Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/C68Jy4vS9ZhrosrQ0hLHm1uIuZY.roa
File: C68Jy4vS9ZhrosrQ0hLHm1uIuZY.roa (raw, json)
Hash identifier: KriDQtKp0/6qr4HNTZ8vH7ju161mMdjIkNUJn2wDbds=
Subject key identifier: 0B:AF:09:CB:8B:D2:F5:98:6B:A2:CA:D0:D2:12:C7:9B:5B:88:B9:96
Certificate issuer: /CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
Certificate serial: 0194266BB9A74B7990CC2EAF6A33187B2534
Authority key identifier: A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/C68Jy4vS9ZhrosrQ0hLHm1uIuZY.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39816
IP address blocks: 84.38.16.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b9:a7:4b:79:90:cc:2e:af:6a:33:18:7b:25:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4824308bc83b4ee56f1c0c1b9fbfc311b0cd44a
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0baf09cb8bd2f5986ba2cad0d212c79b5b88b996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ae:fb:2f:70:53:d1:3b:55:51:da:a1:d1:8b:
cb:f9:b6:35:2f:ea:73:e2:36:b2:29:10:9f:a5:0d:
5b:d5:6b:38:2c:3d:bc:40:3c:48:1c:14:8b:e6:41:
62:2b:4f:47:9c:49:bb:83:c1:75:9a:4a:59:b9:a9:
03:5a:29:1a:99:5d:35:3a:30:c0:9b:6d:8d:7e:ee:
e7:08:26:66:3b:6d:05:ce:be:3f:93:a1:b1:8b:8f:
85:bc:a8:da:ad:f8:4b:6d:fe:2b:6d:6c:74:72:4a:
3c:3f:5c:a4:c2:86:f3:5e:ee:e6:8b:23:9d:c5:40:
e5:f2:3f:26:da:af:6d:db:b5:fa:9b:49:9a:c9:ca:
39:4e:d1:f3:9a:0e:d6:9f:db:69:e0:6c:55:7d:42:
94:8d:c3:71:9e:e6:ea:09:25:f3:84:49:a7:e4:86:
06:de:a7:1b:3e:c8:aa:81:d3:84:63:f2:a9:a9:a3:
dd:78:9e:68:8e:06:d3:9d:df:aa:9f:0e:ad:95:f6:
92:91:71:e4:dc:07:dd:c9:88:94:88:1e:aa:0d:13:
a5:52:bf:58:0c:08:bf:04:9c:37:23:77:b6:d3:18:
d3:66:03:e9:e2:1f:ac:8a:20:13:f7:9b:db:3c:e8:
d3:f9:93:d4:d3:82:01:ad:20:66:6e:d5:e1:e4:3c:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AF:09:CB:8B:D2:F5:98:6B:A2:CA:D0:D2:12:C7:9B:5B:88:B9:96
X509v3 Authority Key Identifier:
keyid:A4:82:43:08:BC:83:B4:EE:56:F1:C0:C1:B9:FB:FC:31:1B:0C:D4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pIJDCLyDtO5W8cDBufv8MRsM1Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/C68Jy4vS9ZhrosrQ0hLHm1uIuZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/5feb13-9e43-4325-85c9-196e6f375fd6/1/pIJDCLyDtO5W8cDBufv8MRsM1Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.16.0/20
Signature Algorithm: sha256WithRSAEncryption
69:18:b4:af:cf:81:2c:5d:05:f3:d2:54:26:69:8b:3b:9e:25:
18:5e:39:c3:d4:f0:77:da:f1:ba:b7:5c:aa:7d:9f:47:fd:b6:
f3:74:b7:bd:65:70:79:20:ba:14:e3:b8:05:4b:3d:b4:e8:35:
25:79:91:ce:d2:82:80:40:78:3e:a6:43:48:c5:9c:8c:4e:da:
72:e7:c4:8b:df:cc:62:e3:ee:a0:c4:72:d2:89:43:07:e4:02:
88:9e:68:29:82:03:28:32:a9:40:6b:16:80:86:0f:a7:3a:a4:
16:1d:06:03:c8:7d:ba:3d:5a:14:79:53:d4:81:25:b9:bf:3b:
d0:40:77:f9:f3:9b:e0:94:d4:02:f6:60:3b:1f:3b:5f:b3:2d:
82:ab:0a:f9:e0:69:fc:7e:50:02:5a:0f:a3:e6:68:59:69:2c:
d5:aa:1c:fd:c4:49:97:8c:48:f1:c8:8d:15:a5:10:71:f8:25:
b1:6d:dc:a5:9f:97:4e:ac:08:71:a0:bd:61:db:83:e9:10:47:
a7:95:81:f5:41:2c:96:31:55:22:d3:af:db:19:a9:39:7a:d4:
2a:e7:8d:a3:a4:e1:e6:eb:da:72:9f:c6:3d:55:29:a8:22:33:
0e:c9:66:ba:1c:ae:15:cb:db:ad:0e:66:9b:44:28:e9:66:14:
80:e9:2e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7mnS3mQzC6vajMYeyU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ODI0MzA4YmM4M2I0ZWU1NmYxYzBjMWI5ZmJmYzMxMWIw
Y2Q0NGEwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmFmMDljYjhiZDJmNTk4NmJhMmNhZDBkMjEyYzc5YjViODhiOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa77L3BT0TtVUdqh0YvL+bY1L+pz
4jayKRCfpQ1b1Ws4LD28QDxIHBSL5kFiK09HnEm7g8F1mkpZuakDWikamV01OjDA
m22Nfu7nCCZmO20Fzr4/k6Gxi4+FvKjarfhLbf4rbWx0cko8P1ykwobzXu7miyOd
xUDl8j8m2q9t27X6m0mayco5TtHzmg7Wn9tp4GxVfUKUjcNxnubqCSXzhEmn5IYG
3qcbPsiqgdOEY/KpqaPdeJ5ojgbTnd+qnw6tlfaSkXHk3AfdyYiUiB6qDROlUr9Y
DAi/BJw3I3e20xjTZgPp4h+siiAT95vbPOjT+ZPU04IBrSBmbtXh5DwjZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAuvCcuL0vWYa6LK0NISx5tbiLmWMB8GA1UdIwQY
MBaAFKSCQwi8g7TuVvHAwbn7/DEbDNRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1Yzkt
MTk2ZTZmMzc1ZmQ2LzEvQzY4Snk0dlM5Wmhyb3NyUTBoTEhtMXVJdVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81ZmViMTMtOWU0My00MzI1LTg1YzktMTk2ZTZmMzc1ZmQ2
LzEvcElKRENMeUR0TzVXOGNEQnVmdjhNUnNNMUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVCYQMA0G
CSqGSIb3DQEBCwUAA4IBAQBpGLSvz4EsXQXz0lQmaYs7niUYXjnD1PB32vG6t1yq
fZ9H/bbzdLe9ZXB5ILoU47gFSz206DUleZHO0oKAQHg+pkNIxZyMTtpy58SL38xi
4+6gxHLSiUMH5AKInmgpggMoMqlAaxaAhg+nOqQWHQYDyH26PVoUeVPUgSW5vzvQ
QHf585vglNQC9mA7Hztfsy2Cqwr54Gn8flACWg+j5mhZaSzVqhz9xEmXjEjxyI0V
pRBx+CWxbdyln5dOrAhxoL1h24PpEEenlYH1QSyWMVUi06/bGak5etQq542jpOHm
69pyn8Y9VSmoIjMOyWa6HK4Vy9utDmabRCjpZhSA6S6L
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:17 2025 by rpki-client