Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/gBztc2FzO3KRmw8gYXuh3kzq0AA.roa
File: gBztc2FzO3KRmw8gYXuh3kzq0AA.roa (raw, json)
Hash identifier: 4FmdnEKrXNbeLuTIP4giCCNFx3W0qj7PZxar0PHDWqE=
Subject key identifier: 80:1C:ED:73:61:73:3B:72:91:9B:0F:20:61:7B:A1:DE:4C:EA:D0:00
Certificate issuer: /CN=0d676b1f04aa2cd4f3cd2568310ec141563b9243
Certificate serial: 018CF29DDB06C8C30C32EF2BB96D19DAD944
Authority key identifier: 0D:67:6B:1F:04:AA:2C:D4:F3:CD:25:68:31:0E:C1:41:56:3B:92:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/gBztc2FzO3KRmw8gYXuh3kzq0AA.roa
Signing time: Wed 10 Jan 2024 09:04:40 +0000
ROA not before: Wed 10 Jan 2024 09:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.146.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:9d:db:06:c8:c3:0c:32:ef:2b:b9:6d:19:da:d9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d676b1f04aa2cd4f3cd2568310ec141563b9243
Validity
Not Before: Jan 10 09:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=801ced7361733b72919b0f20617ba1de4cead000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:94:42:ff:18:d6:ec:c4:8e:d8:41:da:b0:40:
02:bd:3a:ff:92:7d:b1:ba:86:80:56:99:41:d1:e1:
e7:44:07:56:b0:80:1e:a1:d3:af:6e:e4:9b:37:15:
bb:87:26:1f:58:af:22:46:86:d8:15:7d:2c:a7:7e:
e3:20:6c:7b:76:8b:54:87:87:02:43:c2:10:85:18:
8d:cb:86:e7:24:de:46:e1:12:9f:38:3e:9e:0e:fc:
2e:a8:bb:96:f5:86:d2:07:36:5e:23:ba:50:b3:3e:
84:93:cf:8d:6f:67:13:25:16:a9:ad:4f:24:6e:e8:
06:5f:ad:8f:9f:7d:10:8b:90:02:01:39:17:b7:7f:
1b:05:a9:51:d1:d2:17:c0:00:49:68:2c:f8:de:72:
dc:a8:18:35:74:8b:45:8e:d9:df:90:ad:da:0b:17:
28:b6:ba:09:27:0c:dd:d8:78:14:7b:77:bd:29:fa:
bd:b4:e5:f2:1b:f9:14:4d:b7:85:b9:ca:0e:57:66:
47:05:8b:db:3b:4c:cb:42:85:44:4f:64:2a:2b:19:
7b:93:b2:89:88:47:20:2c:25:08:99:91:0c:79:22:
18:df:94:78:29:fb:87:d8:57:ac:0e:12:67:f1:7b:
ba:4a:49:02:46:a4:5e:81:0a:15:54:f3:73:44:01:
7f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1C:ED:73:61:73:3B:72:91:9B:0F:20:61:7B:A1:DE:4C:EA:D0:00
X509v3 Authority Key Identifier:
keyid:0D:67:6B:1F:04:AA:2C:D4:F3:CD:25:68:31:0E:C1:41:56:3B:92:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/gBztc2FzO3KRmw8gYXuh3kzq0AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1ebccd-8d1d-46ce-8d98-f004311d4570/1/DWdrHwSqLNTzzSVoMQ7BQVY7kkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.115.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:37:96:29:b5:b9:50:d3:07:b7:26:f1:19:ba:22:3a:b2:ac:
