Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/D5i_3XasEum-_a8kKL7-XwihGTs.roa
File: D5i_3XasEum-_a8kKL7-XwihGTs.roa (raw, json)
Hash identifier: +5SFXYGyMbIGbAgQCd96ISkPB3nQ8myWyijc1fjh+hA=
Subject key identifier: 0F:98:BF:DD:76:AC:12:E9:BE:FD:AF:24:28:BE:FE:5F:08:A1:19:3B
Certificate issuer: /CN=fb11bd5c444c239c198776f360e0f100c9b5d802
Certificate serial: 01882086AFFCE5B91CEFDB50B88BB3550325
Authority key identifier: FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xG9XERMI5wZh3bzYODxAMm12AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/D5i_3XasEum-_a8kKL7-XwihGTs.roa
Signing time: Mon 15 May 2023 17:47:57 +0000
ROA not before: Mon 15 May 2023 17:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 176.97.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:86:af:fc:e5:b9:1c:ef:db:50:b8:8b:b3:55:03:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb11bd5c444c239c198776f360e0f100c9b5d802
Validity
Not Before: May 15 17:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f98bfdd76ac12e9befdaf2428befe5f08a1193b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:88:aa:f8:f2:28:4e:ab:ef:fc:c3:a5:4a:1a:
7b:5f:43:4c:09:0f:2a:eb:b9:ca:f7:02:62:a0:8a:
81:96:87:41:f1:7a:99:21:e3:64:9d:a8:25:e5:0a:
18:2d:fb:29:9f:0f:df:bd:96:20:d3:97:aa:96:ed:
76:0d:23:9e:cb:cb:8f:ee:cf:16:6c:ae:b2:66:ad:
01:d0:53:1f:36:73:a6:3a:49:de:1a:fb:5c:f5:78:
fb:37:a6:1c:d6:20:5c:be:8e:e6:67:7c:26:17:b6:
d2:62:55:68:a8:8e:09:42:2d:c5:3c:cd:3d:f5:f0:
48:d0:65:5b:a4:09:7b:98:a9:5d:75:6d:3c:74:06:
81:c2:fb:f1:8e:eb:ea:5d:10:8b:74:67:01:12:22:
5d:6b:70:d6:40:59:15:78:ee:ec:70:2b:a9:81:3f:
20:20:23:79:45:f3:75:b5:ec:8a:a6:a8:33:46:b8:
db:34:fa:2a:c7:87:52:2c:27:47:fb:c3:61:bf:82:
6f:da:25:d3:b9:d6:13:e5:76:56:1a:92:d7:d4:39:
03:63:d2:6b:8c:0f:38:2f:ba:d4:99:06:aa:2e:58:
75:55:89:2a:3c:db:1d:ab:f8:b7:46:88:f0:21:0b:
ac:16:bb:19:32:cc:a0:88:46:69:c0:cd:e9:74:d7:
4d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:98:BF:DD:76:AC:12:E9:BE:FD:AF:24:28:BE:FE:5F:08:A1:19:3B
X509v3 Authority Key Identifier:
keyid:FB:11:BD:5C:44:4C:23:9C:19:87:76:F3:60:E0:F1:00:C9:B5:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xG9XERMI5wZh3bzYODxAMm12AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/D5i_3XasEum-_a8kKL7-XwihGTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2ac8a2-f1cc-4f85-90c9-4ebec011a288/1/1-xG9XERMI5wZh3bzYODxAMm12AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.211.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1a:b3:86:6f:be:40:23:8d:3e:4a:1c:bc:62:5a:bd:e0:7e:
