Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/Adt4yLv1Rpe4aGp5b8IFYiemIDA.roa
File: Adt4yLv1Rpe4aGp5b8IFYiemIDA.roa (raw, json)
Hash identifier: Oqd7pGKug3NzIfIEcH/z/xunEvKzUvWYdv53rYiU6bY=
Subject key identifier: 01:DB:78:C8:BB:F5:46:97:B8:68:6A:79:6F:C2:05:62:27:A6:20:30
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 01856EC1F3ABBC7FDA571398170DCD63EAD6
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/Adt4yLv1Rpe4aGp5b8IFYiemIDA.roa
Signing time: Sun 01 Jan 2023 19:14:42 +0000
ROA not before: Sun 01 Jan 2023 19:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141718
IP address blocks: 194.120.164.0/24 maxlen: 24
194.120.171.0/24 maxlen: 24
194.120.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f3:ab:bc:7f:da:57:13:98:17:0d:cd:63:ea:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Jan 1 19:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01db78c8bbf54697b8686a796fc2056227a62030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a7:a5:bd:c6:cd:1c:36:82:31:d1:bb:6e:49:
73:0b:46:db:f9:79:d9:95:7d:2e:e4:ae:99:a4:88:
1e:3f:45:13:81:f2:1b:29:cf:70:7c:92:e3:31:68:
64:cb:52:b5:bf:21:8d:b4:b4:cc:48:6c:0f:d6:bd:
01:7d:11:2d:90:69:37:84:d0:fd:70:78:07:f8:0d:
22:3e:63:37:84:c4:88:f2:23:1e:26:74:10:43:f8:
01:d0:1b:cd:e5:9a:12:0e:75:fa:57:1f:dd:c9:e6:
e7:69:94:c5:c0:cc:26:0b:4d:8f:25:ae:db:e1:bc:
06:17:c6:cf:25:d2:77:08:dc:2e:9f:5f:db:5c:c6:
70:96:45:b0:24:b0:55:26:41:15:54:7d:5b:5b:30:
36:97:d3:6b:9d:1c:d3:80:e4:84:49:8e:3a:91:7c:
ee:32:4f:02:92:6c:91:04:42:53:4e:0b:de:a9:ca:
93:db:00:59:dd:63:1f:75:95:03:46:78:23:00:b0:
81:81:0f:9e:ab:bc:72:35:f0:20:f6:38:3e:93:2b:
2d:41:ca:66:a3:5d:fe:c8:9a:53:67:7f:73:85:16:
2d:23:ca:e7:22:73:db:ff:c6:22:ca:5c:c8:52:27:
07:f9:42:a4:ec:d5:19:89:c8:e7:d0:ff:8a:c8:d2:
ce:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DB:78:C8:BB:F5:46:97:B8:68:6A:79:6F:C2:05:62:27:A6:20:30
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/Adt4yLv1Rpe4aGp5b8IFYiemIDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.144.0/24
194.120.164.0/24
194.120.171.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:9a:9b:ce:fa:cc:e2:6a:60:cb:11:57:dd:6c:17:c3:77:3a:
03:9f:68:a6:f1:ca:1d:aa:fd:8c:7e:23:54:ec:05:c7:d0:be:
4f:5e:5f:4c:b6:92:31:89:6e:5c:54:10:81:2b:00:43:8a:b2:
77:04:c0:09:d3:89:11:73:59:36:7f:8b:84:21:ad:b8:a1:33:
27:10:dc:f4:d6:1c:00:6e:f9:27:c7:ca:e8:c0:0f:0c:43:4b:
16:93:a2:47:7c:04:66:bd:7c:4d:02:a3:8d:2e:1e:27:6e:ee:
88:15:44:6a:92:9c:72:c1:e6:88:4f:e1:d1:4e:08:10:b8:8b:
14:94:96:6a:20:44:20:16:a0:c4:08:d7:74:d9:69:d9:06:1a:
fe:bf:0f:df:cf:09:88:3d:7d:c2:ff:37:10:07:22:44:df:dd:
a9:1c:78:73:07:bb:5c:80:cb:92:83:f9:b1:de:18:8e:64:3e:
6b:55:3b:01:93:d5:52:b5:b9:54:f9:98:cc:cc:89:fa:04:30:
b3:60:df:4b:eb:f3:9a:a2:0f:df:39:bf:5f:03:8d:01:cd:c4:
85:5e:33:28:76:68:11:d0:7a:ca:94:76:87:9e:b3:74:f4:74:
5d:64:ef:46:ae:1a:b0:f0:51:ee:55:c4:26:d1:67:fd:2c:f1:
81:4c:12:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuwfOrvH/aVxOYFw3NY+rWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwMTAxMTkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWRiNzhjOGJiZjU0Njk3Yjg2ODZhNzk2ZmMyMDU2MjI3YTYyMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKelvcbNHDaCMdG7bklzC0bb+XnZ
lX0u5K6ZpIgeP0UTgfIbKc9wfJLjMWhky1K1vyGNtLTMSGwP1r0BfREtkGk3hND9
cHgH+A0iPmM3hMSI8iMeJnQQQ/gB0BvN5ZoSDnX6Vx/dyebnaZTFwMwmC02PJa7b
4bwGF8bPJdJ3CNwun1/bXMZwlkWwJLBVJkEVVH1bWzA2l9NrnRzTgOSESY46kXzu
Mk8CkmyRBEJTTgveqcqT2wBZ3WMfdZUDRngjALCBgQ+eq7xyNfAg9jg+kystQcpm
o13+yJpTZ39zhRYtI8rnInPb/8YiylzIUicH+UKk7NUZicjn0P+KyNLO4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHbeMi79UaXuGhqeW/CBWInpiAwMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvQWR0NHlMdjFScGU0YUdwNWI4SUZZaWVtSURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwniQAwQA
wnikAwQAwnirMA0GCSqGSIb3DQEBCwUAA4IBAQDPmpvO+sziamDLEVfdbBfDdzoD
n2im8codqv2MfiNU7AXH0L5PXl9MtpIxiW5cVBCBKwBDirJ3BMAJ04kRc1k2f4uE
Ia24oTMnENz01hwAbvknx8rowA8MQ0sWk6JHfARmvXxNAqONLh4nbu6IFURqkpxy
weaIT+HRTggQuIsUlJZqIEQgFqDECNd02WnZBhr+vw/fzwmIPX3C/zcQByJE392p
HHhzB7tcgMuSg/mx3hiOZD5rVTsBk9VStblU+ZjMzIn6BDCzYN9L6/Oaog/fOb9f
A40BzcSFXjModmgR0HrKlHaHnrN09HRdZO9Grhqw8FHuVcQm0Wf9LPGBTBKA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:11 2025 by rpki-client