b4:f8:f7:14:1a:ca:a2:1f:73:3c:cb:9a:a9:29:c0:c1:81:bd:
72:e4:b0:9b:e4:54:48:cc:6d:aa:75:e5:ad:16:87:16:a9:dd:
be:c5:dc:15:a7:9f:91:cb:bc:7c:70:37:49:de:95:c5:ed:7d:
50:5c:6e:1f:d4:fb:62:69:ad:2c:99:91:5f:08:99:f2:a5:ea:
8b:c1:8a:de:87:d2:a7:cc:69:26:93:1b:01:22:4c:56:41:2d:
bf:6b:0e:ae:eb:f9:8f:0a:b1:db:de:a2:3d:3c:70:26:c3:17:
49:ea:59:61:41:7a:a0:34:ff:b4:95:17:62:35:6f:ca:f0:d3:
50:e5:ff:06:f1:a7:6a:13:b5:a0:de:31:3e:c9:3c:02:2e:4a:
48:c2:2d:9a:72:b0:fe:09:bd:56:7f:f2:e0:2a:5f:f4:3f:7d:
dc:32:8a:ef:71:4f:ee:b7:54:7b:27:0b:82:c7:36:79:01:79:
28:ed:1f:8f:59:ca:b1:84:27:e3:b9:88:77:3b:3f:cf:80:02:
19:0b:48:a1:90:2e:90:6a:4d:f6:f2:a9:ed:d9:8e:0b:b4:fa:
1a:1a:5a:2f:9e:02:7b:b9:38:d4:b5:f9:2a:59:1f:34:6a:8e:
2f:51:e7:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzyndsGyMMMMu8ruW0Z2tlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjc2YjFmMDRhYTJjZDRmM2NkMjU2ODMxMGVjMTQxNTYz
YjkyNDMwHhcNMjQwMTEwMDkwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFjZWQ3MzYxNzMzYjcyOTE5YjBmMjA2MTdiYTFkZTRjZWFkMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JRC/xjW7MSO2EHasEACvTr/kn2x
uoaAVplB0eHnRAdWsIAeodOvbuSbNxW7hyYfWK8iRobYFX0sp37jIGx7dotUh4cC
Q8IQhRiNy4bnJN5G4RKfOD6eDvwuqLuW9YbSBzZeI7pQsz6Ek8+Nb2cTJRaprU8k
bugGX62Pn30Qi5ACATkXt38bBalR0dIXwABJaCz43nLcqBg1dItFjtnfkK3aCxco
troJJwzd2HgUe3e9Kfq9tOXyG/kUTbeFucoOV2ZHBYvbO0zLQoVET2QqKxl7k7KJ
iEcgLCUImZEMeSIY35R4KfuH2FesDhJn8Xu6SkkCRqRegQoVVPNzRAF/BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAc7XNhcztykZsPIGF7od5M6tAAMB8GA1UdIwQY
MBaAFA1nax8EqizU880laDEOwUFWO5JDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFdkckh3U3FMTlR6elNWb01RN0JRVlk3a2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZWJjY2QtOGQxZC00NmNlLThkOTgt
ZjAwNDMxMWQ0NTcwLzEvZ0J6dGMyRnpPM0tSbXc4Z1lYdWgza3pxMEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZWJjY2QtOGQxZC00NmNlLThkOTgtZjAwNDMxMWQ0NTcw
LzEvRFdkckh3U3FMTlR6elNWb01RN0JRVlk3a2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpJzMA0G
CSqGSIb3DQEBCwUAA4IBAQA7N5YptblQ0we3JvEZuiI6sqy0+PcUGsqiH3M8y5qp
KcDBgb1y5LCb5FRIzG2qdeWtFocWqd2+xdwVp5+Ry7x8cDdJ3pXF7X1QXG4f1Pti
aa0smZFfCJnypeqLwYreh9KnzGkmkxsBIkxWQS2/aw6u6/mPCrHb3qI9PHAmwxdJ
6llhQXqgNP+0lRdiNW/K8NNQ5f8G8adqE7Wg3jE+yTwCLkpIwi2acrD+Cb1Wf/Lg
Kl/0P33cMorvcU/ut1R7JwuCxzZ5AXko7R+PWcqxhCfjuYh3Oz/PgAIZC0ihkC6Q
ak328qnt2Y4LtPoaGlovngJ7uTjUtfkqWR80ao4vUecS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:31 2025 by rpki-client