Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aKSGBhdqCloC5GyVaHRrCLOyYcg.roa
File: aKSGBhdqCloC5GyVaHRrCLOyYcg.roa (raw, json)
Hash identifier: IWYbLSqqv8szPBP9GPTCY7vk4jBUS+XsqLbMO4/qAqg=
Subject key identifier: 68:A4:86:06:17:6A:0A:5A:02:E4:6C:95:68:74:6B:08:B3:B2:61:C8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802E25A4CD658ABD63813C144237DCB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aKSGBhdqCloC5GyVaHRrCLOyYcg.roa
Signing time: Tue 02 Jan 2024 02:31:21 +0000
ROA not before: Tue 02 Jan 2024 02:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24851
IP address blocks: 192.71.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e2:5a:4c:d6:58:ab:d6:38:13:c1:44:23:7d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68a48606176a0a5a02e46c9568746b08b3b261c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:c7:0b:23:be:37:08:ff:2f:43:8e:3f:2c:
90:e4:19:23:83:72:23:f6:6a:ed:9f:87:27:2f:d2:
4f:be:f0:a6:0a:c1:2b:82:1e:5b:8b:df:be:38:ac:
34:e9:d6:f0:a2:5f:3e:ab:68:41:b1:7d:6b:df:9d:
11:7e:ee:22:24:a7:39:62:45:af:ba:8e:c2:1c:ce:
45:2a:90:17:05:40:bf:0c:bb:75:49:9c:1f:62:4b:
08:4b:58:4c:7f:72:30:80:ba:38:9f:16:2c:01:ff:
6d:6c:44:eb:b5:4e:5f:ad:35:01:02:d1:4c:96:7f:
8b:4d:72:2c:cd:d2:ed:92:1d:32:da:83:8f:51:ad:
bd:19:7d:0d:a5:6a:2e:24:e9:17:9e:13:43:17:9d:
a5:ed:36:c9:9f:13:b6:b4:19:b2:ee:c1:ff:0e:20:
6f:2c:bc:d1:0a:1c:0c:e8:bb:31:c6:7a:dc:a8:29:
dd:8a:39:99:da:65:37:f5:f4:99:2d:6c:25:45:a8:
e3:b7:3c:55:81:96:81:eb:3c:85:26:e2:d6:01:62:
b9:53:e3:31:82:f2:60:2a:cc:7d:04:1f:ec:8e:3b:
8e:ef:68:41:df:ef:78:81:31:33:37:51:a4:b9:03:
07:bd:80:0b:17:a3:e5:77:f1:06:e1:9d:f6:c2:66:
4c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A4:86:06:17:6A:0A:5A:02:E4:6C:95:68:74:6B:08:B3:B2:61:C8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aKSGBhdqCloC5GyVaHRrCLOyYcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.211.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e2:db:fc:6b:bc:5a:e2:67:3c:20:41:aa:e3:6b:c1:c2:77:
b1:a2:1f:1d:16:91:68:d0:94:26:8b:05:a3:71:13:b5:cf:e2:
ef:2a:9f:2a:d2:a8:4b:9f:06:15:85:ca:01:e1:2d:36:91:85:
e1:03:86:3a:95:dc:8c:d4:15:13:fe:a7:da:80:ea:50:32:43:
d8:3a:c8:0e:ac:13:ad:10:70:b4:60:93:e8:e5:fb:96:4f:51:
29:86:3c:b2:be:17:66:83:9d:bb:dd:f1:52:e9:83:e4:3d:6a:
13:e3:af:91:67:44:37:a5:f8:0f:f5:de:6c:74:83:3e:a7:e4:
50:bb:6c:4d:33:b5:9e:ee:e8:3c:1b:5e:93:a0:98:05:dd:fe:
77:d5:fa:d0:b3:bd:94:2e:55:92:50:a5:40:f7:9a:ed:46:f9:
54:6d:04:15:a2:08:2a:df:82:39:02:d7:1f:46:e2:f6:c5:5b:
5c:4e:9a:1b:c1:22:24:2f:a4:14:c7:6e:7d:e6:4d:71:aa:cc:
4f:58:5a:50:be:4f:3a:e6:ea:dc:84:3d:75:c0:35:a6:45:b4:
04:28:47:10:be:dc:03:01:f0:66:85:71:57:bf:b1:4e:66:3d:
07:1e:a9:57:1a:7a:b5:b6:df:bf:26:f5:89:8f:7e:da:f4:24:
63:8c:16:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAuJaTNZYq9Y4E8FEI33LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE0ODYwNjE3NmEwYTVhMDJlNDZjOTU2ODc0NmIwOGIzYjI2MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuTHCyO+Nwj/L0OOPyyQ5Bkjg3Ij
9mrtn4cnL9JPvvCmCsErgh5bi9++OKw06dbwol8+q2hBsX1r350Rfu4iJKc5YkWv
uo7CHM5FKpAXBUC/DLt1SZwfYksIS1hMf3IwgLo4nxYsAf9tbETrtU5frTUBAtFM
ln+LTXIszdLtkh0y2oOPUa29GX0NpWouJOkXnhNDF52l7TbJnxO2tBmy7sH/DiBv
LLzRChwM6LsxxnrcqCndijmZ2mU39fSZLWwlRajjtzxVgZaB6zyFJuLWAWK5U+Mx
gvJgKsx9BB/sjjuO72hB3+94gTEzN1GkuQMHvYALF6Pld/EG4Z32wmZMrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGikhgYXagpaAuRslWh0awizsmHIMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYUtTR0JoZHFDbG9DNUd5VmFIUnJDTE95WWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEfTMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4tv8a7xa4mc8IEGq42vBwnexoh8dFpFo0JQmiwWj
cRO1z+LvKp8q0qhLnwYVhcoB4S02kYXhA4Y6ldyM1BUT/qfagOpQMkPYOsgOrBOt
EHC0YJPo5fuWT1Ephjyyvhdmg5273fFS6YPkPWoT46+RZ0Q3pfgP9d5sdIM+p+RQ
u2xNM7We7ug8G16ToJgF3f531frQs72ULlWSUKVA95rtRvlUbQQVoggq34I5Atcf
RuL2xVtcTpobwSIkL6QUx2595k1xqsxPWFpQvk865urchD11wDWmRbQEKEcQvtwD
AfBmhXFXv7FOZj0HHqlXGnq1tt+/JvWJj37a9CRjjBa1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:11 2025 by rpki-client