Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a4d3f6-1e46-47d3-a5d0-ff89917d40d0/1/1eKcU9pwSRIHx__6jBUk4chwBIA.roa
File: 1eKcU9pwSRIHx__6jBUk4chwBIA.roa (raw, json)
Hash identifier: es60YP3cprV14Dn7iczSKPpNGL04FfOyKFweUPcg85M=
Subject key identifier: D5:E2:9C:53:DA:70:49:12:07:C7:FF:FA:8C:15:24:E1:C8:70:04:80
Certificate issuer: /CN=147ced88a406124c8c4df166c5740509e6415d2a
Certificate serial: 01856EAFB6DF9452D2C7B261BD04C2BE74BA
Authority key identifier: 14:7C:ED:88:A4:06:12:4C:8C:4D:F1:66:C5:74:05:09:E6:41:5D:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHztiKQGEkyMTfFmxXQFCeZBXSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a4d3f6-1e46-47d3-a5d0-ff89917d40d0/1/1eKcU9pwSRIHx__6jBUk4chwBIA.roa
Signing time: Sun 01 Jan 2023 18:54:47 +0000
ROA not before: Sun 01 Jan 2023 18:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211193
IP address blocks: 37.140.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:b6:df:94:52:d2:c7:b2:61:bd:04:c2:be:74:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=147ced88a406124c8c4df166c5740509e6415d2a
Validity
Not Before: Jan 1 18:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e29c53da70491207c7fffa8c1524e1c8700480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:77:f0:4a:33:08:5c:2f:eb:1a:cc:17:b1:
84:56:ae:71:74:9d:0d:d4:3e:c7:06:75:b7:af:0a:
d0:6d:7e:f4:0e:4c:24:81:dc:56:f9:d3:71:8f:49:
02:7f:af:c7:61:06:79:3d:4b:51:86:ae:21:6c:f9:
61:13:95:2f:dd:3e:11:6e:0e:4a:b7:75:51:0a:98:
7c:77:99:71:fa:43:62:0c:fe:b4:fa:04:5a:19:cd:
12:f2:32:ab:a3:ea:f2:1a:1d:c9:69:3d:38:21:5e:
92:4e:22:66:4e:0d:30:f9:4b:6f:5a:29:c5:e3:3a:
a7:bd:02:dc:3d:78:23:f7:ac:f3:e3:c2:f4:45:ed:
99:88:05:a9:c4:b6:20:11:07:ce:29:55:f0:cd:e6:
79:63:e1:27:8f:bb:a9:61:06:ce:ee:18:8b:3a:f4:
27:be:95:ac:2a:e9:d4:bd:50:83:4b:d2:7c:ad:18:
99:a9:7d:7b:4b:8f:37:1d:43:c8:ab:87:05:0d:4a:
6e:d3:8a:bb:ab:a7:8d:62:88:da:39:b0:de:46:20:
15:f7:0a:f0:28:d7:52:ce:30:7f:b3:c0:30:87:cb:
df:49:05:60:a7:0c:fb:a9:5f:b2:55:19:fc:9a:ed:
0c:a6:c7:b7:ab:db:0d:11:ed:ab:4d:df:2d:de:65:
bc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E2:9C:53:DA:70:49:12:07:C7:FF:FA:8C:15:24:E1:C8:70:04:80
X509v3 Authority Key Identifier:
keyid:14:7C:ED:88:A4:06:12:4C:8C:4D:F1:66:C5:74:05:09:E6:41:5D:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHztiKQGEkyMTfFmxXQFCeZBXSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a4d3f6-1e46-47d3-a5d0-ff89917d40d0/1/1eKcU9pwSRIHx__6jBUk4chwBIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a4d3f6-1e46-47d3-a5d0-ff89917d40d0/1/FHztiKQGEkyMTfFmxXQFCeZBXSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.247.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:a2:a2:6b:9f:2f:cc:19:49:48:43:f3:d4:12:35:0f:72:85:
