Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/2ut4gcmR75V3_QB4c_0bjHQRV8A.roa
File: 2ut4gcmR75V3_QB4c_0bjHQRV8A.roa (raw, json)
Hash identifier: Z/Z7sYO20kciWO7Cd+RFwgDueOu/lt3nwibhugXBGT8=
Subject key identifier: DA:EB:78:81:C9:91:EF:95:77:FD:00:78:73:FD:1B:8C:74:11:57:C0
Certificate issuer: /CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Certificate serial: 01941F8C17136C88C793B48CB9769BE801F1
Authority key identifier: 0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/2ut4gcmR75V3_QB4c_0bjHQRV8A.roa
Signing time: Wed 01 Jan 2025 01:47:42 +0000
ROA not before: Wed 01 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2586
IP address blocks: 176.124.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:17:13:6c:88:c7:93:b4:8c:b9:76:9b:e8:01:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d04913d043dbb117cf6b9323c8ab247cb52e251
Validity
Not Before: Jan 1 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daeb7881c991ef9577fd007873fd1b8c741157c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:55:b7:cf:85:47:77:ec:7a:2a:fb:a2:b5:df:
b8:3f:23:7b:5f:09:f8:f0:84:de:04:dc:85:69:e8:
08:69:81:9a:f0:41:64:f6:e7:ca:b6:2a:1d:ed:05:
b6:f5:92:3a:28:3b:76:c5:f9:44:98:cd:4e:56:bd:
9a:94:7f:25:28:ce:55:58:1c:d8:86:00:90:41:30:
9c:a0:70:e9:f7:de:a3:08:fe:c3:c3:bf:20:e1:04:
92:82:b0:9a:15:48:6b:d7:fd:30:1c:c3:1b:42:7f:
dd:19:88:81:04:33:38:1f:a6:0b:a0:d0:c3:a4:62:
c6:5a:b2:e2:44:d7:c1:b6:d2:da:62:7d:6a:c0:25:
a7:79:6d:f2:b9:a6:76:57:a5:dd:73:a1:7d:6b:e3:
d3:58:c4:00:ec:73:cb:a1:25:9d:59:21:4e:10:dc:
ce:29:c0:20:b2:25:eb:a3:2f:a2:ae:8b:1d:60:01:
68:5c:b3:ab:20:62:eb:9b:ff:d6:b6:b6:a0:de:9f:
6e:86:17:3a:97:83:f3:18:67:bd:a9:a7:0c:31:2f:
85:a4:c6:a2:66:99:a9:54:cb:5c:2a:44:85:34:5f:
de:3e:97:f3:88:37:e1:54:26:b2:2b:f9:ba:96:37:
df:60:e8:ac:83:e4:0c:38:e3:29:2f:e3:3b:2a:97:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EB:78:81:C9:91:EF:95:77:FD:00:78:73:FD:1B:8C:74:11:57:C0
X509v3 Authority Key Identifier:
keyid:0D:04:91:3D:04:3D:BB:11:7C:F6:B9:32:3C:8A:B2:47:CB:52:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQSRPQQ9uxF89rkyPIqyR8tS4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/2ut4gcmR75V3_QB4c_0bjHQRV8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/47dff0-2b11-44bc-b721-96c81fb651a0/1/DQSRPQQ9uxF89rkyPIqyR8tS4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.247.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a6:4d:90:a2:68:91:ae:1b:99:82:c6:60:e5:f8:f3:66:94:
