Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ac6srr8W-uYsA9c-6K8m44fApFM.roa
File: ac6srr8W-uYsA9c-6K8m44fApFM.roa (raw, json)
Hash identifier: vTGHfSupMgmNuOj5AL7NAryZkuQQZ6OzT+NC+h+Wm7E=
Subject key identifier: 69:CE:AC:AE:BF:16:FA:E6:2C:03:D7:3E:E8:AF:26:E3:87:C0:A4:53
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274842BB8B17E43F7E3029636C74F7DC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ac6srr8W-uYsA9c-6K8m44fApFM.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 192.36.247.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
192.71.254.0/23 maxlen: 24
192.176.43.0/24 maxlen: 24
193.182.113.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:42:bb:8b:17:e4:3f:7e:30:29:63:6c:74:f7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ceacaebf16fae62c03d73ee8af26e387c0a453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:07:83:95:8f:32:3f:23:f3:5b:0c:54:a4:
9c:9f:b4:4d:c7:de:54:2c:36:50:3f:bc:75:6b:42:
67:22:81:84:4a:3b:36:4f:98:9d:48:56:3e:60:51:
f9:40:7c:0b:2e:ec:a0:a6:b2:29:b6:41:3a:d0:07:
77:de:9e:99:55:ae:bc:77:d1:48:1f:02:41:e7:aa:
27:23:09:b1:3f:2b:cd:5a:51:e9:dc:77:57:71:0f:
b6:20:a3:50:1e:54:f5:45:57:22:59:fa:ba:e4:8a:
53:92:e9:b0:50:ab:2e:db:07:f7:5e:b5:27:56:99:
a2:1c:74:ec:e1:e8:5d:c9:4f:8e:2c:bf:68:c5:73:
36:66:37:a9:af:86:9e:1f:fd:1f:37:81:cb:f0:ef:
bc:e0:39:c4:55:a0:77:7e:55:37:ac:65:64:55:73:
4d:64:17:7e:02:cd:ba:df:0c:77:5b:45:7d:a2:b5:
b5:22:5c:99:46:69:46:d7:45:cd:e4:a4:05:fb:c1:
ec:09:e0:38:9b:6c:b2:a9:33:c8:17:3f:b2:72:ea:
af:ee:88:d9:42:5a:84:9b:79:30:b2:58:e4:7a:aa:
09:0d:68:2f:e0:f9:d2:4a:e3:03:89:46:41:80:fb:
55:3f:94:cf:bf:42:f1:89:79:0f:61:1d:88:86:84:
2a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:AC:AE:BF:16:FA:E6:2C:03:D7:3E:E8:AF:26:E3:87:C0:A4:53
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ac6srr8W-uYsA9c-6K8m44fApFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
192.176.43.0/24
193.182.113.0/24
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
56:a0:cd:91:be:cc:f2:00:5b:dc:61:99:dd:66:fc:1f:a1:c2:
97:c0:4a:5d:f6:1b:17:d7:ce:03:5b:f4:85:b2:ad:47:3b:32:
39:e1:a6:f9:13:78:59:b0:5a:b6:50:48:0e:19:46:5d:d1:1b:
e8:ad:dc:c6:70:23:b0:51:3b:f8:d7:d3:20:f8:04:c4:92:0b:
88:ab:50:1d:fc:4d:d3:be:91:23:c2:50:2a:c7:4a:3f:78:5a:
32:eb:63:15:6a:87:36:9b:e1:b1:85:af:d1:c0:1a:a5:8f:58:
90:4a:8f:0b:03:4e:0d:57:b1:ef:bf:79:fe:8a:ab:03:a1:78:
98:42:0c:0e:78:7d:8b:fc:09:56:c4:59:fa:32:c4:bc:d5:6d:
28:dc:ba:a2:44:62:bd:64:0f:b5:9f:7f:b8:fd:1d:14:79:a6:
11:90:55:9e:69:3a:eb:fb:0b:e8:e3:84:b2:dc:81:43:52:73:
09:e4:b3:a7:f1:93:41:6d:c9:ac:a9:22:44:d3:4a:23:9b:93:
d7:d0:eb:2d:35:5c:a5:fa:e3:b5:34:8b:d7:57:c2:72:91:3f:
6d:26:1f:76:62:0e:4d:ac:e7:a0:03:eb:7c:af:b5:2f:25:cf:
8b:fc:06:ef:b0:33:1e:78:2b:66:56:05:3c:18:bb:9e:ee:5e:
b3:4f:3b:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQnSEK7ixfkP34wKWNsdPfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNlYWNhZWJmMTZmYWU2MmMwM2Q3M2VlOGFmMjZlMzg3YzBhNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4MHg5WPMj8j81sMVKScn7RNx95U
LDZQP7x1a0JnIoGESjs2T5idSFY+YFH5QHwLLuygprIptkE60Ad33p6ZVa68d9FI
HwJB56onIwmxPyvNWlHp3HdXcQ+2IKNQHlT1RVciWfq65IpTkumwUKsu2wf3XrUn
VpmiHHTs4ehdyU+OLL9oxXM2Zjepr4aeH/0fN4HL8O+84DnEVaB3flU3rGVkVXNN
ZBd+As263wx3W0V9orW1IlyZRmlG10XN5KQF+8HsCeA4m2yyqTPIFz+ycuqv7ojZ
QlqEm3kwsljkeqoJDWgv4PnSSuMDiUZBgPtVP5TPv0LxiXkPYR2IhoQqtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGnOrK6/FvrmLAPXPuivJuOHwKRTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYWM2c3JyOFctdVlzQTljLTZLOG00NGZBcEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwLArAwQAwbZxAwQCwep4MA0GCSqGSIb3DQEBCwUAA4IBAQBW
oM2RvszyAFvcYZndZvwfocKXwEpd9hsX184DW/SFsq1HOzI54ab5E3hZsFq2UEgO
GUZd0RvordzGcCOwUTv419Mg+ATEkguIq1Ad/E3TvpEjwlAqx0o/eFoy62MVaoc2
m+Gxha/RwBqlj1iQSo8LA04NV7Hvv3n+iqsDoXiYQgwOeH2L/AlWxFn6MsS81W0o
3LqiRGK9ZA+1n3+4/R0UeaYRkFWeaTrr+wvo44Sy3IFDUnMJ5LOn8ZNBbcmsqSJE
00ojm5PX0OstNVyl+uO1NIvXV8JykT9tJh92Yg5NrOegA+t8r7UvJc+L/AbvsDMe
eCtmVgU8GLue7l6zTzv4
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:08 2025 by rpki-client