Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ehPcd5ik2YyFs9H4qj0E7-EdTVg.roa
File: ehPcd5ik2YyFs9H4qj0E7-EdTVg.roa (raw, json)
Hash identifier: Wb5UgfFiMELpjLt2bf3BHFHjNKdUc6wuJECnaIg5Cvs=
Subject key identifier: 7A:13:DC:77:98:A4:D9:8C:85:B3:D1:F8:AA:3D:04:EF:E1:1D:4D:58
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAD377029C2FE71BCE0E2587E762E1
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ehPcd5ik2YyFs9H4qj0E7-EdTVg.roa
Signing time: Sun 01 Jan 2023 10:05:09 +0000
ROA not before: Sun 01 Jan 2023 10:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8674
IP address blocks: 192.165.72.0/24 maxlen: 24
194.68.132.0/24 maxlen: 24
192.36.144.0/24 maxlen: 24
192.71.53.0/24 maxlen: 24
192.71.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d3:77:02:9c:2f:e7:1b:ce:0e:25:87:e7:62:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a13dc7798a4d98c85b3d1f8aa3d04efe11d4d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:e4:f6:c9:8a:9f:bd:85:cb:6b:cc:68:e6:
91:18:48:7a:3a:bc:05:35:29:c6:90:66:9c:c4:eb:
05:8d:77:62:cc:49:83:e4:35:76:cd:68:aa:05:04:
23:5d:1c:38:bd:68:04:90:e2:9c:e2:76:a7:6c:b4:
35:4f:99:ab:03:8f:78:90:57:8c:28:88:9a:53:f2:
ee:91:96:43:6a:eb:c8:94:0d:6a:e6:50:72:2b:88:
33:61:1d:3c:14:f9:df:28:77:93:ad:1e:87:4c:f8:
ad:5d:ad:91:84:9a:7a:cd:24:a7:4e:75:88:51:27:
a5:93:24:bc:cf:a4:15:ca:af:28:91:34:91:11:90:
08:41:14:57:8a:3d:dc:f4:c1:09:c2:b6:b6:68:85:
d3:ce:6d:5a:12:32:38:c7:57:b1:f6:ca:43:7f:49:
d4:78:ef:f1:d1:11:e8:cf:30:56:9f:62:c8:db:08:
e1:c2:9b:9a:c8:a7:c9:ab:a0:a9:1f:f4:bb:ed:3c:
bb:5a:ab:b4:ba:94:f9:d1:87:a5:4f:a2:f1:30:62:
85:ee:52:d3:d1:0a:4a:bf:79:ed:f0:f0:22:43:b4:
94:33:ff:77:3c:4f:28:99:9a:28:1e:c0:98:4b:74:
58:4d:5c:ef:da:32:e1:b1:de:0f:45:ca:9e:f8:81:
28:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:13:DC:77:98:A4:D9:8C:85:B3:D1:F8:AA:3D:04:EF:E1:1D:4D:58
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ehPcd5ik2YyFs9H4qj0E7-EdTVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.144.0/24
192.71.53.0/24
192.71.80.0/24
192.165.72.0/24
194.68.132.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2f:fd:28:bd:bd:31:82:3d:9d:17:14:0c:d8:73:fb:f1:d9:
e6:17:96:68:99:29:57:5f:02:22:ae:c3:7c:90:cc:16:c2:55:
51:61:f2:e4:6a:cd:43:2b:c8:0f:3d:cb:0e:fc:b4:f3:74:e5:
76:5b:20:1c:eb:a2:54:5c:17:c4:f9:b3:02:51:cb:c0:de:03:
7e:10:d4:04:44:61:93:a4:28:c2:a2:d1:d0:fc:86:97:79:60:
4f:c1:83:16:2d:ab:8d:9b:64:bc:8c:a1:20:6b:a6:ca:ee:7d:
cf:0c:9a:dc:e1:db:f5:02:14:30:49:86:20:42:95:3e:d6:9f:
68:5c:a0:1f:83:ee:88:c4:c3:9c:28:5a:c0:2d:34:5c:0c:d7:
ba:e6:af:27:38:1e:9b:c3:7e:dd:a2:8f:ac:93:be:51:a6:5e:
2d:05:29:42:e0:e9:d9:ac:48:cd:ff:a4:7b:d3:6f:07:05:06:
8e:90:ed:fe:df:af:de:e1:15:52:6c:67:37:2e:15:3f:89:d0:
f6:d0:ad:d0:68:56:93:2a:03:9a:d4:e4:64:55:40:59:18:53:
43:94:6e:3f:03:cd:b7:9c:25:00:8d:77:a0:28:45:c4:33:16:
04:63:cb:3b:bf:de:9f:1a:a5:09:9c:26:ea:7d:04:79:b3:9d:
70:6f:07:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsytN3Apwv5xvODiWH52LhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEzZGM3Nzk4YTRkOThjODViM2QxZjhhYTNkMDRlZmUxMWQ0ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgDk9smKn72Fy2vMaOaRGEh6OrwF
NSnGkGacxOsFjXdizEmD5DV2zWiqBQQjXRw4vWgEkOKc4nanbLQ1T5mrA494kFeM
KIiaU/LukZZDauvIlA1q5lByK4gzYR08FPnfKHeTrR6HTPitXa2RhJp6zSSnTnWI
USelkyS8z6QVyq8okTSREZAIQRRXij3c9MEJwra2aIXTzm1aEjI4x1ex9spDf0nU
eO/x0RHozzBWn2LI2wjhwpuayKfJq6CpH/S77Ty7Wqu0upT50YelT6LxMGKF7lLT
0QpKv3nt8PAiQ7SUM/93PE8omZooHsCYS3RYTVzv2jLhsd4PRcqe+IEocQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHoT3HeYpNmMhbPR+Ko9BO/hHU1YMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZWhQY2Q1aWsyWXlGczlINHFqMEU3LUVkVFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCSQAwQA
wEc1AwQAwEdQAwQAwKVIAwQAwkSEMA0GCSqGSIb3DQEBCwUAA4IBAQBEL/0ovb0x
gj2dFxQM2HP78dnmF5ZomSlXXwIirsN8kMwWwlVRYfLkas1DK8gPPcsO/LTzdOV2
WyAc66JUXBfE+bMCUcvA3gN+ENQERGGTpCjCotHQ/IaXeWBPwYMWLauNm2S8jKEg
a6bK7n3PDJrc4dv1AhQwSYYgQpU+1p9oXKAfg+6IxMOcKFrALTRcDNe65q8nOB6b
w37doo+sk75Rpl4tBSlC4OnZrEjN/6R7028HBQaOkO3+36/e4RVSbGc3LhU/idD2
0K3QaFaTKgOa1ORkVUBZGFNDlG4/A823nCUAjXegKEXEMxYEY8s7v96fGqUJnCbq
fQR5s51wbweM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:10 2025 by rpki-client