03:b8:2d:d5:dd:ed:d6:1e:47:89:8a:a7:a3:61:ee:ab:e2:3c:
f3:75:cc:13:d5:a4:3a:37:a0:4e:ea:60:23:f8:73:3f:5c:d0:
14:39:8a:15:59:36:a2:af:3d:88:f7:d1:8e:d2:bb:96:ee:ec:
80:4e:89:3c:73:9c:ca:6f:51:6b:f6:02:cc:c5:e5:53:19:d0:
dd:b0:b1:2a:e1:d6:97:b5:d9:c0:18:48:1e:32:6c:aa:29:1f:
6e:53:22:38:7f:83:1e:13:aa:c4:ac:0d:2a:b5:80:d2:c8:5c:
6b:c9:da:69:7f:7b:7c:65:89:82:d8:b9:ac:b2:7d:88:0d:c4:
e8:a1:3f:1b:d0:9d:d8:6a:91:57:96:1e:88:20:ed:1a:ae:84:
16:d4:3d:f2:1f:a1:84:00:77:26:40:41:7d:91:e3:e2:c2:2b:
32:66:db:13:58:4f:5c:65:65:29:be:77:27:07:75:d4:24:43:
98:92:4b:e5:66:67:80:b8:8a:8c:94:e8:d7:39:e1:8e:ad:69:
9a:b7:65:7e:67:ad:28:e0:ef:97:3a:4b:cf:ae:a8:37:49:a5:
99:97:6c:fd:4b:ef:83:d7:94:f9:68:0b:13:ea:3f:be:ec:78:
62:f2:cb:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBcTbIjHk7SMuXab6AHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDQ5MTNkMDQzZGJiMTE3Y2Y2YjkzMjNjOGFiMjQ3Y2I1
MmUyNTEwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWViNzg4MWM5OTFlZjk1NzdmZDAwNzg3M2ZkMWI4Yzc0MTE1N2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFW3z4VHd+x6Kvuitd+4PyN7Xwn4
8ITeBNyFaegIaYGa8EFk9ufKtiod7QW29ZI6KDt2xflEmM1OVr2alH8lKM5VWBzY
hgCQQTCcoHDp996jCP7Dw78g4QSSgrCaFUhr1/0wHMMbQn/dGYiBBDM4H6YLoNDD
pGLGWrLiRNfBttLaYn1qwCWneW3yuaZ2V6Xdc6F9a+PTWMQA7HPLoSWdWSFOENzO
KcAgsiXroy+irosdYAFoXLOrIGLrm//Wtrag3p9uhhc6l4PzGGe9qacMMS+FpMai
ZpmpVMtcKkSFNF/ePpfziDfhVCayK/m6ljffYOisg+QMOOMpL+M7KpfcWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrreIHJke+Vd/0AeHP9G4x0EVfAMB8GA1UdIwQY
MBaAFA0EkT0EPbsRfPa5MjyKskfLUuJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFTUlBRUTl1eEY4OXJreVBJcXlSOHRTNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80N2RmZjAtMmIxMS00NGJjLWI3MjEt
OTZjODFmYjY1MWEwLzEvMnV0NGdjbVI3NVYzX1FCNGNfMGJqSFFSVjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80N2RmZjAtMmIxMS00NGJjLWI3MjEtOTZjODFmYjY1MWEw
LzEvRFFTUlBRUTl1eEY4OXJreVBJcXlSOHRTNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHz3MA0G
CSqGSIb3DQEBCwUAA4IBAQAWpk2QomiRrhuZgsZg5fjzZpQDuC3V3e3WHkeJiqej
Ye6r4jzzdcwT1aQ6N6BO6mAj+HM/XNAUOYoVWTairz2I99GO0ruW7uyATok8c5zK
b1Fr9gLMxeVTGdDdsLEq4daXtdnAGEgeMmyqKR9uUyI4f4MeE6rErA0qtYDSyFxr
ydppf3t8ZYmC2Lmssn2IDcTooT8b0J3YapFXlh6IIO0aroQW1D3yH6GEAHcmQEF9
kePiwisyZtsTWE9cZWUpvncnB3XUJEOYkkvlZmeAuIqMlOjXOeGOrWmat2V+Z60o
4O+XOkvPrqg3SaWZl2z9S++D15T5aAsT6j++7Hhi8suz
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:51 2025 by rpki-client