Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/I3mgQ157a_bF2dTxc-vf7pMJtM4.roa
File: I3mgQ157a_bF2dTxc-vf7pMJtM4.roa (raw, json)
Hash identifier: 7UAHNapwwX16Slile1RjKMtt2nkeBVUncM7zwsYLT8w=
Subject key identifier: 23:79:A0:43:5E:7B:6B:F6:C5:D9:D4:F1:73:EB:DF:EE:93:09:B4:CE
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 01942825D50D621FBF99355D4B3AD3B91F8E
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/I3mgQ157a_bF2dTxc-vf7pMJtM4.roa
Signing time: Thu 02 Jan 2025 17:52:35 +0000
ROA not before: Thu 02 Jan 2025 17:52:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41202
IP address blocks: 176.96.236.0/24 maxlen: 24
176.96.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:d5:0d:62:1f:bf:99:35:5d:4b:3a:d3:b9:1f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 2 17:52:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2379a0435e7b6bf6c5d9d4f173ebdfee9309b4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:90:2a:87:78:ac:df:08:5b:83:cb:aa:a4:2a:
96:6d:f0:63:3c:68:66:5a:43:f5:b9:f1:6c:a8:ae:
62:8c:e4:6a:49:23:74:c6:e1:8a:44:0b:a0:e8:17:
85:d4:40:f1:51:36:2d:d0:48:d0:5a:68:17:35:36:
e6:0a:01:76:82:e0:f0:51:1e:5f:1f:1d:13:a4:66:
c8:45:cc:b7:bc:5a:54:cd:7a:fd:22:ca:f9:75:dd:
58:69:16:c0:82:02:1f:dd:e6:7f:59:e6:a3:a9:d9:
50:26:c0:50:f0:f1:45:98:4b:25:a6:68:1e:df:88:
20:4b:40:74:52:84:fe:dc:a8:ef:5f:6b:f5:ae:dc:
44:ff:63:6a:08:6d:b4:b1:78:7c:c6:c7:d0:63:db:
48:a2:e0:31:ab:5a:20:3f:76:c5:5f:76:c9:5f:3e:
04:ca:cb:b2:1f:2e:45:ae:33:c2:f6:e9:9d:1d:47:
a4:90:b0:b5:87:1b:7f:c4:95:b8:75:26:1b:d2:8a:
fa:d7:ab:c2:29:67:a7:6a:e9:18:14:e6:db:0b:0a:
77:d8:aa:71:cc:a3:66:86:c6:55:1c:5f:2f:ef:b3:
3d:b1:5e:42:cb:68:bd:0b:2f:cb:44:75:eb:30:9d:
98:60:52:50:ab:ef:31:fa:26:84:82:dc:4d:d9:e7:
e4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:79:A0:43:5E:7B:6B:F6:C5:D9:D4:F1:73:EB:DF:EE:93:09:B4:CE
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/I3mgQ157a_bF2dTxc-vf7pMJtM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.236.0/24
176.96.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:89:3e:10:ea:f3:c6:c9:1a:97:86:e3:73:e1:28:3d:b0:59:
09:54:19:95:a1:fc:90:95:7a:d1:e4:ac:ad:0a:97:3b:87:6a:
30:bf:4f:51:d7:c1:b7:2c:46:38:77:62:ea:b1:5d:e7:47:ef:
8b:d1:33:5e:91:62:00:4e:76:1d:c0:a6:fa:08:5a:99:cf:31:
2f:99:73:d6:3d:15:fc:f4:f1:2a:a6:45:50:0a:6c:3a:f7:1a:
9f:2b:02:55:a8:59:d3:49:ec:61:af:36:52:7f:3f:d9:c8:90:
72:d0:3a:41:fd:5f:a8:7c:a6:5f:05:ce:c8:3e:40:61:b1:68:
c7:c6:87:6f:86:06:85:97:df:00:ca:ca:a1:02:48:81:2b:41:
7a:93:03:9f:9d:48:78:b3:11:c4:d3:25:75:77:44:af:92:36:
c0:4d:f7:ab:5c:59:e7:53:63:73:d2:82:90:8e:da:8a:a7:e3:
9b:4e:d1:db:6a:64:9e:4d:dc:18:af:da:f3:e7:2b:62:71:ab:
8a:e2:12:04:c7:92:6d:85:e3:7a:ea:44:ae:69:ea:4b:ba:9b:
f4:13:8b:8f:37:89:fc:c6:c9:d6:b9:f6:90:d3:77:89:71:95:
60:a1:94:c0:67:ed:c0:d2:a8:34:c6:44:cc:84:c8:78:41:75:
ae:4b:97:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJdUNYh+/mTVdSzrTuR+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjUwMTAyMTc1MjM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc5YTA0MzVlN2I2YmY2YzVkOWQ0ZjE3M2ViZGZlZTkzMDliNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpAqh3is3whbg8uqpCqWbfBjPGhm
WkP1ufFsqK5ijORqSSN0xuGKRAug6BeF1EDxUTYt0EjQWmgXNTbmCgF2guDwUR5f
Hx0TpGbIRcy3vFpUzXr9Isr5dd1YaRbAggIf3eZ/WeajqdlQJsBQ8PFFmEslpmge
34ggS0B0UoT+3KjvX2v1rtxE/2NqCG20sXh8xsfQY9tIouAxq1ogP3bFX3bJXz4E
ysuyHy5FrjPC9umdHUekkLC1hxt/xJW4dSYb0or616vCKWenaukYFObbCwp32Kpx
zKNmhsZVHF8v77M9sV5Cy2i9Cy/LRHXrMJ2YYFJQq+8x+iaEgtxN2efkywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCN5oENee2v2xdnU8XPr3+6TCbTOMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvSTNtZ1ExNTdhX2JGMmRUeGMtdmY3cE1KdE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGDsAwQA
sGD+MA0GCSqGSIb3DQEBCwUAA4IBAQBLiT4Q6vPGyRqXhuNz4Sg9sFkJVBmVofyQ
lXrR5KytCpc7h2owv09R18G3LEY4d2LqsV3nR++L0TNekWIATnYdwKb6CFqZzzEv
mXPWPRX89PEqpkVQCmw69xqfKwJVqFnTSexhrzZSfz/ZyJBy0DpB/V+ofKZfBc7I
PkBhsWjHxodvhgaFl98AysqhAkiBK0F6kwOfnUh4sxHE0yV1d0SvkjbATferXFnn
U2Nz0oKQjtqKp+ObTtHbamSeTdwYr9rz5yticauK4hIEx5JtheN66kSuaepLupv0
E4uPN4n8xsnWufaQ03eJcZVgoZTAZ+3A0qg0xkTMhMh4QXWuS5db
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:44 2025 by rpki-client