, json)
Hash identifier: TeqtCXCWtqNFpxa0EViIL7qoledsZHv5Vi03PvqoCyY=
Subject key identifier: 1A:69:CD:B7:41:23:21:76:D5:DF:8A:3B:83:47:14:DB:AD:28:3D:BF
Certificate issuer: /CN=3a86b7a734abe4eb73f4c966af66beda7459b75f
Certificate serial: 018C8B9886A91BA324D64AD4DC6DA2433725
Authority key identifier: 3A:86:B7:A7:34:AB:E4:EB:73:F4:C9:66:AF:66:BE:DA:74:59:B7:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/GmnNt0EjIXbV34o7g0cU260oPb8.roa
Signing time: Thu 21 Dec 2023 08:57:58 +0000
ROA not before: Thu 21 Dec 2023 08:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2595
IP address blocks: 193.43.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:98:86:a9:1b:a3:24:d6:4a:d4:dc:6d:a2:43:37:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a86b7a734abe4eb73f4c966af66beda7459b75f
Validity
Not Before: Dec 21 08:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a69cdb741232176d5df8a3b834714dbad283dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:9c:9a:a5:79:a2:fa:b4:b9:29:b4:53:63:
c9:b9:61:c7:9d:51:93:e6:fe:ed:82:05:bc:4e:9c:
70:7c:55:0f:c4:c4:25:1a:2b:91:a5:44:0b:85:2a:
79:44:08:27:b6:2a:f4:79:b3:b2:8c:2f:df:e0:57:
6a:3b:98:9e:cf:15:33:e3:81:59:30:8e:89:08:eb:
f7:a0:83:86:ba:29:b6:ea:43:66:3d:ec:0d:c3:0f:
d8:c9:f8:36:b7:52:70:b7:99:5c:02:4a:fb:5b:c9:
03:42:6b:ca:f5:fe:21:c6:63:c6:e6:02:c2:05:56:
e4:84:a0:3c:12:04:31:23:90:02:c7:71:8d:f0:2d:
47:59:8a:9f:09:03:40:d1:82:1e:c5:27:b2:a9:24:
30:59:bc:e1:2b:83:8e:0e:72:e0:5e:39:56:72:85:
f6:38:44:cb:80:4e:ce:1d:cb:cf:9e:d1:a8:a3:83:
cf:ae:9a:66:7d:61:93:88:60:0e:f8:76:44:64:15:
62:eb:43:2a:e6:91:1f:84:c4:1a:a4:15:85:22:5a:
bb:9c:93:31:77:14:7a:21:9d:27:28:9d:53:00:b7:
d2:54:a6:31:8e:9c:4b:a9:e5:0a:73:33:8d:3a:7d:
07:6d:2d:7c:7c:82:f1:9a:8b:7b:82:32:a1:8a:4e:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:69:CD:B7:41:23:21:76:D5:DF:8A:3B:83:47:14:DB:AD:28:3D:BF
X509v3 Authority Key Identifier:
keyid:3A:86:B7:A7:34:AB:E4:EB:73:F4:C9:66:AF:66:BE:DA:74:59:B7:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/GmnNt0EjIXbV34o7g0cU260oPb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/45ecff-a382-4564-b57f-a3cd0958c7f1/1/Ooa3pzSr5Otz9Mlmr2a-2nRZt18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.137.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:36:df:5a:4b:a1:a0:44:d4:65:87:80:56:7e:5f:88:05:81:
54:b9:ed:d3:b2:5d:10:2c:48:72:e7:73:01:94:64:ce:06:68:
