Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/V0Mr-jpf43la72T5hn_I860irlM.roa
File: V0Mr-jpf43la72T5hn_I860irlM.roa (raw, json)
Hash identifier: w0hwNv21bw76Zrbq8pFUxeQFp1W3PO0RBzAn0RPZiDA=
Subject key identifier: 57:43:2B:FA:3A:5F:E3:79:5A:EF:64:F9:86:7F:C8:F3:AD:22:AE:53
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DF04CE847DEA38715E7256F03BE53D059
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/V0Mr-jpf43la72T5hn_I860irlM.roa
Signing time: Wed 28 Feb 2024 15:19:48 +0000
ROA not before: Wed 28 Feb 2024 15:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:4c:e8:47:de:a3:87:15:e7:25:6f:03:be:53:d0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 28 15:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57432bfa3a5fe3795aef64f9867fc8f3ad22ae53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:25:d9:54:25:19:a9:e9:da:c5:01:6a:07:
6d:06:cb:7d:ae:71:8b:6e:57:50:2e:49:5c:68:dc:
af:24:b9:06:3a:81:4d:42:41:ea:fe:d4:89:ed:d1:
39:18:4e:1e:10:cf:09:a1:4a:db:a9:dc:4e:af:fd:
72:cf:eb:81:4d:77:a6:da:6a:d6:7d:28:a5:6a:70:
6b:c8:18:7f:00:cb:e7:98:74:4f:73:69:25:f2:e5:
80:da:86:05:e4:91:4c:22:ac:26:c5:66:5a:87:35:
07:cd:c2:38:7b:ba:09:e8:8f:53:6a:83:88:fd:3b:
b1:64:9b:13:18:3e:33:7a:56:71:bc:49:8d:ae:7f:
8d:71:66:eb:a4:8d:a5:b4:aa:ff:5b:76:32:f7:22:
49:cf:5b:76:a7:5f:83:92:e0:59:8e:0c:85:4d:2f:
74:1a:7a:e7:01:32:1b:e9:10:1b:02:e6:09:57:0d:
e3:0f:cd:5f:95:0f:c3:e4:8d:44:42:e2:60:42:e4:
4b:b7:24:40:00:56:82:50:d4:5c:b6:07:5d:37:bc:
40:09:1d:a9:09:1b:61:e6:4b:80:a2:7a:e3:40:7d:
5a:30:be:d1:de:2e:17:7b:ff:e0:c2:21:11:aa:cc:
35:b7:a0:20:8b:7e:c2:43:97:0d:aa:21:74:17:98:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:43:2B:FA:3A:5F:E3:79:5A:EF:64:F9:86:7F:C8:F3:AD:22:AE:53
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/V0Mr-jpf43la72T5hn_I860irlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
22:48:6f:0f:1b:da:44:c1:24:23:c3:df:03:ee:aa:e8:23:ab:
42:b1:bd:fd:c0:3f:df:ca:76:fc:86:68:9a:c1:60:d7:3d:65:
25:c8:40:1f:bf:02:cb:93:e5:de:56:0b:71:69:3d:c4:30:2d:
9a:c8:ed:9d:c2:cb:20:d8:bc:32:b1:5d:cc:f6:89:83:c2:3d:
38:7d:24:79:34:56:54:04:32:c5:b7:d6:fe:33:1c:08:8c:a0:
0e:16:d8:38:4d:75:03:64:e5:59:c4:87:c4:7a:26:59:99:43:
39:cb:c1:82:8d:7b:28:e4:1c:15:1e:0a:ff:de:ab:a4:40:9a:
3e:32:19:81:04:f0:9b:d7:54:09:82:b3:87:5b:99:6c:a4:ff:
cd:b0:2f:00:93:7c:32:c9:db:55:27:a5:3c:1c:39:fc:08:66:
7c:96:da:2f:db:d1:ee:db:6d:ae:db:a3:74:7b:19:96:ba:d2:
b0:a9:22:8a:aa:a1:1d:22:74:cf:7d:96:18:c0:23:de:f4:65:
37:6b:15:47:71:4a:2a:9e:8d:2d:01:46:0a:ab:43:a0:a8:2b:
7d:f5:10:72:cc:94:f1:41:50:56:c1:ce:08:98:d7:88:3b:3e:
0c:4b:39:48:23:66:63:1c:2b:0c:6c:a0:93:fb:c2:15:f7:74:
83:53:9e:5c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY3wTOhH3qOHFeclbwO+U9BZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjI4MTUxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQzMmJmYTNhNWZlMzc5NWFlZjY0Zjk4NjdmYzhmM2FkMjJhZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndAl2VQlGanp2sUBagdtBst9rnGL
bldQLklcaNyvJLkGOoFNQkHq/tSJ7dE5GE4eEM8JoUrbqdxOr/1yz+uBTXem2mrW
fSilanBryBh/AMvnmHRPc2kl8uWA2oYF5JFMIqwmxWZahzUHzcI4e7oJ6I9TaoOI
/TuxZJsTGD4zelZxvEmNrn+NcWbrpI2ltKr/W3Yy9yJJz1t2p1+DkuBZjgyFTS90
GnrnATIb6RAbAuYJVw3jD81flQ/D5I1EQuJgQuRLtyRAAFaCUNRctgddN7xACR2p
CRth5kuAonrjQH1aML7R3i4Xe//gwiERqsw1t6Agi37CQ5cNqiF0F5iszwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFdDK/o6X+N5Wu9k+YZ/yPOtIq5TMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVjBNci1qcGY0M2xhNzJUNWhuX0k4NjBpcmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAwEeeAwQA
wertAwQAwg6BAwQBwkQ4AwQAwkRjAwQAwkR+AwQAwkcbAwQAwkdTAwQBwkeMAwQD
wkf4AwQAwoSuMA0GCSqGSIb3DQEBCwUAA4IBAQAiSG8PG9pEwSQjw98D7qroI6tC
sb39wD/fynb8hmiawWDXPWUlyEAfvwLLk+XeVgtxaT3EMC2ayO2dwssg2LwysV3M
9omDwj04fSR5NFZUBDLFt9b+MxwIjKAOFtg4TXUDZOVZxIfEeiZZmUM5y8GCjXso
5BwVHgr/3qukQJo+MhmBBPCb11QJgrOHW5lspP/NsC8Ak3wyydtVJ6U8HDn8CGZ8
ltov29Hu222u26N0exmWutKwqSKKqqEdInTPfZYYwCPe9GU3axVHcUoqno0tAUYK
q0OgqCt99RByzJTxQVBWwc4ImNeIOz4MSzlII2ZjHCsMbKCT+8IV93SDU55c
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:54 2025 by rpki-client