Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JhQNPFMzBGKJx7TL72Y4Ph31ESo.roa
File: JhQNPFMzBGKJx7TL72Y4Ph31ESo.roa (raw, json)
Hash identifier: 0VWzQMVOwZrLmDj4498xutBwkBj++XQcYkmq7W1ELwQ=
Subject key identifier: 26:14:0D:3C:53:33:04:62:89:C7:B4:CB:EF:66:38:3E:1D:F5:11:2A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAFBBC3105C6285497532FB8AF7E5C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JhQNPFMzBGKJx7TL72Y4Ph31ESo.roa
Signing time: Sun 01 Jan 2023 10:05:20 +0000
ROA not before: Sun 01 Jan 2023 10:05:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61102
IP address blocks: 193.182.144.0/24 maxlen: 24
193.182.145.0/24 maxlen: 24
192.71.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:fb:bc:31:05:c6:28:54:97:53:2f:b8:af:7e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26140d3c5333046289c7b4cbef66383e1df5112a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:ee:02:e6:8b:f4:60:40:36:c1:91:0c:74:
57:7a:bd:f5:1c:8d:b7:96:17:df:bb:14:86:ac:f6:
3c:eb:d5:b9:d8:83:a2:49:9e:e3:77:69:76:06:e5:
1d:40:b4:0d:d9:5f:fb:70:13:18:ef:d4:bd:78:1d:
b1:1b:51:1a:b9:18:d9:b4:d5:ec:66:ed:51:8c:aa:
3b:2a:fa:20:c4:88:5e:ed:af:0a:65:63:7b:8f:1f:
49:81:ee:6b:d3:ea:ca:b7:51:2d:12:9b:3d:9b:2f:
62:b6:78:dd:00:df:73:0d:6b:05:ff:38:95:82:30:
a0:48:d8:43:ea:91:78:31:64:f0:77:79:5d:a3:43:
0c:d5:f2:c6:97:a2:80:ab:33:67:73:6d:62:36:7a:
d6:20:fa:4e:c0:2c:6f:b8:a4:94:27:a7:59:73:f4:
fb:72:23:53:cb:0d:3f:44:da:dc:fd:e4:af:61:0f:
3e:77:a1:ab:32:43:1f:b4:28:ad:4a:0d:c0:e9:6d:
40:5a:74:3e:67:d4:b6:e8:ea:ef:61:5c:dc:9f:fa:
8f:f5:b2:a7:e7:3e:ca:ad:84:24:f8:21:e2:64:c0:
8b:b3:a7:40:db:92:8f:64:2a:f9:e9:e7:e1:3c:86:
1f:0e:f2:0d:a3:db:2a:8f:3e:0d:c9:04:8b:b7:6e:
60:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:14:0D:3C:53:33:04:62:89:C7:B4:CB:EF:66:38:3E:1D:F5:11:2A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/JhQNPFMzBGKJx7TL72Y4Ph31ESo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.27.0/24
193.182.144.0/23
Signature Algorithm: sha256WithRSAEncryption
51:b6:5d:28:72:e0:57:f9:8e:90:af:9d:27:72:03:4b:bf:5b:
78:d4:b0:43:93:1b:59:b6:7f:5c:f1:2f:e7:2b:f1:2c:58:5e:
1e:9b:1e:69:d1:77:9a:b2:89:ca:0d:36:0b:8b:ef:c5:95:5a:
bd:2f:da:ba:61:13:d0:97:19:0f:8d:f3:b6:a4:b0:8d:23:f4:
58:0a:15:74:cd:31:cb:4c:85:e2:7a:6e:a3:a4:c9:96:75:43:
77:d4:63:25:49:0a:a9:92:31:32:d8:b8:7a:fe:2f:b2:a4:36:
f9:4f:59:54:99:c4:77:66:76:76:e3:cd:dd:c9:14:d5:ab:c0:
07:02:5a:15:2f:4e:6d:95:60:fd:07:55:fc:9a:64:ab:d2:ce:
f7:4f:1f:f4:78:f6:a3:73:33:d3:fd:86:69:3d:c5:c4:8c:9d:
ca:ff:9c:d1:53:2b:92:fb:85:7b:66:81:4e:05:c4:39:66:f7:
22:b1:2f:30:5b:e6:26:8e:e2:4c:08:5a:50:92:d3:36:8a:4c:
4d:c8:30:09:21:73:cf:ab:54:23:c4:e8:f2:0d:36:4c:25:15:
9a:7e:96:1e:09:30:81:3a:40:33:35:68:b8:98:1e:05:39:15:
70:92:26:03:2f:76:a1:f3:28:d7:45:ea:d1:9e:ab:3c:58:13:
9e:dd:e0:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyvu8MQXGKFSXUy+4r35cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE0MGQzYzUzMzMwNDYyODljN2I0Y2JlZjY2MzgzZTFkZjUxMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEruAuaL9GBANsGRDHRXer31HI23
lhffuxSGrPY869W52IOiSZ7jd2l2BuUdQLQN2V/7cBMY79S9eB2xG1EauRjZtNXs
Zu1RjKo7KvogxIhe7a8KZWN7jx9Jge5r0+rKt1EtEps9my9itnjdAN9zDWsF/ziV
gjCgSNhD6pF4MWTwd3ldo0MM1fLGl6KAqzNnc21iNnrWIPpOwCxvuKSUJ6dZc/T7
ciNTyw0/RNrc/eSvYQ8+d6GrMkMftCitSg3A6W1AWnQ+Z9S26OrvYVzcn/qP9bKn
5z7KrYQk+CHiZMCLs6dA25KPZCr56efhPIYfDvINo9sqjz4NyQSLt25g2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCYUDTxTMwRiice0y+9mOD4d9REqMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSmhRTlBGTXpCR0tKeDdUTDcyWTRQaDMxRVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEcbAwQB
wbaQMA0GCSqGSIb3DQEBCwUAA4IBAQBRtl0ocuBX+Y6Qr50ncgNLv1t41LBDkxtZ
tn9c8S/nK/EsWF4emx5p0XeasonKDTYLi+/FlVq9L9q6YRPQlxkPjfO2pLCNI/RY
ChV0zTHLTIXiem6jpMmWdUN31GMlSQqpkjEy2Lh6/i+ypDb5T1lUmcR3ZnZ2483d
yRTVq8AHAloVL05tlWD9B1X8mmSr0s73Tx/0ePajczPT/YZpPcXEjJ3K/5zRUyuS
+4V7ZoFOBcQ5ZvcisS8wW+YmjuJMCFpQktM2ikxNyDAJIXPPq1QjxOjyDTZMJRWa
fpYeCTCBOkAzNWi4mB4FORVwkiYDL3ah8yjXRerRnqs8WBOe3eDJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:40 2025 by rpki-client