Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/g4dC3Uz495X7eWLOiZ5-Szfd0is.roa
File: g4dC3Uz495X7eWLOiZ5-Szfd0is.roa (raw, json)
Hash identifier: MSYPO7otprJ5DVpN44OLhKuGM1LDGC7ahacFh0CM1zw=
Subject key identifier: 83:87:42:DD:4C:F8:F7:95:FB:79:62:CE:89:9E:7E:4B:37:DD:D2:2B
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 01856EC1F549FB061506D60CFF90411572FA
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/g4dC3Uz495X7eWLOiZ5-Szfd0is.roa
Signing time: Sun 01 Jan 2023 19:14:42 +0000
ROA not before: Sun 01 Jan 2023 19:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 194.76.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f5:49:fb:06:15:06:d6:0c:ff:90:41:15:72:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Jan 1 19:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=838742dd4cf8f795fb7962ce899e7e4b37ddd22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d5:b8:fb:b8:00:ec:26:fa:46:37:01:38:82:
36:e5:c9:6b:7e:ed:5d:3e:69:57:55:ce:0d:ee:9d:
39:a3:3f:2f:51:b2:e7:a7:05:5d:32:6e:d0:3d:24:
9e:f8:37:97:11:27:ed:07:d5:c9:79:ca:f6:17:e7:
48:c4:ff:80:5e:13:7d:dc:d0:e0:aa:ab:04:2c:b0:
7c:70:fe:2c:b8:13:40:1c:f2:0f:78:1e:12:78:3d:
b4:1a:b8:8b:58:c7:ec:f8:24:f3:37:96:f0:44:b6:
25:51:34:dd:ba:c4:78:2d:53:06:61:bc:2a:a8:43:
2c:a3:a6:06:cb:b3:b5:c3:49:21:16:5d:17:0a:b5:
3f:a5:fb:cc:54:3a:a1:49:94:18:45:c6:ae:74:40:
6f:bd:7f:19:cb:76:90:59:29:97:d9:9e:5e:e9:33:
e8:b2:8a:43:1f:8b:7f:b1:24:db:de:aa:3d:2f:d5:
af:63:01:51:15:87:a6:a0:76:04:16:eb:d3:30:b4:
42:0a:2b:0b:b6:44:fb:b8:4d:b4:04:3b:f2:85:f3:
d4:80:e7:4f:65:70:e6:96:93:49:bc:1f:7f:3c:e6:
da:61:f1:5d:ae:f5:30:ea:a0:62:d6:17:54:34:91:
30:7d:5e:a2:0a:ed:62:2b:39:21:d0:f2:07:0a:c7:
ec:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:87:42:DD:4C:F8:F7:95:FB:79:62:CE:89:9E:7E:4B:37:DD:D2:2B
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/g4dC3Uz495X7eWLOiZ5-Szfd0is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.0.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:e6:bb:58:9a:c1:e6:02:97:31:08:f5:6c:32:81:d9:35:53:
15:c6:65:78:8d:71:16:fb:14:2a:ea:9c:d2:3b:24:a4:a6:cd:
12:ce:f4:6f:7e:3c:e8:4f:58:74:9a:95:b9:a9:57:38:c0:dd:
dc:31:ff:54:1c:57:3b:aa:30:11:ec:7d:51:49:31:9f:1e:fe:
a8:ea:80:b0:a0:4b:21:fd:e9:23:ed:e7:c5:78:36:d6:41:95:
87:ba:b2:c5:5b:12:1e:dc:ac:7c:93:71:41:57:a6:84:09:01:
4a:37:93:3d:f6:26:2b:64:f9:ce:1e:50:db:88:83:fc:fd:39:
0b:17:83:1c:19:c0:ef:e8:8a:1e:3a:05:b8:b4:36:d4:e8:ef:
cf:00:23:e8:d1:77:f1:ed:9c:d0:9f:84:8e:59:64:ac:12:c1:
d2:d6:9a:38:af:61:cb:e7:80:b7:4f:dd:a7:fe:48:cf:dc:8c:
c0:bd:35:fd:e0:fb:4a:37:84:b8:c2:27:1a:65:17:c4:2b:76:
d9:c2:d6:75:bb:31:0c:80:d3:75:33:03:f8:7a:d2:f0:af:9a:
0d:bd:a6:d4:1f:bd:92:c2:a3:02:98:ed:ed:fc:f2:91:4a:96:
ef:20:76:8e:02:2e:20:10:f6:99:63:c8:03:b3:cd:7d:e4:d9:
00:91:77:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfVJ+wYVBtYM/5BBFXL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwMTAxMTkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzg3NDJkZDRjZjhmNzk1ZmI3OTYyY2U4OTllN2U0YjM3ZGRkMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9W4+7gA7Cb6RjcBOII25clrfu1d
PmlXVc4N7p05oz8vUbLnpwVdMm7QPSSe+DeXESftB9XJecr2F+dIxP+AXhN93NDg
qqsELLB8cP4suBNAHPIPeB4SeD20GriLWMfs+CTzN5bwRLYlUTTdusR4LVMGYbwq
qEMso6YGy7O1w0khFl0XCrU/pfvMVDqhSZQYRcaudEBvvX8Zy3aQWSmX2Z5e6TPo
sopDH4t/sSTb3qo9L9WvYwFRFYemoHYEFuvTMLRCCisLtkT7uE20BDvyhfPUgOdP
ZXDmlpNJvB9/PObaYfFdrvUw6qBi1hdUNJEwfV6iCu1iKzkh0PIHCsfsdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOHQt1M+PeV+3lizomefks33dIrMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvZzRkQzNVejQ5NVg3ZVdMT2laNS1TemZkMGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwAMA0G
CSqGSIb3DQEBCwUAA4IBAQDU5rtYmsHmApcxCPVsMoHZNVMVxmV4jXEW+xQq6pzS
OySkps0SzvRvfjzoT1h0mpW5qVc4wN3cMf9UHFc7qjAR7H1RSTGfHv6o6oCwoEsh
/ekj7efFeDbWQZWHurLFWxIe3Kx8k3FBV6aECQFKN5M99iYrZPnOHlDbiIP8/TkL
F4McGcDv6IoeOgW4tDbU6O/PACPo0Xfx7ZzQn4SOWWSsEsHS1po4r2HL54C3T92n
/kjP3IzAvTX94PtKN4S4wicaZRfEK3bZwtZ1uzEMgNN1MwP4etLwr5oNvabUH72S
wqMCmO3t/PKRSpbvIHaOAi4gEPaZY8gDs8195NkAkXfw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:08 2025 by rpki-client