2f:ef:44:8a:1b:32:b9:26:f9:f1:8d:87:a0:21:ec:b0:17:79:
43:6c:21:6a:8f:62:c5:dc:50:d0:c6:9a:8f:0b:ea:84:eb:ed:
89:34:94:36:2a:e7:c0:3b:64:c5:6c:40:dc:2e:bf:80:50:a3:
2f:b0:ea:e0:2d:ce:f2:8a:be:d8:da:d1:85:ff:2a:78:c0:8b:
e9:40:46:28:da:dd:09:ab:a5:2b:c3:47:91:89:4d:72:66:a6:
c8:79:29:7a:af:d7:dd:84:61:3b:4f:57:08:b7:1a:71:bf:f7:
2f:6e:ca:43:15:94:c0:07:19:54:e9:e7:52:57:d8:6d:f6:cf:
90:43:cb:ef:f8:ff:14:09:3b:6f:e8:71:9e:9d:45:25:c9:68:
03:d1:aa:32:24:5b:32:19:b6:99:86:7b:49:cd:d5:b8:04:92:
7f:4e:71:b6:2f:ed:5f:53:26:7a:9e:93:70:4b:95:3f:64:3f:
22:e5:f2:ae:fb:df:8d:15:e2:d9:16:c3:94:0b:3a:13:00:48:
76:e5:08:8d:25:de:7f:27:d1:db:07:05:b0:81:27:4e:ad:6d:
7a:df:cb:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyLmIapG6Mk1krU3G2iQzclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODZiN2E3MzRhYmU0ZWI3M2Y0Yzk2NmFmNjZiZWRhNzQ1
OWI3NWYwHhcNMjMxMjIxMDg1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTY5Y2RiNzQxMjMyMTc2ZDVkZjhhM2I4MzQ3MTRkYmFkMjgzZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCWcmqV5ovq0uSm0U2PJuWHHnVGT
5v7tggW8TpxwfFUPxMQlGiuRpUQLhSp5RAgntir0ebOyjC/f4FdqO5iezxUz44FZ
MI6JCOv3oIOGuim26kNmPewNww/Yyfg2t1Jwt5lcAkr7W8kDQmvK9f4hxmPG5gLC
BVbkhKA8EgQxI5ACx3GN8C1HWYqfCQNA0YIexSeyqSQwWbzhK4OODnLgXjlWcoX2
OETLgE7OHcvPntGoo4PPrppmfWGTiGAO+HZEZBVi60Mq5pEfhMQapBWFIlq7nJMx
dxR6IZ0nKJ1TALfSVKYxjpxLqeUKczONOn0HbS18fILxmot7gjKhik7FVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBppzbdBIyF21d+KO4NHFNutKD2/MB8GA1UdIwQY
MBaAFDqGt6c0q+Trc/TJZq9mvtp0WbdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29hM3B6U3I1T3R6OU1sbXIyYS0yblJadDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80NWVjZmYtYTM4Mi00NTY0LWI1N2Yt
YTNjZDA5NThjN2YxLzEvR21uTnQwRWpJWGJWMzRvN2cwY1UyNjBvUGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80NWVjZmYtYTM4Mi00NTY0LWI1N2YtYTNjZDA5NThjN2Yx
LzEvT29hM3B6U3I1T3R6OU1sbXIyYS0yblJadDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSuJMA0G
CSqGSIb3DQEBCwUAA4IBAQBqNt9aS6GgRNRlh4BWfl+IBYFUue3Tsl0QLEhy53MB
lGTOBmgv70SKGzK5JvnxjYegIeywF3lDbCFqj2LF3FDQxpqPC+qE6+2JNJQ2KufA
O2TFbEDcLr+AUKMvsOrgLc7yir7Y2tGF/yp4wIvpQEYo2t0Jq6Urw0eRiU1yZqbI
eSl6r9fdhGE7T1cItxpxv/cvbspDFZTABxlU6edSV9ht9s+QQ8vv+P8UCTtv6HGe
nUUlyWgD0aoyJFsyGbaZhntJzdW4BJJ/TnG2L+1fUyZ6npNwS5U/ZD8i5fKu+9+N
FeLZFsOUCzoTAEh25QiNJd5/J9HbBwWwgSdOrW1638ue
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:54 2025 by rpki-client