Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/abOo7sXoBf6Kd2nkNIFQYKMp8wc.roa
File: abOo7sXoBf6Kd2nkNIFQYKMp8wc.roa (raw, json)
Hash identifier: PskDMuFp/hqwGC4UcscwBwcMAbO+obItto7SFuZLi8E=
Subject key identifier: 69:B3:A8:EE:C5:E8:05:FE:8A:77:69:E4:34:81:50:60:A3:29:F3:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0187FF6BD486573D0523A72D3FD3F20837AC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/abOo7sXoBf6Kd2nkNIFQYKMp8wc.roa
Signing time: Tue 09 May 2023 07:31:09 +0000
ROA not before: Tue 09 May 2023 07:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3399
IP address blocks: 194.71.217.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
193.180.96.0/22 maxlen: 22
192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
192.36.22.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
193.182.111.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:6b:d4:86:57:3d:05:23:a7:2d:3f:d3:f2:08:37:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 9 07:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69b3a8eec5e805fe8a7769e434815060a329f307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:df:d4:2c:4e:7f:43:f3:0a:c9:22:db:eb:10:
b6:9e:34:91:e7:eb:10:ff:a4:f9:43:4c:7e:ad:ed:
cb:b9:05:02:f0:90:12:fb:e0:57:ef:e4:be:2c:08:
f4:b3:53:c1:61:31:2d:54:e7:a1:a6:68:ba:23:91:
86:95:f3:4e:b5:61:fa:8f:a8:7e:54:03:5c:de:f2:
8d:c9:67:87:f9:f3:91:5a:5a:2d:66:bb:c2:d2:e0:
b5:f1:08:2c:43:a4:01:8e:1a:bb:b8:b1:65:3b:f6:
ce:ab:d5:2d:84:42:52:87:96:0a:18:cb:c6:db:38:
b0:03:5c:32:9b:fc:41:32:e1:22:d0:06:98:36:cb:
15:51:4a:c1:51:5b:70:b5:14:b6:b5:3d:27:7f:f9:
7c:43:6a:ec:f9:19:0d:6a:06:ed:1c:f8:24:50:4e:
0a:09:7e:95:a8:66:21:62:0b:11:7c:bc:24:09:56:
b0:52:e4:c4:cb:44:96:0d:24:09:b3:a3:8d:3a:fd:
cb:a3:0a:50:0e:a6:50:25:3d:cb:4f:d7:95:50:f5:
78:e7:a5:27:9e:c5:49:58:3b:0d:11:bd:b9:84:64:
37:45:39:93:a7:6e:6f:5b:6f:02:8b:c2:c5:73:03:
37:a5:bb:d1:b3:75:d8:10:7e:8c:6a:38:ac:2b:92:
60:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B3:A8:EE:C5:E8:05:FE:8A:77:69:E4:34:81:50:60:A3:29:F3:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/abOo7sXoBf6Kd2nkNIFQYKMp8wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.96.0/22
193.180.164.0/23
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ca:86:20:cc:e5:d6:f0:c9:5e:9b:04:22:3f:7b:8f:17:38:
14:cf:5d:5f:5c:d9:ba:50:db:8c:9b:17:03:be:35:63:a6:b6:
17:e6:bd:c0:56:61:44:37:ef:a2:85:62:b3:47:9e:7d:91:3c:
b0:0f:6a:a1:44:11:b6:ef:dc:79:a0:99:91:ff:10:e3:ba:ec:
ac:f7:c2:04:c4:7f:82:21:77:5e:08:fd:d7:94:58:8b:cf:a8:
5e:7e:fa:eb:db:1e:64:c3:ec:45:c5:e3:1f:79:be:34:80:84:
6a:82:c6:6e:3d:12:27:d7:96:0b:73:b3:d5:09:39:19:cd:b0:
78:00:37:f5:2a:09:b0:ed:dc:6c:ea:54:f2:83:c5:0f:1e:24:
c6:e0:d9:b0:ba:61:35:5a:0b:29:d8:ba:4d:e3:02:18:3b:32:
01:59:31:c1:1b:6c:fb:54:44:f4:57:a9:b6:e5:5a:41:f2:d9:
ea:6c:82:b7:ee:6d:29:6d:0a:03:ac:be:82:34:71:72:46:1a:
c1:33:5b:cc:e1:19:ee:96:8b:91:27:81:82:26:16:42:67:98:
b7:f4:fa:22:d6:4f:d4:16:e6:d2:0a:20:fd:eb:45:e0:7b:ea:
81:c1:7c:b6:13:7c:2b:1d:87:b8:be:9b:73:d5:51:ab:fb:39:
09:62:f4:63
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYf/a9SGVz0FI6ctP9PyCDesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwNTA5MDczMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWIzYThlZWM1ZTgwNWZlOGE3NzY5ZTQzNDgxNTA2MGEzMjlmMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt/ULE5/Q/MKySLb6xC2njSR5+sQ
/6T5Q0x+re3LuQUC8JAS++BX7+S+LAj0s1PBYTEtVOehpmi6I5GGlfNOtWH6j6h+
VANc3vKNyWeH+fORWlotZrvC0uC18QgsQ6QBjhq7uLFlO/bOq9UthEJSh5YKGMvG
2ziwA1wym/xBMuEi0AaYNssVUUrBUVtwtRS2tT0nf/l8Q2rs+RkNagbtHPgkUE4K
CX6VqGYhYgsRfLwkCVawUuTEy0SWDSQJs6ONOv3LowpQDqZQJT3LT9eVUPV456Un
nsVJWDsNEb25hGQ3RTmTp25vW28Ci8LFcwM3pbvRs3XYEH6MajisK5JgxQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGmzqO7F6AX+indp5DSBUGCjKfMHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYWJPbzdzWG9CZjZLZDJua05JRlFZS01wOHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQCwbRgAwQBwbSkAwQAwbZvAwQAwbd0AwQBwkSqAwQB
wkTcAwQBwkfYAwQAwoQJMA0GCSqGSIb3DQEBCwUAA4IBAQBxyoYgzOXW8MlemwQi
P3uPFzgUz11fXNm6UNuMmxcDvjVjprYX5r3AVmFEN++ihWKzR559kTywD2qhRBG2
79x5oJmR/xDjuuys98IExH+CIXdeCP3XlFiLz6hefvrr2x5kw+xFxeMfeb40gIRq
gsZuPRIn15YLc7PVCTkZzbB4ADf1Kgmw7dxs6lTyg8UPHiTG4NmwumE1Wgsp2LpN
4wIYOzIBWTHBG2z7VET0V6m25VpB8tnqbIK37m0pbQoDrL6CNHFyRhrBM1vM4Rnu
louRJ4GCJhZCZ5i39Poi1k/UFubSCiD960Xge+qBwXy2E3wrHYe4vptz1VGr+zkJ
YvRj
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:49 2025 by rpki-client