Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLJvaEvU0AYdpx25-rltRnijVN0.roa
File: FLJvaEvU0AYdpx25-rltRnijVN0.roa (raw, json)
Hash identifier: 36q2l9AmKVjqEznSAXaZagzPORuLL3gx3AOkAdPF72s=
Subject key identifier: 14:B2:6F:68:4B:D4:D0:06:1D:A7:1D:B9:FA:B9:6D:46:78:A3:54:DD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018626FCD8F947A75CF391BDA9CEA669A14E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLJvaEvU0AYdpx25-rltRnijVN0.roa
Signing time: Mon 06 Feb 2023 13:49:10 +0000
ROA not before: Mon 06 Feb 2023 13:49:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206170
IP address blocks: 193.183.112.0/24 maxlen: 24
192.121.140.0/24 maxlen: 24
192.121.58.0/24 maxlen: 24
192.71.246.0/24 maxlen: 24
192.165.9.0/24 maxlen: 24
192.121.182.0/24 maxlen: 24
194.68.59.0/24 maxlen: 24
192.36.176.0/24 maxlen: 24
194.14.207.0/24 maxlen: 24
192.176.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:fc:d8:f9:47:a7:5c:f3:91:bd:a9:ce:a6:69:a1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 6 13:49:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14b26f684bd4d0061da71db9fab96d4678a354dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:31:d9:35:bc:67:a1:44:7c:bb:31:91:cf:
f0:b0:fa:07:25:09:b8:f0:fc:6a:3f:3c:4f:2a:82:
cd:c4:6c:75:3a:45:06:2a:49:47:c2:63:4a:76:dc:
93:90:66:cc:47:7b:45:3e:d3:e9:21:52:ce:95:1f:
2b:17:53:02:13:aa:9b:de:aa:95:a9:bd:80:19:57:
8e:01:1a:71:2d:7e:e5:9c:b8:1a:7f:2f:0c:43:98:
09:53:5e:36:fe:d8:0e:32:06:84:1e:30:ba:a2:99:
4a:f2:77:34:0c:9f:f7:b0:8a:96:9c:a2:29:10:c4:
97:36:21:79:20:1a:31:71:70:a6:fb:09:1c:2a:47:
b2:6a:6f:72:c9:cf:ee:f7:74:46:27:58:eb:1f:02:
da:dc:e4:a2:1a:d8:69:c2:b8:0f:46:2d:55:5d:ed:
bc:32:70:08:8c:da:b5:9d:1f:db:4e:6d:2e:2a:18:
23:42:d4:04:57:8b:e4:af:02:a7:aa:7f:6d:f5:71:
3f:07:94:f3:db:00:a9:1c:de:52:64:ac:cf:dd:76:
a8:30:62:cf:f2:56:d4:7c:e8:da:8d:7c:6a:32:04:
54:f8:db:27:ed:9f:43:5b:12:5a:fd:89:b8:a2:11:
0b:2d:b6:8c:f7:77:1b:d8:fc:94:5c:3b:18:38:7c:
2f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B2:6F:68:4B:D4:D0:06:1D:A7:1D:B9:FA:B9:6D:46:78:A3:54:DD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLJvaEvU0AYdpx25-rltRnijVN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.176.0/24
192.71.246.0/24
192.121.58.0/24
192.121.140.0/24
192.121.182.0/24
192.165.9.0/24
192.176.45.0/24
193.183.112.0/24
194.14.207.0/24
194.68.59.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b2:12:21:28:40:d2:ee:c3:11:7f:04:12:32:67:05:fa:cd:
5b:fe:f0:26:a8:89:c4:33:61:aa:c9:4f:d7:25:e3:6c:ac:50:
9e:18:95:34:c0:21:9a:14:5c:3b:1e:c6:af:dd:f3:8f:4b:ab:
6c:e4:fb:93:b1:16:66:3e:eb:29:02:21:b2:4e:ea:0c:04:05:
88:ee:74:26:1f:1e:62:8e:c1:55:55:7e:6b:4e:9e:80:01:07:
ba:f3:7d:d0:3d:ad:4b:39:fd:d6:b6:f9:5b:fa:ef:a1:b9:92:
ca:ce:7e:36:1d:9c:19:fe:b9:6b:bc:ba:5f:d3:e8:53:9d:02:
b2:52:4a:fd:1a:58:4c:34:51:4a:4a:63:38:b8:5c:cf:4e:12:
40:59:a2:ef:9c:c6:0a:67:14:de:68:b0:04:61:2c:64:9d:f3:
cd:12:7f:49:24:65:84:36:b8:db:c0:25:79:60:25:b5:83:d7:
79:8a:a5:04:4c:66:d6:c0:29:cd:46:c5:8d:f7:f0:98:5b:c3:
fa:8e:67:88:8a:32:f3:e5:ee:9c:c3:b1:ed:b8:b5:5e:ec:db:
77:b1:ef:6d:df:34:49:17:a4:b5:33:39:d8:64:b7:8f:e5:b8:
f3:b8:97:e2:bb:f9:2b:7f:fb:24:cc:2a:57:59:36:43:ea:8e:
b3:7e:3a:fe
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYYm/Nj5R6dc85G9qc6maaFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMjA2MTM0OTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIyNmY2ODRiZDRkMDA2MWRhNzFkYjlmYWI5NmQ0Njc4YTM1NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIYx2TW8Z6FEfLsxkc/wsPoHJQm4
8PxqPzxPKoLNxGx1OkUGKklHwmNKdtyTkGbMR3tFPtPpIVLOlR8rF1MCE6qb3qqV
qb2AGVeOARpxLX7lnLgafy8MQ5gJU142/tgOMgaEHjC6oplK8nc0DJ/3sIqWnKIp
EMSXNiF5IBoxcXCm+wkcKkeyam9yyc/u93RGJ1jrHwLa3OSiGthpwrgPRi1VXe28
MnAIjNq1nR/bTm0uKhgjQtQEV4vkrwKnqn9t9XE/B5Tz2wCpHN5SZKzP3XaoMGLP
8lbUfOjajXxqMgRU+Nsn7Z9DWxJa/Ym4ohELLbaM93cb2PyUXDsYOHwvgwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBSyb2hL1NAGHacdufq5bUZ4o1TdMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRkxKdmFFdlUwQVlkcHgyNS1ybHRSbmlqVk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwCSwAwQA
wEf2AwQAwHk6AwQAwHmMAwQAwHm2AwQAwKUJAwQAwLAtAwQAwbdwAwQAwg7PAwQA
wkQ7MA0GCSqGSIb3DQEBCwUAA4IBAQCJshIhKEDS7sMRfwQSMmcF+s1b/vAmqInE
M2GqyU/XJeNsrFCeGJU0wCGaFFw7Hsav3fOPS6ts5PuTsRZmPuspAiGyTuoMBAWI
7nQmHx5ijsFVVX5rTp6AAQe6833QPa1LOf3Wtvlb+u+huZLKzn42HZwZ/rlrvLpf
0+hTnQKyUkr9GlhMNFFKSmM4uFzPThJAWaLvnMYKZxTeaLAEYSxknfPNEn9JJGWE
NrjbwCV5YCW1g9d5iqUETGbWwCnNRsWN9/CYW8P6jmeIijLz5e6cw7HtuLVe7Nt3
se9t3zRJF6S1MznYZLeP5bjzuJfiu/krf/skzCpXWTZD6o6zfjr+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:53 2025 by rpki-client