Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/ecbbea-9bc4-4bcd-9522-1008204ba6fd/1/IS8jcCOIHTTkST4jq_2thBQheJI.roa
File: IS8jcCOIHTTkST4jq_2thBQheJI.roa (raw, json)
Hash identifier: 4dNQnSp1o/PVGdcRvzloKk2q/M4NPy/cy9lp1okFCaQ=
Subject key identifier: 21:2F:23:70:23:88:1D:34:E4:49:3E:23:AB:FD:AD:84:14:21:78:92
Certificate issuer: /CN=7545b74cb0f5e0ae08071d34483e16a07e8b0f5d
Certificate serial: 018570C2C43177E921866E960567DCCCBF96
Authority key identifier: 75:45:B7:4C:B0:F5:E0:AE:08:07:1D:34:48:3E:16:A0:7E:8B:0F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dUW3TLD14K4IBx00SD4WoH6LD10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/ecbbea-9bc4-4bcd-9522-1008204ba6fd/1/IS8jcCOIHTTkST4jq_2thBQheJI.roa
Signing time: Mon 02 Jan 2023 04:34:50 +0000
ROA not before: Mon 02 Jan 2023 04:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211190
IP address blocks: 176.97.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c4:31:77:e9:21:86:6e:96:05:67:dc:cc:bf:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7545b74cb0f5e0ae08071d34483e16a07e8b0f5d
Validity
Not Before: Jan 2 04:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=212f237023881d34e4493e23abfdad8414217892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:17:ca:e1:77:df:9d:98:fa:8d:65:27:ad:
ef:c2:28:d3:6f:9e:41:e0:ad:d3:38:44:43:88:90:
43:f6:4c:ad:83:16:c9:76:b7:c2:fa:09:44:70:ef:
53:fd:0b:05:cf:fc:55:f9:8b:95:66:55:7c:0f:66:
c0:74:2c:b6:71:65:97:1a:eb:47:bf:e1:69:6f:30:
5f:2f:06:c2:94:ea:42:fb:3f:73:1a:7f:aa:11:ec:
17:c6:f7:b9:e9:9c:dc:da:db:af:02:95:06:cb:b3:
9a:8f:90:f1:7d:bd:b1:f1:dd:cb:df:64:1a:e9:a0:
30:5c:47:b7:fe:34:dd:2a:be:b2:be:35:bf:ba:d0:
c1:87:53:46:09:0b:23:b0:4c:48:69:c7:1e:1c:fb:
55:a1:78:2f:86:dd:6b:b1:93:d5:21:d9:53:ed:dc:
4f:7f:3c:dc:fe:e8:dd:31:45:62:82:f6:5d:82:f6:
b9:56:0e:e4:b3:bb:d8:2e:7d:2c:e7:c8:d3:48:a8:
65:60:00:6a:84:36:a8:a6:f2:92:d0:c1:46:63:f5:
2a:ee:c1:db:c2:dd:2c:dd:49:35:f5:ed:a9:41:6c:
cb:5f:00:dc:55:44:a8:ad:4d:4e:e8:64:6e:69:5a:
34:53:de:75:8e:c5:36:6d:3f:d9:f9:05:2b:be:ae:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2F:23:70:23:88:1D:34:E4:49:3E:23:AB:FD:AD:84:14:21:78:92
X509v3 Authority Key Identifier:
keyid:75:45:B7:4C:B0:F5:E0:AE:08:07:1D:34:48:3E:16:A0:7E:8B:0F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUW3TLD14K4IBx00SD4WoH6LD10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/ecbbea-9bc4-4bcd-9522-1008204ba6fd/1/IS8jcCOIHTTkST4jq_2thBQheJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/ecbbea-9bc4-4bcd-9522-1008204ba6fd/1/dUW3TLD14K4IBx00SD4WoH6LD10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.221.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c4:50:5c:fd:3d:a3:a4:5b:71:ed:bd:00:80:78:73:de:51:
