Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/JTRUtb56w3XHWMMlPG16gzuq3TY.roa
File: JTRUtb56w3XHWMMlPG16gzuq3TY.roa (raw, json)
Hash identifier: yrMr78q1LyUIO24Hv0ia8q2dytU4uN6Z2/fAZ5p3X5Q=
Subject key identifier: 25:34:54:B5:BE:7A:C3:75:C7:58:C3:25:3C:6D:7A:83:3B:AA:DD:36
Certificate issuer: /CN=68f691e98532920b49f63cf84a509a1b3ca8c0f0
Certificate serial: 01856E38CB0330533761635037C1095C7323
Authority key identifier: 68:F6:91:E9:85:32:92:0B:49:F6:3C:F8:4A:50:9A:1B:3C:A8:C0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPaR6YUykgtJ9jz4SlCaGzyowPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/JTRUtb56w3XHWMMlPG16gzuq3TY.roa
Signing time: Sun 01 Jan 2023 16:44:53 +0000
ROA not before: Sun 01 Jan 2023 16:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 185.232.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:cb:03:30:53:37:61:63:50:37:c1:09:5c:73:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f691e98532920b49f63cf84a509a1b3ca8c0f0
Validity
Not Before: Jan 1 16:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=253454b5be7ac375c758c3253c6d7a833baadd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:5d:c2:27:a0:cf:98:ac:fb:71:13:19:5d:
14:97:cf:ad:f6:78:2a:92:5f:33:9a:80:88:f3:d1:
9f:c1:69:8a:24:5e:c1:c0:70:fb:a0:65:85:f1:0d:
e2:87:39:db:7d:26:1c:d4:43:52:b2:e5:f3:2b:79:
93:16:2b:14:d2:a2:05:e9:5a:c4:5c:ed:35:85:f9:
e1:87:48:c0:37:26:75:2f:8f:f9:fb:e2:47:39:bd:
6f:c8:4c:38:ec:59:14:ff:5c:dc:e6:9b:9e:d8:09:
2a:cb:5b:9d:a7:ad:1b:a5:c9:01:4e:a9:f5:de:d4:
ab:5b:54:ea:14:ef:47:d8:2a:d5:7a:cc:0b:9f:e5:
22:f3:f8:d3:7a:ac:5a:09:42:4d:e3:ea:72:7d:8e:
65:6a:76:22:b4:d5:8c:db:b5:c2:a4:3c:98:2e:2f:
67:df:71:09:92:37:05:c9:fb:c1:44:21:5a:ac:77:
03:51:fe:2d:f5:98:25:11:03:4a:5b:b7:34:05:d4:
cd:f2:62:6e:c2:a3:7d:4f:14:5a:10:ca:09:11:61:
19:8b:07:a5:e8:4c:f4:b2:6b:bc:67:f3:e3:ef:97:
19:24:b7:f0:63:01:3e:ea:46:19:4c:93:7a:86:52:
fd:c7:5f:e8:dd:68:37:82:22:f9:41:a3:a4:b9:9d:
30:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:34:54:B5:BE:7A:C3:75:C7:58:C3:25:3C:6D:7A:83:3B:AA:DD:36
X509v3 Authority Key Identifier:
keyid:68:F6:91:E9:85:32:92:0B:49:F6:3C:F8:4A:50:9A:1B:3C:A8:C0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPaR6YUykgtJ9jz4SlCaGzyowPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/JTRUtb56w3XHWMMlPG16gzuq3TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1875ac-a274-479e-a676-b025f4003943/1/aPaR6YUykgtJ9jz4SlCaGzyowPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.167.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:54:9a:b5:a4:5f:42:e6:c5:9a:80:69:a7:d3:5f:3d:6d:a5:
