Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aOt7h7Afamtu4gKPZfsXx00kRDM.roa
File: aOt7h7Afamtu4gKPZfsXx00kRDM.roa (raw, json)
Hash identifier: ZAcl5UtACHHFKuHdmt0nO19jC/UEAEY7bSmEho0Yni0=
Subject key identifier: 68:EB:7B:87:B0:1F:6A:6B:6E:E2:02:8F:65:FB:17:C7:4D:24:44:33
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0184D2D86B61B6A746510641F8311046FFD9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aOt7h7Afamtu4gKPZfsXx00kRDM.roa
Signing time: Fri 02 Dec 2022 12:38:29 +0000
ROA not before: Fri 02 Dec 2022 12:38:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.68.127.0/24 maxlen: 24
194.103.240.0/20 maxlen: 20
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:d8:6b:61:b6:a7:46:51:06:41:f8:31:10:46:ff:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 2 12:38:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68eb7b87b01f6a6b6ee2028f65fb17c74d244433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4a:07:27:33:55:70:21:bf:eb:7d:d7:6d:4b:
fd:f6:4b:c9:aa:3a:1f:fb:f4:d8:06:1c:9f:62:a8:
5d:a1:80:92:b6:a3:5c:35:33:d2:a7:7d:67:7a:6a:
91:b1:21:ca:de:bc:5b:45:6d:c0:69:42:6e:31:5f:
a0:d8:1f:30:c6:90:4b:f2:41:f8:e4:9d:70:01:b9:
d1:c1:ee:13:7d:d2:e2:70:8a:0f:df:f0:1a:89:90:
55:78:43:df:2e:36:30:d3:f1:78:b6:2a:90:90:2b:
e2:7a:31:fe:8f:7f:83:19:f9:be:eb:99:5d:52:cd:
f0:33:18:14:60:55:3c:e0:fb:c9:0b:66:ff:9c:6e:
bb:ea:27:51:65:2d:84:29:4f:a7:6e:07:61:2e:ad:
09:e5:48:ce:ce:1c:b2:10:fc:e6:30:2b:8d:41:e5:
3b:b0:cf:9d:35:0b:e6:f8:36:1c:17:9a:55:87:23:
aa:95:0c:a1:62:c2:e6:6e:18:f5:3a:b9:ed:2b:c5:
cf:8e:bc:21:b2:42:aa:f6:ab:85:00:f7:d5:15:70:
54:7f:0d:2e:66:70:b0:82:4b:16:55:30:62:4e:eb:
34:48:52:de:ec:28:c1:bb:60:ef:8d:40:77:f8:aa:
83:55:46:0f:4b:e1:65:ec:38:a8:84:3c:8b:83:39:
51:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:7B:87:B0:1F:6A:6B:6E:E2:02:8F:65:FB:17:C7:4D:24:44:33
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/aOt7h7Afamtu4gKPZfsXx00kRDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:22:18:ae:43:47:44:f8:9c:4a:76:4c:f5:5e:49:40:c8:8a:
01:d9:10:77:ea:9e:7e:bb:c0:19:56:01:20:09:d6:ad:8f:07:
cb:9e:1e:e6:2b:95:08:43:66:42:95:c8:80:93:b4:ee:7c:18:
e1:2e:a9:e5:71:d0:d0:e6:a4:7e:12:a5:76:4d:4e:a8:30:cc:
32:bf:00:aa:ff:8b:ce:2d:c5:57:d5:fd:75:3e:cd:bc:22:a8:
62:89:5c:73:e7:73:47:dd:af:f5:6e:fd:87:9e:94:e9:94:3d:
39:24:59:30:2d:61:17:b5:a8:35:d1:cc:97:a7:f3:89:69:3d:
f8:a3:c2:23:99:d3:de:c6:a2:71:cc:7a:74:80:1a:6f:0e:3d:
a8:3c:44:af:a1:0a:29:ae:ce:b9:3e:24:88:3b:0c:f1:fa:d4:
90:0b:43:78:dc:15:43:bf:cf:47:b8:ec:cd:5e:70:f9:66:3e:
be:f8:b2:34:bf:6a:b6:e3:a1:5f:61:e2:a7:d8:63:b5:ca:8e:
93:f2:c8:3e:97:22:6a:f8:63:29:67:3a:0c:3d:48:7f:66:6b:
1b:f2:60:1f:fe:18:95:c7:4d:63:e2:92:f8:fe:c3:72:7c:b3:
95:9b:03:5a:82:43:ab:c0:bc:cc:65:80:09:24:0f:56:f9:fc:
20:55:3b:6a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYTS2GthtqdGUQZB+DEQRv/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjAyMTIzODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViN2I4N2IwMWY2YTZiNmVlMjAyOGY2NWZiMTdjNzRkMjQ0NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0oHJzNVcCG/633XbUv99kvJqjof
+/TYBhyfYqhdoYCStqNcNTPSp31nemqRsSHK3rxbRW3AaUJuMV+g2B8wxpBL8kH4
5J1wAbnRwe4TfdLicIoP3/AaiZBVeEPfLjYw0/F4tiqQkCviejH+j3+DGfm+65ld
Us3wMxgUYFU84PvJC2b/nG676idRZS2EKU+nbgdhLq0J5UjOzhyyEPzmMCuNQeU7
sM+dNQvm+DYcF5pVhyOqlQyhYsLmbhj1OrntK8XPjrwhskKq9quFAPfVFXBUfw0u
ZnCwgksWVTBiTus0SFLe7CjBu2DvjUB3+KqDVUYPS+Fl7DiohDyLgzlRzQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFGjre4ewH2prbuICj2X7F8dNJEQzMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYU90N2g3QWZhbXR1NGdLUFpmc1h4MDBrUkRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBADA
JGADBADAeSgwDAMEAcB5MgMEAMB5NAMEAMB5cwMEAMB55QMEAMClDAMEAMClHwME
AMClrQMEAMCltAMEAMCl5QMEAMCwfAMEAMG0BzAMAwQAwbSvAwQAwbSwAwQAwbZr
AwQAwbZ+AwQBwbaYAwQAwba+AwQCwbfkAwQBwbfsMAwDBAPCREgDBAHCREwDBADC
RE8DBADCRH8DBATCZ/ADBALChLwwDQYJKoZIhvcNAQELBQADggEBAMMiGK5DR0T4
nEp2TPVeSUDIigHZEHfqnn67wBlWASAJ1q2PB8ueHuYrlQhDZkKVyICTtO58GOEu
qeVx0NDmpH4SpXZNTqgwzDK/AKr/i84txVfV/XU+zbwiqGKJXHPnc0fdr/Vu/Yee
lOmUPTkkWTAtYRe1qDXRzJen84lpPfijwiOZ097GonHMenSAGm8OPag8RK+hCimu
zrk+JIg7DPH61JALQ3jcFUO/z0e47M1ecPlmPr74sjS/arbjoV9h4qfYY7XKjpPy
yD6XImr4YylnOgw9SH9maxvyYB/+GJXHTWPikvj+w3J8s5WbA1qCQ6vAvMxlgAkk
D1b5/CBVO2o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:57 2025 by rpki-client