Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Cm-ItiVzNS3P5z8SNefgOXFuDb4.roa
File: Cm-ItiVzNS3P5z8SNefgOXFuDb4.roa (raw, json)
Hash identifier: 4MA7pdBgIdMwQf2ypSIc7jXIUgBd+CZJNamipAAiVOg=
Subject key identifier: 0A:6F:88:B6:25:73:35:2D:CF:E7:3F:12:35:E7:E0:39:71:6E:0D:BE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427485B6F0819B894A730E77243D9232E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Cm-ItiVzNS3P5z8SNefgOXFuDb4.roa
Signing time: Thu 02 Jan 2025 13:50:40 +0000
ROA not before: Thu 02 Jan 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48894
IP address blocks: 192.71.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:5b:6f:08:19:b8:94:a7:30:e7:72:43:d9:23:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a6f88b62573352dcfe73f1235e7e039716e0dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ef:cf:a9:4e:e1:05:82:d4:99:c6:17:1e:72:
cb:76:74:3c:87:de:2b:b5:f4:c5:0f:31:7a:d0:e2:
fa:51:12:0e:68:8a:bf:a1:e5:e1:54:ec:ca:e0:7f:
c4:f0:ca:23:65:2e:5c:32:d5:ad:cd:42:9c:c5:fb:
89:66:ca:65:5b:f6:1e:dd:99:17:3f:61:e1:ee:68:
fc:56:22:bb:69:4d:02:f1:62:d3:21:2e:7d:10:e9:
48:a3:d8:6c:15:e3:a5:ab:2f:b1:63:32:3a:db:c8:
a6:fe:9d:7c:7a:a5:c5:d1:6e:15:b1:98:c1:71:cf:
3a:86:57:11:85:f0:ef:ac:a0:45:50:e9:d2:32:a4:
83:f8:db:39:13:53:63:8d:7d:13:bd:21:1c:fa:1d:
35:3f:c3:c0:85:53:22:cc:11:13:0d:08:4d:8e:0e:
64:11:1b:f7:b0:00:cd:f9:b3:07:fa:60:5e:24:22:
5b:23:21:f7:47:eb:94:6b:c4:88:8f:a3:b6:b3:11:
e4:d9:71:6d:f3:6e:3b:c1:6e:36:3d:d5:5b:11:d6:
36:0d:96:04:cc:7e:c7:9d:78:48:80:b7:ca:8f:c3:
34:64:18:25:ae:dc:96:8b:28:12:0e:fb:87:86:4a:
e1:5f:30:72:f9:bf:1f:0f:63:9e:90:d3:44:c4:4c:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6F:88:B6:25:73:35:2D:CF:E7:3F:12:35:E7:E0:39:71:6E:0D:BE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Cm-ItiVzNS3P5z8SNefgOXFuDb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.244.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fa:af:e6:a9:4b:68:da:6f:7d:a5:3a:f4:b2:3c:e7:83:c6:
2c:31:97:10:0c:7a:a0:ee:8c:92:0d:14:4a:ab:ac:49:28:20:
a9:fa:97:96:e7:74:d9:7b:90:e3:aa:3a:c2:b4:f8:14:c2:a2:
c8:d0:46:fa:17:50:d2:f3:52:f8:8f:71:27:ed:f4:7f:ec:b1:
10:54:bb:93:0b:0f:e3:b2:b1:e0:05:43:b1:6c:52:f0:dc:8f:
3e:6b:dc:7d:ad:01:a1:c9:e8:bf:0e:16:e2:df:da:50:9a:37:
3e:bb:12:d6:98:32:2c:fd:54:41:f9:21:d2:bf:9a:6c:df:94:
3c:62:86:20:54:be:e6:18:b4:2d:02:2c:33:41:7a:0a:5c:e7:
41:dc:b2:d0:b0:2c:be:07:d7:7a:3b:78:e9:91:ff:b6:2e:ef:
a5:21:ab:65:25:e1:c8:df:13:98:81:86:0c:5c:20:c0:48:d1:
b7:68:e0:a3:41:10:ca:f8:57:b3:4c:a5:6d:a0:33:e5:90:a4:
b0:f5:52:c6:77:7c:f8:52:58:f0:3b:82:4b:01:a9:6b:f5:77:
39:b3:36:8c:4c:4c:f8:2b:e0:00:88:fe:8d:89:b4:b8:d3:09:
e4:ba:71:b1:d6:0c:a8:c8:f1:7b:e0:49:16:87:56:bc:38:1c:
37:f3:a8:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFtvCBm4lKcw53JD2SMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZmODhiNjI1NzMzNTJkY2ZlNzNmMTIzNWU3ZTAzOTcxNmUwZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze/PqU7hBYLUmcYXHnLLdnQ8h94r
tfTFDzF60OL6URIOaIq/oeXhVOzK4H/E8MojZS5cMtWtzUKcxfuJZsplW/Ye3ZkX
P2Hh7mj8ViK7aU0C8WLTIS59EOlIo9hsFeOlqy+xYzI628im/p18eqXF0W4VsZjB
cc86hlcRhfDvrKBFUOnSMqSD+Ns5E1NjjX0TvSEc+h01P8PAhVMizBETDQhNjg5k
ERv3sADN+bMH+mBeJCJbIyH3R+uUa8SIj6O2sxHk2XFt8247wW42PdVbEdY2DZYE
zH7HnXhIgLfKj8M0ZBglrtyWiygSDvuHhkrhXzBy+b8fD2OekNNExEy6UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApviLYlczUtz+c/EjXn4Dlxbg2+MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQ20tSXRpVnpOUzNQNXo4U05lZmdPWEZ1RGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEf0MA0G
CSqGSIb3DQEBCwUAA4IBAQBB+q/mqUto2m99pTr0sjzng8YsMZcQDHqg7oySDRRK
q6xJKCCp+peW53TZe5DjqjrCtPgUwqLI0Eb6F1DS81L4j3En7fR/7LEQVLuTCw/j
srHgBUOxbFLw3I8+a9x9rQGhyei/Dhbi39pQmjc+uxLWmDIs/VRB+SHSv5ps35Q8
YoYgVL7mGLQtAiwzQXoKXOdB3LLQsCy+B9d6O3jpkf+2Lu+lIatlJeHI3xOYgYYM
XCDASNG3aOCjQRDK+FezTKVtoDPlkKSw9VLGd3z4UljwO4JLAalr9Xc5szaMTEz4
K+AAiP6NibS40wnkunGx1gyoyPF74EkWh1a8OBw386jQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:36 2025 by rpki-client