a1:6e:42:7d:eb:ef:fd:c0:b0:15:e7:78:b9:55:a1:46:ac:9d:
9d:0c:72:9f:05:96:58:90:62:9c:72:cd:6c:35:00:0f:e4:2c:
4b:b2:19:a6:3b:b3:16:7a:77:2b:55:5f:83:d0:e9:f2:ed:a3:
0b:25:34:b7:a4:db:1d:fa:a3:47:0d:79:54:2f:3d:e4:65:cd:
be:ad:ce:3d:f5:b2:f1:e7:de:01:fb:d2:69:e2:18:b1:4b:e6:
33:e6:62:c3:ea:99:e4:1f:54:ae:27:f2:bf:9b:74:fa:6d:54:
2b:0f:40:a6:f6:18:a9:fd:6b:1a:f0:b0:ce:9e:02:a8:b5:3e:
93:3b:1d:ee:cc:1d:ef:98:c4:e1:cd:dd:28:7d:ec:b9:9f:bb:
da:30:93:89:4f:9f:96:a9:0e:c2:f4:46:ec:fa:7a:20:39:9e:
e2:ab:1d:49:81:12:49:61:fd:c6:d5:6a:27:2d:c5:9e:27:aa:
dd:d4:39:b3:da:a2:99:23:77:3d:0d:85:33:b2:98:35:b1:93:
bb:88:74:89:24:dc:69:f6:1b:f6:43:25:80:25:68:0b:29:ee:
c6:80:c8:ee:24:a4:b4:49:a3:51:3c:3f:39:65:48:49:1f:4b:
e4:9f:e2:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwsQxd+khhm6WBWfczL+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDViNzRjYjBmNWUwYWUwODA3MWQzNDQ4M2UxNmEwN2U4
YjBmNWQwHhcNMjMwMTAyMDQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJmMjM3MDIzODgxZDM0ZTQ0OTNlMjNhYmZkYWQ4NDE0MjE3ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/wXyuF3352Y+o1lJ63vwijTb55B
4K3TOERDiJBD9kytgxbJdrfC+glEcO9T/QsFz/xV+YuVZlV8D2bAdCy2cWWXGutH
v+FpbzBfLwbClOpC+z9zGn+qEewXxve56Zzc2tuvApUGy7Oaj5Dxfb2x8d3L32Qa
6aAwXEe3/jTdKr6yvjW/utDBh1NGCQsjsExIacceHPtVoXgvht1rsZPVIdlT7dxP
fzzc/ujdMUVigvZdgva5Vg7ks7vYLn0s58jTSKhlYABqhDaopvKS0MFGY/Uq7sHb
wt0s3Uk19e2pQWzLXwDcVUSorU1O6GRuaVo0U951jsU2bT/Z+QUrvq5sBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEvI3AjiB005Ek+I6v9rYQUIXiSMB8GA1UdIwQY
MBaAFHVFt0yw9eCuCAcdNEg+FqB+iw9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVXM1RMRDE0SzRJQngwMFNENFdvSDZMRDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lY2JiZWEtOWJjNC00YmNkLTk1MjIt
MTAwODIwNGJhNmZkLzEvSVM4amNDT0lIVFRrU1Q0anFfMnRoQlFoZUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lY2JiZWEtOWJjNC00YmNkLTk1MjItMTAwODIwNGJhNmZk
LzEvZFVXM1RMRDE0SzRJQngwMFNENFdvSDZMRDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGHdMA0G
CSqGSIb3DQEBCwUAA4IBAQAoxFBc/T2jpFtx7b0AgHhz3lGhbkJ96+/9wLAV53i5
VaFGrJ2dDHKfBZZYkGKccs1sNQAP5CxLshmmO7MWencrVV+D0Ony7aMLJTS3pNsd
+qNHDXlULz3kZc2+rc499bLx594B+9Jp4hixS+Yz5mLD6pnkH1SuJ/K/m3T6bVQr
D0Cm9hip/Wsa8LDOngKotT6TOx3uzB3vmMThzd0ofey5n7vaMJOJT5+WqQ7C9Ebs
+nogOZ7iqx1JgRJJYf3G1WonLcWeJ6rd1Dmz2qKZI3c9DYUzspg1sZO7iHSJJNxp
9hv2QyWAJWgLKe7GgMjuJKS0SaNRPD85ZUhJH0vkn+LY
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:39 2025 by rpki-client