Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/li3icX1TV_kYAXcQEg1WbePWdW0.roa
File: li3icX1TV_kYAXcQEg1WbePWdW0.roa (raw, json)
Hash identifier: YCUR+Fzh+1XjnAHuUEfgeHEfeQPau9vOUfZlSKMh0G4=
Subject key identifier: 96:2D:E2:71:7D:53:57:F9:18:01:77:10:12:0D:56:6D:E3:D6:75:6D
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 01861731DEADF35FB70D617D7929BB8D8B88
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/li3icX1TV_kYAXcQEg1WbePWdW0.roa
Signing time: Fri 03 Feb 2023 12:13:09 +0000
ROA not before: Fri 03 Feb 2023 12:13:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.127.164.0/23 maxlen: 23
2.58.66.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:31:de:ad:f3:5f:b7:0d:61:7d:79:29:bb:8d:8b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Feb 3 12:13:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=962de2717d5357f918017710120d566de3d6756d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1a:2c:36:8b:e0:90:25:c8:20:27:22:f1:ae:
ee:17:88:b1:2e:69:8b:c0:16:44:4c:f5:43:2d:43:
cd:56:56:b2:9f:66:3e:96:e1:f1:43:23:7c:d6:7d:
9b:23:21:cb:86:eb:b4:78:ea:8e:6c:7f:4d:5c:8c:
71:c6:b0:2a:9f:44:59:4f:b4:1c:8c:e7:1b:1d:97:
1d:40:f4:17:ac:99:54:16:ca:82:c8:96:87:ab:c8:
87:ae:71:2e:be:88:e8:29:ca:57:85:0f:b2:0b:2f:
2d:a8:82:fb:89:7e:7d:e0:7f:cb:4f:0a:76:5f:f6:
ca:a3:29:4c:0d:b0:af:a1:e7:d0:8a:5e:29:73:f4:
5d:9b:2b:2c:d3:4e:e4:6b:91:18:86:03:d6:57:c4:
0e:c3:17:6f:17:90:b0:ca:8e:d3:ae:80:1b:e6:81:
ac:aa:e5:6e:ec:2b:c4:fc:04:65:b4:22:1f:9b:b8:
bf:7c:85:44:2a:28:f5:00:3d:35:42:ac:42:2a:c7:
dd:2d:d7:16:68:f9:60:3c:4c:7b:08:de:2c:6b:e4:
ec:49:d0:58:a6:69:31:e5:35:e8:f7:5e:05:50:78:
60:db:14:a0:3c:9e:43:c0:f5:59:44:24:09:34:b7:
ed:3b:5e:bf:82:70:5d:51:2f:7b:9d:b0:e1:04:1f:
2a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2D:E2:71:7D:53:57:F9:18:01:77:10:12:0D:56:6D:E3:D6:75:6D
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/li3icX1TV_kYAXcQEg1WbePWdW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.66.0/23
185.127.164.0/23
Signature Algorithm: sha256WithRSAEncryption
02:e2:f8:61:da:a7:f3:cd:67:7c:87:40:20:44:cf:42:98:02:
02:9c:b0:ff:29:e4:04:c7:d1:1d:ee:4e:6c:92:ed:f2:97:f6:
10:da:20:58:21:34:d3:d0:42:b8:f0:d9:b5:0d:e6:30:20:85:
aa:40:57:2f:2e:db:d2:31:2c:b8:61:47:86:c3:a9:e8:da:c2:
ff:9f:df:1b:00:04:7f:28:9c:13:e0:7c:24:c9:f4:54:47:61:
3e:de:2e:e4:af:bd:10:cf:39:b7:4e:b6:e2:33:4f:5a:8d:8c:
79:e1:ad:2c:72:42:1c:6c:d2:3f:4a:80:e8:e3:6e:a8:52:18:
af:2c:04:78:ae:38:af:27:b6:c9:fd:18:9f:80:59:7c:6c:dd:
e6:31:d7:61:c4:9b:a1:18:0a:63:01:50:32:d0:50:ac:b2:8b:
58:0d:6e:aa:81:9f:82:60:ad:2c:f4:4b:06:e1:d5:8f:28:4b:
ef:f3:a8:a0:cf:53:9c:a7:5b:8a:c1:94:e7:c9:85:62:c2:d3:
13:8f:fe:0d:9d:46:b1:fd:ea:d1:8a:3b:49:6a:6b:3d:29:13:
87:29:63:d3:61:1b:60:ce:c1:20:ca:bb:da:40:f7:05:be:60:
63:13:d5:f1:87:0c:3d:ec:23:21:86:22:a0:e9:5b:28:02:df:
0e:33:ef:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYXMd6t81+3DWF9eSm7jYuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwMjAzMTIxMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJkZTI3MTdkNTM1N2Y5MTgwMTc3MTAxMjBkNTY2ZGUzZDY3NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghosNovgkCXIICci8a7uF4ixLmmL
wBZETPVDLUPNVlayn2Y+luHxQyN81n2bIyHLhuu0eOqObH9NXIxxxrAqn0RZT7Qc
jOcbHZcdQPQXrJlUFsqCyJaHq8iHrnEuvojoKcpXhQ+yCy8tqIL7iX594H/LTwp2
X/bKoylMDbCvoefQil4pc/Rdmyss007ka5EYhgPWV8QOwxdvF5Cwyo7TroAb5oGs
quVu7CvE/ARltCIfm7i/fIVEKij1AD01QqxCKsfdLdcWaPlgPEx7CN4sa+TsSdBY
pmkx5TXo914FUHhg2xSgPJ5DwPVZRCQJNLftO16/gnBdUS97nbDhBB8q7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJYt4nF9U1f5GAF3EBINVm3j1nVtMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvbGkzaWNYMVRWX2tZQVhjUUVnMVdiZVBXZFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjpCAwQB
uX+kMA0GCSqGSIb3DQEBCwUAA4IBAQAC4vhh2qfzzWd8h0AgRM9CmAICnLD/KeQE
x9Ed7k5sku3yl/YQ2iBYITTT0EK48Nm1DeYwIIWqQFcvLtvSMSy4YUeGw6no2sL/
n98bAAR/KJwT4HwkyfRUR2E+3i7kr70Qzzm3TrbiM09ajYx54a0sckIcbNI/SoDo
426oUhivLAR4rjivJ7bJ/RifgFl8bN3mMddhxJuhGApjAVAy0FCssotYDW6qgZ+C
YK0s9EsG4dWPKEvv86igz1Ocp1uKwZTnyYViwtMTj/4NnUax/erRijtJams9KROH
KWPTYRtgzsEgyrvaQPcFvmBjE9Xxhww97CMhhiKg6VsoAt8OM+8x
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:10:50 2025 by rpki-client