Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/f_yTznNLqhFi-Ab0qd4xohS3p2U.roa
File: f_yTznNLqhFi-Ab0qd4xohS3p2U.roa (raw, json)
Hash identifier: r/6fUswXJ3mNkPKvOv3ehAP0XDVobGMKwGjD1h1GIFc=
Subject key identifier: 7F:FC:93:CE:73:4B:AA:11:62:F8:06:F4:A9:DE:31:A2:14:B7:A7:65
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194B22A579E547935918FCF3F062D461324
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/f_yTznNLqhFi-Ab0qd4xohS3p2U.roa
Signing time: Wed 29 Jan 2025 13:05:06 +0000
ROA not before: Wed 29 Jan 2025 13:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201216
IP address blocks: 192.121.57.0/24 maxlen: 24
192.121.59.0/24 maxlen: 24
193.181.192.0/24 maxlen: 24
193.183.145.0/24 maxlen: 24
193.183.146.0/24 maxlen: 24
194.14.35.0/24 maxlen: 24
194.14.39.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.132.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:2a:57:9e:54:79:35:91:8f:cf:3f:06:2d:46:13:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 29 13:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ffc93ce734baa1162f806f4a9de31a214b7a765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:06:09:86:d2:c7:4d:96:27:95:0e:a8:db:a1:
e0:fb:16:cb:86:a2:7f:2e:e3:65:3a:72:b1:59:d1:
dd:9e:6b:6b:9e:94:71:bf:22:8c:66:45:de:17:21:
68:72:8e:fc:53:5d:f2:f9:2c:c1:c6:35:72:3d:75:
7d:4c:14:b1:df:15:c4:a3:8a:a6:03:26:77:5d:51:
c4:a1:7f:21:b8:28:0f:b0:03:1e:84:53:53:b8:7a:
a8:a9:68:59:e2:d3:8a:3d:88:61:6b:cb:64:27:7a:
06:85:82:a1:5f:10:da:98:93:e3:44:88:70:3a:fc:
10:66:70:40:68:73:49:10:29:2f:77:e9:c1:c2:cc:
04:2c:52:e4:8c:aa:26:d0:65:7d:53:9b:4c:0e:32:
fa:d3:2d:51:70:92:06:1a:2f:43:71:a2:bf:66:a5:
4d:22:84:6b:11:21:e3:a1:6c:40:db:88:10:5d:5c:
76:8d:b2:85:5a:e6:29:4d:cd:e9:89:a1:8e:f1:87:
4b:13:a6:7d:97:b3:33:86:d4:ff:a0:fc:bf:f6:ae:
1c:60:0c:e6:db:6e:78:25:e7:da:40:86:a9:d3:6c:
2c:c1:7f:32:86:e8:4f:b1:45:c0:b2:2b:cf:06:03:
a6:bb:bb:84:d4:09:fe:01:fe:c5:dc:9b:a0:11:df:
39:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FC:93:CE:73:4B:AA:11:62:F8:06:F4:A9:DE:31:A2:14:B7:A7:65
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/f_yTznNLqhFi-Ab0qd4xohS3p2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.57.0/24
192.121.59.0/24
193.181.192.0/24
193.183.145.0-193.183.146.255
194.14.35.0/24
194.14.39.0/24
194.68.37.0-194.68.38.255
194.132.29.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:81:dd:5b:52:48:3b:d2:52:b4:4c:a1:fc:b9:ca:29:f1:aa:
81:c8:84:bf:b1:67:04:ab:55:b2:6c:84:db:92:0e:1e:67:69:
5a:14:ea:a5:ff:9c:09:56:73:a1:81:93:c9:5b:ca:57:e3:ca:
e6:9d:73:45:dc:6a:fb:74:5e:b4:d8:d8:2a:be:08:15:ee:24:
e7:12:5d:82:85:ea:26:10:7a:b8:42:da:bf:d4:96:04:e6:53:
d6:15:32:54:a6:4c:3a:b0:bd:61:9d:83:90:26:e2:4e:52:f7:
84:6c:98:04:f4:52:c6:22:a4:fe:c9:28:58:97:e9:60:e6:d3:
a9:70:f6:4f:07:24:45:e4:43:68:68:50:81:e4:11:e7:b2:37:
52:44:4e:60:01:7b:4e:4a:e2:cd:5e:92:2a:27:3a:6c:aa:c4:
74:54:30:bc:4b:b2:53:52:49:a2:a5:2e:ee:0c:3f:c3:ad:2e:
74:65:48:2c:1d:d1:9a:4e:78:de:6d:27:78:47:88:42:38:0f:
40:2c:bc:bd:f3:3e:73:e5:ad:8d:bd:b2:7c:d4:6a:a7:75:ae:
39:2c:db:a2:e7:71:4f:7f:82:fd:b2:a5:2d:a1:0c:f9:5e:11:
5d:a9:78:a5:0f:01:07:35:32:39:71:d8:64:98:f3:c8:31:1d:
1d:50:a8:56
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZSyKleeVHk1kY/PPwYtRhMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTI5MTMwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmZjOTNjZTczNGJhYTExNjJmODA2ZjRhOWRlMzFhMjE0YjdhNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQYJhtLHTZYnlQ6o26Hg+xbLhqJ/
LuNlOnKxWdHdnmtrnpRxvyKMZkXeFyFoco78U13y+SzBxjVyPXV9TBSx3xXEo4qm
AyZ3XVHEoX8huCgPsAMehFNTuHqoqWhZ4tOKPYhha8tkJ3oGhYKhXxDamJPjRIhw
OvwQZnBAaHNJECkvd+nBwswELFLkjKom0GV9U5tMDjL60y1RcJIGGi9DcaK/ZqVN
IoRrESHjoWxA24gQXVx2jbKFWuYpTc3piaGO8YdLE6Z9l7MzhtT/oPy/9q4cYAzm
2254JefaQIap02wswX8yhuhPsUXAsivPBgOmu7uE1An+Af7F3JugEd853wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFH/8k85zS6oRYvgG9KneMaIUt6dlMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZl95VHpuTkxxaEZpLUFiMHFkNHhvaFMzcDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAwHk5AwQA
wHk7AwQAwbXAMAwDBADBt5EDBADBt5IDBADCDiMDBADCDicwDAMEAMJEJQMEAMJE
JgMEAMKEHTANBgkqhkiG9w0BAQsFAAOCAQEAyoHdW1JIO9JStEyh/LnKKfGqgciE
v7FnBKtVsmyE25IOHmdpWhTqpf+cCVZzoYGTyVvKV+PK5p1zRdxq+3RetNjYKr4I
Fe4k5xJdgoXqJhB6uELav9SWBOZT1hUyVKZMOrC9YZ2DkCbiTlL3hGyYBPRSxiKk
/skoWJfpYObTqXD2TwckReRDaGhQgeQR57I3UkROYAF7TkrizV6SKic6bKrEdFQw
vEuyU1JJoqUu7gw/w60udGVILB3Rmk543m0neEeIQjgPQCy8vfM+c+Wtjb2yfNRq
p3WuOSzboudxT3+C/bKlLaEM+V4RXal4pQ8BBzUyOXHYZJjzyDEdHVCoVg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:28 2025 by rpki-client