Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9MknE2fO7cC7xcOZX0t9CTl41ts.roa
File: 9MknE2fO7cC7xcOZX0t9CTl41ts.roa (raw, json)
Hash identifier: dVQCWrns/TOA0udDSUE41jZUUdF/ei9YcELwwkr3bEs=
Subject key identifier: F4:C9:27:13:67:CE:ED:C0:BB:C5:C3:99:5F:4B:7D:09:39:78:D6:DB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E50A096F7130A9789B902C7D5BFC7029B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9MknE2fO7cC7xcOZX0t9CTl41ts.roa
Signing time: Mon 18 Mar 2024 08:14:45 +0000
ROA not before: Mon 18 Mar 2024 08:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:a0:96:f7:13:0a:97:89:b9:02:c7:d5:bf:c7:02:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 18 08:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4c9271367ceedc0bbc5c3995f4b7d093978d6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:de:19:81:84:10:9a:21:76:5e:3e:ce:77:9d:
8a:d0:6b:5e:b6:80:fa:84:8f:f7:df:b6:bd:ad:ab:
ad:7e:9e:34:5b:eb:6d:5e:21:06:33:c6:a3:19:34:
cb:b9:9e:9d:0c:ef:49:41:be:3d:ec:77:0f:b6:31:
bd:b1:38:d0:a3:04:b6:f1:40:bf:80:20:2f:ab:53:
35:aa:8e:b1:e0:a7:59:9f:c8:98:08:67:1b:1b:57:
99:53:e9:91:39:58:2f:1f:9e:ae:ed:56:7f:54:4c:
d8:4c:82:23:13:65:30:48:3e:03:b4:05:ee:08:04:
76:28:e7:19:31:09:4a:58:c1:fb:ed:7f:1e:8f:b1:
f5:aa:2f:6d:93:b5:7d:0b:b8:b4:17:1d:87:8b:0a:
5a:d1:87:10:6c:6e:76:da:0e:e2:62:e4:fe:95:7e:
ac:0f:d2:b9:f7:c9:2e:b1:e5:7a:d1:5b:05:91:ba:
8a:5a:36:d6:ca:33:88:b4:01:58:68:5e:69:df:29:
fe:02:59:44:7f:e6:f6:a4:02:5b:3f:29:c8:b7:5d:
2b:fb:10:98:c8:3a:ce:53:5f:18:48:2e:a1:87:ee:
3f:5e:aa:a5:2a:76:6f:dc:68:2c:3c:2d:45:d7:85:
78:8e:f2:08:a7:3c:c4:03:f9:ac:5f:76:63:8c:36:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C9:27:13:67:CE:ED:C0:BB:C5:C3:99:5F:4B:7D:09:39:78:D6:DB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/9MknE2fO7cC7xcOZX0t9CTl41ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.183.118.0/24
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.108.0/23
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5b:d3:d8:e2:18:e5:cb:da:01:46:12:f0:30:08:76:99:c5:
d6:e9:1e:01:6f:74:8e:c8:08:2f:54:3c:ae:ba:8c:86:f2:ef:
c5:c4:70:85:3d:e8:b9:bc:2d:82:f3:04:bd:27:68:0e:8f:88:
9d:1d:6b:88:ac:25:ee:33:e6:19:99:0b:c6:81:22:29:ce:66:
c7:e5:13:ac:20:90:ba:ea:70:4f:56:20:a9:40:87:6f:9f:58:
ba:4b:77:c7:b3:a0:49:ab:f2:21:b2:76:0f:17:04:a1:99:73:
e3:31:9d:d7:2e:e4:5a:e9:1b:88:5c:fe:c9:5f:1a:df:ec:a3:
30:ac:ef:bd:ff:0e:13:a9:7e:b0:f5:a5:a9:7f:78:ec:41:01:
4a:ac:1b:ce:3b:d2:cb:f5:fd:f5:41:80:f6:2c:be:08:62:cb:
99:af:90:0a:69:6a:67:f1:d3:c1:16:e0:ea:45:02:f1:de:10:
54:74:54:3a:84:19:5d:cf:b0:bc:26:10:f0:e4:2a:83:cd:8e:
d9:c9:8a:e0:0f:69:34:91:30:4a:a5:e3:07:32:fa:2d:36:58:
4f:f6:0c:1a:4e:38:c3:c7:af:bd:7a:f2:da:7c:22:72:e5:40:
64:42:e7:05:85:e0:cb:9e:5c:0b:db:75:3d:85:f9:c6:dc:0d:
9c:9e:d2:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY5QoJb3EwqXibkCx9W/xwKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzE4MDgxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM5MjcxMzY3Y2VlZGMwYmJjNWMzOTk1ZjRiN2QwOTM5NzhkNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt4ZgYQQmiF2Xj7Od52K0GtetoD6
hI/337a9rautfp40W+ttXiEGM8ajGTTLuZ6dDO9JQb497HcPtjG9sTjQowS28UC/
gCAvq1M1qo6x4KdZn8iYCGcbG1eZU+mROVgvH56u7VZ/VEzYTIIjE2UwSD4DtAXu
CAR2KOcZMQlKWMH77X8ej7H1qi9tk7V9C7i0Fx2Hiwpa0YcQbG522g7iYuT+lX6s
D9K598kuseV60VsFkbqKWjbWyjOItAFYaF5p3yn+AllEf+b2pAJbPynIt10r+xCY
yDrOU18YSC6hh+4/XqqlKnZv3GgsPC1F14V4jvIIpzzEA/msX3ZjjDaFgQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFPTJJxNnzu3Au8XDmV9LfQk5eNbbMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvOU1rbkUyZk83Y0M3eGNPWlgwdDlDVGw0MXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwEeeAwQA
wHmsAwQAwHnAAwQAwbQ9AwQAwbd2AwQAwertAwQAwg6BAwQAwg7UAwQBwkQ4AwQA
wkRjAwQAwkR+AwQAwkcbAwQAwkdTAwQBwkeMAwQDwkf4AwQBwoRsAwQAwoSuMA0G
CSqGSIb3DQEBCwUAA4IBAQC2W9PY4hjly9oBRhLwMAh2mcXW6R4Bb3SOyAgvVDyu
uoyG8u/FxHCFPei5vC2C8wS9J2gOj4idHWuIrCXuM+YZmQvGgSIpzmbH5ROsIJC6
6nBPViCpQIdvn1i6S3fHs6BJq/IhsnYPFwShmXPjMZ3XLuRa6RuIXP7JXxrf7KMw
rO+9/w4TqX6w9aWpf3jsQQFKrBvOO9LL9f31QYD2LL4IYsuZr5AKaWpn8dPBFuDq
RQLx3hBUdFQ6hBldz7C8JhDw5CqDzY7ZyYrgD2k0kTBKpeMHMvotNlhP9gwaTjjD
x6+9evLafCJy5UBkQucFheDLnlwL23U9hfnG3A2cntKu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:12 2025 by rpki-client