Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Grz6Bct8Gg8W20UJM3r1XeZTTEI.roa
File: Grz6Bct8Gg8W20UJM3r1XeZTTEI.roa (raw, json)
Hash identifier: p5a1IRc3ialCzZ+PrTL7uXZBB/W2H5fiwn8A/kindeg=
Subject key identifier: 1A:BC:FA:05:CB:7C:1A:0F:16:DB:45:09:33:7A:F5:5D:E6:53:4C:42
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 0182B51D0B898961E7F90175EC9278E69661
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Grz6Bct8Gg8W20UJM3r1XeZTTEI.roa
Signing time: Fri 19 Aug 2022 07:59:15 +0000
ROA not before: Fri 19 Aug 2022 07:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23470
IP address blocks: 147.161.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:1d:0b:89:89:61:e7:f9:01:75:ec:92:78:e6:96:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Aug 19 07:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1abcfa05cb7c1a0f16db4509337af55de6534c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d1:2c:0e:7d:30:1c:36:88:cb:76:78:6b:ac:
20:81:36:42:13:7c:ed:c4:fa:63:49:d3:73:e8:37:
5b:92:37:1d:42:47:16:6d:66:2a:9e:57:0b:30:81:
59:24:f5:4e:53:69:5b:ff:8f:c2:56:07:2b:3e:5d:
b2:3b:3e:b3:4c:f3:33:c9:8b:15:81:14:c0:82:87:
a1:e4:5b:7b:34:1d:cb:77:44:72:9e:c2:e0:88:1e:
de:e7:94:44:44:73:67:02:c5:e4:72:33:85:a1:fb:
9d:e4:fa:a3:dc:da:e0:1e:53:42:9b:8d:9f:72:85:
84:31:87:8a:69:98:a6:fb:cc:9a:d1:12:99:e1:1a:
e6:81:45:52:e6:d8:0a:eb:4c:43:e5:8b:89:e8:3d:
2d:f5:a5:b4:ff:0f:22:75:d2:58:0d:ab:98:e6:2b:
d6:00:78:aa:90:bd:8b:be:f5:bc:16:02:a2:ed:62:
46:79:de:3d:f9:2b:d1:da:d7:58:96:74:35:72:a5:
d7:c7:30:e6:b2:d5:e6:59:6c:5c:f2:48:fa:58:ab:
db:4f:a7:f9:32:35:84:f1:86:19:91:6f:17:80:00:
bc:34:73:98:ef:f9:48:f7:7f:8d:ec:a9:aa:e2:a2:
61:ac:ff:08:4f:ea:25:c3:dd:fa:79:3c:ab:23:6b:
10:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BC:FA:05:CB:7C:1A:0F:16:DB:45:09:33:7A:F5:5D:E6:53:4C:42
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Grz6Bct8Gg8W20UJM3r1XeZTTEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.2.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:47:57:a0:a7:a8:f2:e6:33:3b:96:0d:2d:96:0c:7a:a9:74:
5e:71:06:e5:ce:7e:e6:f0:42:d6:50:1c:7c:b5:2c:88:d9:7d:
a6:6d:97:17:94:fd:81:0d:2c:a5:79:1e:8e:b1:db:24:52:a4:
15:36:c3:11:22:25:c9:28:e7:8f:e5:b4:8e:9d:b6:64:47:8d:
8f:a5:48:e3:f2:19:ba:a2:41:73:bd:a0:ef:94:15:c6:c8:20:
ac:d4:7b:a8:00:83:63:69:2b:41:a5:32:b4:39:5f:c4:af:e3:
4e:80:40:6a:3e:ce:cb:de:0a:b5:79:65:63:64:0c:a2:6d:81:
8a:75:41:8e:ee:2f:8e:1c:dd:df:f1:e7:c0:06:8e:95:da:ff:
aa:20:7f:4a:96:d9:af:b9:4b:1b:22:46:5f:bd:14:bb:44:17:
40:ce:71:a1:68:51:1f:77:f6:65:d2:bf:ac:18:37:63:a7:84:
94:87:27:57:95:ea:6a:dc:6a:58:76:48:86:83:2b:23:0a:2c:
5f:0b:4f:4b:94:23:88:0a:2f:d1:7c:6a:9a:cc:27:87:77:f7:
1e:05:a7:12:92:4b:8a:d2:24:87:b5:d4:1f:60:76:a6:9c:9a:
ca:b4:a8:e7:7b:1b:5c:95:2a:d0:53:40:e9:b0:79:6b:df:bc:
59:4b:df:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYK1HQuJiWHn+QF17JJ45pZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjIwODE5MDc1OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJjZmEwNWNiN2MxYTBmMTZkYjQ1MDkzMzdhZjU1ZGU2NTM0YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtEsDn0wHDaIy3Z4a6wggTZCE3zt
xPpjSdNz6DdbkjcdQkcWbWYqnlcLMIFZJPVOU2lb/4/CVgcrPl2yOz6zTPMzyYsV
gRTAgoeh5Ft7NB3Ld0RynsLgiB7e55RERHNnAsXkcjOFofud5Pqj3NrgHlNCm42f
coWEMYeKaZim+8ya0RKZ4RrmgUVS5tgK60xD5YuJ6D0t9aW0/w8iddJYDauY5ivW
AHiqkL2LvvW8FgKi7WJGed49+SvR2tdYlnQ1cqXXxzDmstXmWWxc8kj6WKvbT6f5
MjWE8YYZkW8XgAC8NHOY7/lI93+N7Kmq4qJhrP8IT+olw936eTyrI2sQswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBq8+gXLfBoPFttFCTN69V3mU0xCMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvR3J6NkJjdDhHZzhXMjBVSk0zcjFYZVpUVEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6ECMA0G
CSqGSIb3DQEBCwUAA4IBAQAMR1egp6jy5jM7lg0tlgx6qXRecQblzn7m8ELWUBx8
tSyI2X2mbZcXlP2BDSyleR6OsdskUqQVNsMRIiXJKOeP5bSOnbZkR42PpUjj8hm6
okFzvaDvlBXGyCCs1HuoAINjaStBpTK0OV/Er+NOgEBqPs7L3gq1eWVjZAyibYGK
dUGO7i+OHN3f8efABo6V2v+qIH9KltmvuUsbIkZfvRS7RBdAznGhaFEfd/Zl0r+s
GDdjp4SUhydXlepq3GpYdkiGgysjCixfC09LlCOICi/RfGqazCeHd/ceBacSkkuK
0iSHtdQfYHamnJrKtKjnextclSrQU0DpsHlr37xZS9/G
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:22:19 2025 by rpki-client