Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fYp9Ur4SRbIcXYEzqoi4waWQL2U.roa
File: fYp9Ur4SRbIcXYEzqoi4waWQL2U.roa (raw, json)
Hash identifier: gEQ2ZrEYgqpLJ5TWzFBKqz8HpcxP5KJj/PhZ/n4v1c8=
Subject key identifier: 7D:8A:7D:52:BE:12:45:B2:1C:5D:81:33:AA:88:B8:C1:A5:90:2F:65
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E0E6E6B18D17BC9BE132408CD1B041472
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fYp9Ur4SRbIcXYEzqoi4waWQL2U.roa
Signing time: Tue 05 Mar 2024 11:45:01 +0000
ROA not before: Tue 05 Mar 2024 11:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:6e:6b:18:d1:7b:c9:be:13:24:08:cd:1b:04:14:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 5 11:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8a7d52be1245b21c5d8133aa88b8c1a5902f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:28:75:de:c8:e2:58:7e:15:5b:35:40:85:
6c:1e:7f:a1:6e:ef:01:1c:fe:93:c2:d9:9e:76:d6:
7b:2b:53:6d:25:b4:23:69:10:45:78:fa:f6:95:f5:
6d:67:61:43:b5:e1:3c:3c:7c:7d:b5:32:90:72:cb:
ef:3f:77:0c:5e:36:84:49:0a:bf:ec:52:9b:6b:ce:
ee:ab:9b:38:c9:21:e5:13:4a:91:38:fc:1c:36:cd:
8a:3d:e2:b2:16:75:73:c8:26:9c:8d:1d:dd:9a:1b:
5c:11:fb:68:2d:60:ab:48:4c:e1:08:80:55:4e:97:
83:49:2b:2a:73:ea:1a:1a:c7:a3:92:bf:2f:13:7b:
75:42:46:36:94:49:a0:34:1a:a1:88:59:71:03:fd:
17:dc:91:f3:a1:52:c7:d0:b8:7e:b5:aa:4b:4d:d3:
3b:fa:c5:9d:85:b5:f7:a5:eb:9e:25:f5:d4:ad:4f:
f7:7f:fe:8a:a1:6d:aa:47:80:de:d8:b7:c4:0f:6b:
c6:6e:92:67:67:c8:6e:9f:89:db:aa:c2:bb:f1:a1:
84:3a:ac:ca:f9:5a:3e:cc:4e:9e:aa:e4:de:34:00:
79:af:c6:ec:9f:42:9a:be:f0:96:8b:30:42:71:d1:
5d:65:09:90:be:3d:e5:d4:12:ae:e8:71:62:cc:2b:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8A:7D:52:BE:12:45:B2:1C:5D:81:33:AA:88:B8:C1:A5:90:2F:65
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fYp9Ur4SRbIcXYEzqoi4waWQL2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.192.0/24
193.180.61.0/24
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.108.0/23
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:ac:bc:01:ff:8b:94:1d:c7:25:19:ee:b6:27:20:ac:2c:fe:
6e:40:79:f4:a1:ad:48:87:70:0d:3a:5a:47:8b:6d:e1:46:ca:
32:c9:bc:62:39:89:cc:f2:72:51:d1:50:98:3e:54:bf:e7:d1:
6a:4b:68:21:7c:63:af:f2:f0:5f:f2:ef:1a:33:b5:d1:af:12:
e6:f8:76:0e:da:aa:67:2d:12:0f:2f:be:7c:b2:6f:58:30:d0:
85:32:30:1e:b7:68:57:47:b9:b1:7c:ec:54:1b:4f:d7:d4:6d:
23:48:e3:53:89:24:e9:cc:f1:75:07:9f:39:8f:6d:3f:33:9a:
10:32:20:7e:1a:7d:63:70:22:04:89:f9:75:79:56:77:4e:f1:
8c:ea:9a:14:d2:91:4f:4e:e5:25:e3:34:3e:da:a4:96:3f:80:
c2:e5:40:03:e6:33:dc:39:2c:f2:fb:87:9e:7a:66:aa:6e:26:
e1:04:d0:b8:0d:e3:b7:52:a7:99:70:3e:4e:7b:1c:49:55:c9:
e3:18:5e:22:69:e0:21:09:6f:64:2f:b4:56:c2:6f:5a:d7:cf:
06:32:1a:a8:08:db:f9:ba:86:7f:ab:a5:73:90:16:56:31:14:
4e:7b:be:57:f1:e7:72:0e:3b:fa:c0:aa:bf:ab:4d:e5:7f:72:
6e:a6:44:87
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY4ObmsY0XvJvhMkCM0bBBRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzA1MTE0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhhN2Q1MmJlMTI0NWIyMWM1ZDgxMzNhYTg4YjhjMWE1OTAyZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld0odd7I4lh+FVs1QIVsHn+hbu8B
HP6TwtmedtZ7K1NtJbQjaRBFePr2lfVtZ2FDteE8PHx9tTKQcsvvP3cMXjaESQq/
7FKba87uq5s4ySHlE0qROPwcNs2KPeKyFnVzyCacjR3dmhtcEftoLWCrSEzhCIBV
TpeDSSsqc+oaGsejkr8vE3t1QkY2lEmgNBqhiFlxA/0X3JHzoVLH0Lh+tapLTdM7
+sWdhbX3peueJfXUrU/3f/6KoW2qR4De2LfED2vGbpJnZ8hun4nbqsK78aGEOqzK
+Vo+zE6equTeNAB5r8bsn0KavvCWizBCcdFdZQmQvj3l1BKu6HFizCvOwwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFH2KfVK+EkWyHF2BM6qIuMGlkC9lMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZllwOVVyNFNSYkljWFlFenFvaTR3YVdRTDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwEeeAwQA
wHnAAwQAwbQ9AwQAwertAwQAwg6BAwQBwkQ4AwQAwkRjAwQAwkR+AwQAwkcbAwQA
wkdTAwQBwkeMAwQDwkf4AwQBwoRsAwQAwoSuMA0GCSqGSIb3DQEBCwUAA4IBAQCf
rLwB/4uUHcclGe62JyCsLP5uQHn0oa1Ih3ANOlpHi23hRsoyybxiOYnM8nJR0VCY
PlS/59FqS2ghfGOv8vBf8u8aM7XRrxLm+HYO2qpnLRIPL758sm9YMNCFMjAet2hX
R7mxfOxUG0/X1G0jSONTiSTpzPF1B585j20/M5oQMiB+Gn1jcCIEifl1eVZ3TvGM
6poU0pFPTuUl4zQ+2qSWP4DC5UAD5jPcOSzy+4eeemaqbibhBNC4DeO3UqeZcD5O
exxJVcnjGF4iaeAhCW9kL7RWwm9a188GMhqoCNv5uoZ/q6VzkBZWMRROe75X8edy
Djv6wKq/q03lf3JupkSH
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:20 2025 by rpki-client