Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IUeKGgn-UCjFqOkTQRySnyLNRPc.roa
File: IUeKGgn-UCjFqOkTQRySnyLNRPc.roa (raw, json)
Hash identifier: cjb7d8w19bk+wXlqm2Sz7SW+wJMUHLIuxdnwHyICufY=
Subject key identifier: 21:47:8A:1A:09:FE:50:28:C5:A8:E9:13:41:1C:92:9F:22:CD:44:F7
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427484A51144E83AA72316A55FA834143
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IUeKGgn-UCjFqOkTQRySnyLNRPc.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30821
IP address blocks: 192.121.168.0/24 maxlen: 24
193.183.144.0/24 maxlen: 24
193.234.233.0/24 maxlen: 24
194.103.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4a:51:14:4e:83:aa:72:31:6a:55:fa:83:41:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21478a1a09fe5028c5a8e913411c929f22cd44f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:e5:28:9f:c1:c3:78:f4:c0:a8:e4:da:8a:
b7:38:ac:12:1c:09:1c:3c:0a:2d:52:a8:e3:88:c9:
86:df:89:ed:a8:cf:42:11:5f:1e:de:3b:07:9c:b7:
f7:b4:40:11:c9:a1:33:43:c1:53:a0:0d:74:c2:d8:
61:24:0d:8c:30:02:9a:7d:49:ee:be:a2:e5:bb:1f:
a9:f1:4e:96:94:75:b5:71:a3:60:fb:ef:69:df:2b:
a9:8c:72:34:e2:06:03:21:39:e1:05:a0:e2:64:7b:
47:58:f3:38:b1:94:91:be:36:77:84:e9:e7:02:02:
df:54:a7:09:22:df:e2:a8:89:86:8d:62:83:ff:4b:
72:97:81:6c:60:45:76:8c:04:d9:18:f1:9e:15:a9:
07:a4:dd:d1:6f:09:0d:11:65:4e:44:47:28:9f:d6:
61:bb:70:c0:8a:bd:d7:5b:73:18:50:cc:69:28:51:
58:6d:f5:89:95:8e:96:48:90:82:fd:6b:9c:6f:cc:
6a:cd:18:92:78:db:d0:37:b6:c4:09:96:4e:47:72:
47:06:47:34:48:aa:84:62:33:04:a8:37:51:74:a0:
11:53:da:21:ae:69:1b:e1:49:86:a8:29:b5:36:75:
20:7b:11:a2:7b:54:91:7b:c1:24:07:a5:8f:64:88:
6c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:47:8A:1A:09:FE:50:28:C5:A8:E9:13:41:1C:92:9F:22:CD:44:F7
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/IUeKGgn-UCjFqOkTQRySnyLNRPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.168.0/24
193.183.144.0/24
193.234.233.0/24
194.103.63.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:fa:5b:85:79:18:d5:bf:2a:2e:bd:7e:c2:14:17:d0:2d:5a:
d8:d9:23:6d:40:ad:42:df:14:b4:c2:49:e3:02:29:19:24:1e:
d2:b3:3a:9a:4d:4d:73:e8:a2:98:4b:65:a6:1b:bc:c2:40:3e:
79:c8:c9:3c:ac:c2:7f:11:73:c9:fe:8d:90:89:48:98:43:07:
56:bd:7a:a0:ba:8b:e1:47:cb:5f:1f:5f:01:e9:02:0e:49:50:
42:3c:9f:2b:36:56:49:89:f7:f2:8f:a2:ad:37:2b:d2:1b:6e:
35:dd:9d:4f:a6:60:34:9c:3c:4f:cc:3e:e8:e9:8c:25:f2:83:
4e:b5:80:c9:50:c1:c2:64:ea:62:9f:dd:c1:d0:8b:70:d2:5b:
8c:17:df:66:e6:4f:78:48:04:aa:f3:46:fa:29:22:3e:8c:96:
5f:56:e9:6c:b0:de:f8:e7:84:41:a8:03:ed:21:a1:9e:83:58:
9f:08:2e:3e:52:1e:4f:97:2e:e2:04:82:77:8c:61:a5:76:23:
a6:49:0d:69:92:07:7d:99:77:5d:d7:dd:21:ed:05:92:8b:32:
88:ae:56:6c:ce:2e:7e:41:1d:24:cd:52:55:a1:53:3d:05:05:
a4:20:d3:79:22:90:19:3f:d5:18:92:23:13:96:ba:b8:a0:84:
4b:7a:e0:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSEpRFE6DqnIxalX6g0FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ3OGExYTA5ZmU1MDI4YzVhOGU5MTM0MTFjOTI5ZjIyY2Q0NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt33lKJ/Bw3j0wKjk2oq3OKwSHAkc
PAotUqjjiMmG34ntqM9CEV8e3jsHnLf3tEARyaEzQ8FToA10wthhJA2MMAKafUnu
vqLlux+p8U6WlHW1caNg++9p3yupjHI04gYDITnhBaDiZHtHWPM4sZSRvjZ3hOnn
AgLfVKcJIt/iqImGjWKD/0tyl4FsYEV2jATZGPGeFakHpN3RbwkNEWVOREcon9Zh
u3DAir3XW3MYUMxpKFFYbfWJlY6WSJCC/Wucb8xqzRiSeNvQN7bECZZOR3JHBkc0
SKqEYjMEqDdRdKARU9ohrmkb4UmGqCm1NnUgexGie1SRe8EkB6WPZIhstQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCFHihoJ/lAoxajpE0Eckp8izUT3MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSVVlS0dnbi1VQ2pGcU9rVFFSeVNueUxOUlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHmoAwQA
wbeQAwQAwerpAwQAwmc/MA0GCSqGSIb3DQEBCwUAA4IBAQCd+luFeRjVvyouvX7C
FBfQLVrY2SNtQK1C3xS0wknjAikZJB7SszqaTU1z6KKYS2WmG7zCQD55yMk8rMJ/
EXPJ/o2QiUiYQwdWvXqguovhR8tfH18B6QIOSVBCPJ8rNlZJiffyj6KtNyvSG241
3Z1PpmA0nDxPzD7o6Ywl8oNOtYDJUMHCZOpin93B0Itw0luMF99m5k94SASq80b6
KSI+jJZfVulssN7454RBqAPtIaGeg1ifCC4+Uh5Ply7iBIJ3jGGldiOmSQ1pkgd9
mXdd190h7QWSizKIrlZszi5+QR0kzVJVoVM9BQWkINN5IpAZP9UYkiMTlrq4oIRL
euBw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:35 2025 by rpki-client