f0:b2:0f:a4:23:c2:4a:10:dd:b5:d0:48:39:0a:7d:7e:ea:23:
6e:c2:c4:bb:ce:56:7a:f5:1f:73:89:a6:c4:5f:fc:d9:76:fc:
d8:51:14:c9:5a:16:c9:d7:15:e1:64:23:d7:4f:55:e9:72:03:
2a:e6:3f:12:30:4e:e1:b8:c5:84:f7:bb:05:17:ef:46:64:18:
fc:5a:48:44:92:50:03:29:1e:78:f9:bb:26:96:d0:a6:3f:d6:
3b:c8:6b:0a:04:99:7b:b3:66:ac:3c:e3:ca:a3:02:43:f3:ea:
1d:43:4f:f0:a6:05:43:1a:cb:33:39:45:1c:9b:80:2f:4d:a9:
d2:be:87:cb:6f:c3:95:76:a7:e7:8b:d9:87:3a:d6:36:04:68:
63:38:aa:d3:99:bb:7b:18:b9:92:d7:be:97:48:2c:a0:a6:30:
01:7a:23:54:4b:3b:5d:74:61:86:13:c8:96:71:f0:c8:01:6f:
85:53:30:e3:28:27:f0:0e:f8:e3:a9:ae:97:44:90:8c:dc:64:
7e:15:f1:ab:29:0c:4f:55:38:ff:35:95:c9:a9:92:39:31:13:
c4:68:22:b0:98:fd:3b:a2:b2:88:39:32:0f:99:5a:72:4f:cf:
7d:14:55:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYgghq/85bkc79tQuIuzVQMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTFiZDVjNDQ0YzIzOWMxOTg3NzZmMzYwZTBmMTAwYzli
NWQ4MDIwHhcNMjMwNTE1MTc0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjk4YmZkZDc2YWMxMmU5YmVmZGFmMjQyOGJlZmU1ZjA4YTExOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIiq+PIoTqvv/MOlShp7X0NMCQ8q
67nK9wJioIqBlodB8XqZIeNknagl5QoYLfspnw/fvZYg05eqlu12DSOey8uP7s8W
bK6yZq0B0FMfNnOmOkneGvtc9Xj7N6Yc1iBcvo7mZ3wmF7bSYlVoqI4JQi3FPM09
9fBI0GVbpAl7mKlddW08dAaBwvvxjuvqXRCLdGcBEiJda3DWQFkVeO7scCupgT8g
ICN5RfN1teyKpqgzRrjbNPoqx4dSLCdH+8Nhv4Jv2iXTudYT5XZWGpLX1DkDY9Jr
jA84L7rUmQaqLlh1VYkqPNsdq/i3RojwIQusFrsZMsygiEZpwM3pdNdNvwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA+Yv912rBLpvv2vJCi+/l8IoRk7MB8GA1UdIwQY
MBaAFPsRvVxETCOcGYd282Dg8QDJtdgCMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14RzlYRVJNSTV3WmgzYnpZT0R4QU1tMTJBSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMvMmFjOGEyLWYxY2MtNGY4NS05MGM5
LTRlYmVjMDExYTI4OC8xL0Q1aV8zWGFzRXVtLV9hOGtLTDctWHdpaEdUcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjMvMmFjOGEyLWYxY2MtNGY4NS05MGM5LTRlYmVjMDExYTI4
OC8xLzEteEc5WEVSTUk1d1poM2J6WU9EeEFNbTEyQUkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACwYdMw
DQYJKoZIhvcNAQELBQADggEBACQas4ZvvkAjjT5KHLxiWr3gfvCyD6QjwkoQ3bXQ
SDkKfX7qI27CxLvOVnr1H3OJpsRf/Nl2/NhRFMlaFsnXFeFkI9dPVelyAyrmPxIw
TuG4xYT3uwUX70ZkGPxaSESSUAMpHnj5uyaW0KY/1jvIawoEmXuzZqw848qjAkPz
6h1DT/CmBUMayzM5RRybgC9NqdK+h8tvw5V2p+eL2Yc61jYEaGM4qtOZu3sYuZLX
vpdILKCmMAF6I1RLO110YYYTyJZx8MgBb4VTMOMoJ/AO+OOprpdEkIzcZH4V8asp
DE9VOP81lcmpkjkxE8RoIrCY/Tuisog5Mg+ZWnJPz30UVXE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:16 2025 by rpki-client