d7:a7:06:6b:85:ae:dc:5b:27:ab:3d:09:ae:d5:db:64:64:0a:
3b:8d:b7:69:f5:a4:c8:02:c1:2f:9d:c5:e7:33:8e:ad:7f:c3:
f2:0a:19:b5:41:fb:fb:27:b1:00:31:60:57:d5:16:fd:e6:75:
b0:f7:b5:dd:a9:16:88:6d:22:d9:10:e8:7e:b9:ec:60:05:80:
f6:ba:a3:84:de:2e:01:49:32:12:27:e3:c0:7d:02:48:f9:03:
26:89:b8:0c:9d:56:97:aa:0d:b6:77:d9:bd:93:fc:79:0c:e9:
74:23:e7:ad:97:80:5c:f6:7b:9a:35:16:cf:5f:cb:56:d3:85:
c9:0f:a1:5f:43:3b:f4:11:b4:5f:77:fd:0f:cc:87:e4:16:f0:
ee:1a:3c:29:83:c5:46:88:01:06:be:03:b7:1c:bd:48:c3:d0:
cf:fa:a4:99:c8:3c:82:c8:3a:f6:15:2e:02:23:e4:bc:ac:7d:
7f:53:37:ea:bc:e4:92:62:41:d9:5d:57:bc:2e:d0:61:f9:15:
93:a2:6d:db:2d:10:43:7b:00:52:e2:f8:a1:58:c1:47:96:82:
c5:54:4f:f4:4c:34:51:7b:7a:f0:5a:e6:fd:5f:01:4b:39:92:
b9:cf:35:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOMsDMFM3YWNQN8EJXHMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZjY5MWU5ODUzMjkyMGI0OWY2M2NmODRhNTA5YTFiM2Nh
OGMwZjAwHhcNMjMwMTAxMTY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM0NTRiNWJlN2FjMzc1Yzc1OGMzMjUzYzZkN2E4MzNiYWFkZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR5dwiegz5is+3ETGV0Ul8+t9ngq
kl8zmoCI89GfwWmKJF7BwHD7oGWF8Q3ihznbfSYc1ENSsuXzK3mTFisU0qIF6VrE
XO01hfnhh0jANyZ1L4/5++JHOb1vyEw47FkU/1zc5pue2Akqy1udp60bpckBTqn1
3tSrW1TqFO9H2CrVeswLn+Ui8/jTeqxaCUJN4+pyfY5lanYitNWM27XCpDyYLi9n
33EJkjcFyfvBRCFarHcDUf4t9ZglEQNKW7c0BdTN8mJuwqN9TxRaEMoJEWEZiwel
6Ez0smu8Z/Pj75cZJLfwYwE+6kYZTJN6hlL9x1/o3Wg3giL5QaOkuZ0wPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU0VLW+esN1x1jDJTxteoM7qt02MB8GA1UdIwQY
MBaAFGj2kemFMpILSfY8+EpQmhs8qMDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVBhUjZZVXlrZ3RKOWp6NFNsQ2FHenlvd1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xODc1YWMtYTI3NC00NzllLWE2NzYt
YjAyNWY0MDAzOTQzLzEvSlRSVXRiNTZ3M1hIV01NbFBHMTZnenVxM1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xODc1YWMtYTI3NC00NzllLWE2NzYtYjAyNWY0MDAzOTQz
LzEvYVBhUjZZVXlrZ3RKOWp6NFNsQ2FHenlvd1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueinMA0G
CSqGSIb3DQEBCwUAA4IBAQB/VJq1pF9C5sWagGmn0189baXXpwZrha7cWyerPQmu
1dtkZAo7jbdp9aTIAsEvncXnM46tf8PyChm1Qfv7J7EAMWBX1Rb95nWw97XdqRaI
bSLZEOh+uexgBYD2uqOE3i4BSTISJ+PAfQJI+QMmibgMnVaXqg22d9m9k/x5DOl0
I+etl4Bc9nuaNRbPX8tW04XJD6FfQzv0EbRfd/0PzIfkFvDuGjwpg8VGiAEGvgO3
HL1Iw9DP+qSZyDyCyDr2FS4CI+S8rH1/UzfqvOSSYkHZXVe8LtBh+RWTom3bLRBD
ewBS4vihWMFHloLFVE/0TDRRe3rwWub9XwFLOZK5zzVj
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:20:09 2025 by rpki-client