55:fe:d1:5d:c9:fe:2e:8c:c3:e6:cb:c4:ee:7c:e7:73:2f:bb:
5d:91:c8:bc:3a:fb:de:ac:cd:8e:a2:9f:92:f8:59:f3:4b:f6:
c4:06:0c:d9:bb:f8:cd:91:b3:e0:82:74:ea:40:e7:8f:e2:fb:
04:0d:b2:61:fd:77:e8:4e:f4:77:4b:70:08:b0:87:2d:22:ba:
f5:35:94:c5:c2:3c:d6:b2:3d:78:a6:0e:dd:89:c2:3a:da:4f:
be:0d:14:5a:8a:c8:32:93:b8:23:38:bc:b5:6f:e0:e3:e2:65:
70:60:a5:22:66:31:cb:f3:7a:0a:88:14:e8:8f:11:89:3d:cc:
d1:95:79:dc:de:67:82:48:d7:a6:eb:1b:5e:2e:65:b7:10:65:
9f:8d:6b:49:da:69:2e:21:13:56:f1:90:be:e8:22:e7:bd:51:
f1:92:f5:6a:d5:c1:5f:1e:3d:55:27:db:b5:c7:51:8e:82:84:
ab:b5:65:a9:d5:9c:50:a7:8c:dc:6b:cb:5c:ca:b1:8b:fa:34:
80:57:43:14:8f:5c:0f:02:bd:98:52:cc:c1:af:ea:8a:07:95:
a1:bb:be:6c:2c:2d:55:15:de:2a:54:8c:7d:e8:e5:2b:89:ad:
ad:ea:98:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur7bflFLSx7JhvQTCvnS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0N2NlZDg4YTQwNjEyNGM4YzRkZjE2NmM1NzQwNTA5ZTY0
MTVkMmEwHhcNMjMwMTAxMTg1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUyOWM1M2RhNzA0OTEyMDdjN2ZmZmE4YzE1MjRlMWM4NzAwNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9h38EozCFwv6xrMF7GEVq5xdJ0N
1D7HBnW3rwrQbX70DkwkgdxW+dNxj0kCf6/HYQZ5PUtRhq4hbPlhE5Uv3T4Rbg5K
t3VRCph8d5lx+kNiDP60+gRaGc0S8jKro+ryGh3JaT04IV6STiJmTg0w+UtvWinF
4zqnvQLcPXgj96zz48L0Re2ZiAWpxLYgEQfOKVXwzeZ5Y+Enj7upYQbO7hiLOvQn
vpWsKunUvVCDS9J8rRiZqX17S483HUPIq4cFDUpu04q7q6eNYojaObDeRiAV9wrw
KNdSzjB/s8Awh8vfSQVgpwz7qV+yVRn8mu0Mpse3q9sNEe2rTd8t3mW8/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXinFPacEkSB8f/+owVJOHIcASAMB8GA1UdIwQY
MBaAFBR87YikBhJMjE3xZsV0BQnmQV0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkh6dGlLUUdFa3lNVGZGbXhYUUZDZVpCWFNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNGQzZjYtMWU0Ni00N2QzLWE1ZDAt
ZmY4OTkxN2Q0MGQwLzEvMWVLY1U5cHdTUklIeF9fNmpCVWs0Y2h3QklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNGQzZjYtMWU0Ni00N2QzLWE1ZDAtZmY4OTkxN2Q0MGQw
LzEvRkh6dGlLUUdFa3lNVGZGbXhYUUZDZVpCWFNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYz3MA0G
CSqGSIb3DQEBCwUAA4IBAQDWoqJrny/MGUlIQ/PUEjUPcoVV/tFdyf4ujMPmy8Tu
fOdzL7tdkci8OvverM2Oop+S+FnzS/bEBgzZu/jNkbPggnTqQOeP4vsEDbJh/Xfo
TvR3S3AIsIctIrr1NZTFwjzWsj14pg7dicI62k++DRRaisgyk7gjOLy1b+Dj4mVw
YKUiZjHL83oKiBTojxGJPczRlXnc3meCSNem6xteLmW3EGWfjWtJ2mkuIRNW8ZC+
6CLnvVHxkvVq1cFfHj1VJ9u1x1GOgoSrtWWp1ZxQp4zca8tcyrGL+jSAV0MUj1wP
Ar2YUszBr+qKB5Whu75sLC1VFd4qVIx96OUria2t6piI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:37 2025 by rpki-client