Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iYlkJwjssha0Hbc8TPgKzhodX1s.roa
File: iYlkJwjssha0Hbc8TPgKzhodX1s.roa (raw, json)
Hash identifier: xL7jR7QPu6v+i8Ee5c96dLJMGDwTZ5IT/8WAPShbfgo=
Subject key identifier: 89:89:64:27:08:EC:B2:16:B4:1D:B7:3C:4C:F8:0A:CE:1A:1D:5F:5B
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB05B807E44DECBADAB8D3E1D08AAF
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iYlkJwjssha0Hbc8TPgKzhodX1s.roa
Signing time: Sun 01 Jan 2023 10:05:22 +0000
ROA not before: Sun 01 Jan 2023 10:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203052
IP address blocks: 193.234.128.0/21 maxlen: 21
192.176.224.0/22 maxlen: 22
194.132.72.0/22 maxlen: 22
193.180.76.0/22 maxlen: 22
192.121.204.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:05:b8:07:e4:4d:ec:ba:da:b8:d3:e1:d0:8a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8989642708ecb216b41db73c4cf80ace1a1d5f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:71:7c:53:18:a5:42:92:c6:47:28:cc:8e:2c:
e2:8e:24:8e:48:df:99:7b:94:6b:a6:6f:42:46:d6:
04:66:f4:2c:b7:31:09:a9:d3:83:63:4e:b3:f7:5d:
4c:01:e1:cc:b5:ba:0b:d0:7b:f6:6b:2c:34:92:1e:
70:c1:8f:ea:69:9d:49:91:3a:16:b9:e5:76:fb:ad:
22:e4:9a:0d:b0:25:11:bb:42:24:a7:0e:21:70:72:
1e:31:d4:56:74:db:01:e3:fb:19:24:dc:5d:6e:cb:
ae:bd:7c:dd:1d:39:a9:30:59:47:e2:f5:ab:ba:ce:
7e:fd:18:ed:dc:52:8d:74:5e:9a:fd:bd:b4:ee:d8:
46:ff:52:6c:93:96:9b:a6:8f:ed:4b:53:d2:08:72:
c5:53:b7:da:17:f5:93:cb:fa:63:9b:88:69:31:fe:
b4:0c:57:b0:01:31:b5:13:6a:c9:b5:65:1f:6c:55:
f7:29:37:c5:a4:d8:68:9b:5d:11:9b:7b:b0:61:29:
cd:96:92:8c:ae:78:04:ae:cb:3b:46:aa:c7:97:21:
8c:f9:57:b8:9a:92:44:bc:03:04:1e:84:78:ac:89:
8d:ba:9d:c6:5c:1c:0b:9b:a5:31:a4:e5:c8:7c:47:
a2:c9:10:45:06:b1:30:91:c4:b2:e6:3d:6d:5b:92:
98:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:89:64:27:08:EC:B2:16:B4:1D:B7:3C:4C:F8:0A:CE:1A:1D:5F:5B
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/iYlkJwjssha0Hbc8TPgKzhodX1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.204.0/22
192.176.224.0/22
193.180.76.0/22
193.234.128.0/21
194.132.72.0/22
Signature Algorithm: sha256WithRSAEncryption
96:db:eb:87:57:0e:73:9e:b2:1c:ad:7d:23:b5:c5:64:61:5c:
28:c8:30:7f:36:55:49:74:a6:98:30:ca:a9:76:aa:c8:16:77:
8e:6b:b7:50:e0:32:3f:76:79:46:8b:c3:cc:0a:7f:9f:ea:78:
c3:a0:5c:6d:0f:92:8f:74:58:20:43:7f:ff:d9:d0:67:2a:89:
e1:fc:b2:ba:cb:c2:28:8f:a9:5e:ad:86:18:84:58:f0:f6:c5:
91:f3:5e:0d:9e:cd:22:73:13:e1:8e:62:20:a0:cc:ab:c3:cc:
2b:85:c3:62:f0:87:74:4a:7f:6c:80:e2:b6:1f:6c:cc:93:82:
82:25:cd:67:98:9d:9e:0f:61:d6:1b:8d:d3:90:c9:a5:fa:e9:
b8:c3:26:a1:20:63:cf:a7:47:b9:3c:fb:d9:ad:ba:96:2e:89:
de:fa:25:7c:59:40:a5:63:dc:80:ea:7f:35:b3:91:6d:3a:59:
09:ae:c3:41:99:b3:75:51:bf:0e:77:fe:8e:58:e5:38:a6:a9:
8c:e3:22:88:0d:5f:bd:d8:87:d4:6f:80:bf:39:38:00:69:b5:
0b:11:78:f8:45:bd:a8:1d:18:2b:af:76:a2:1f:e1:9b:de:50:
c4:82:bc:34:c0:ae:4d:d7:2d:c0:91:ad:ae:a5:21:ff:82:d5:
02:38:ce:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsywW4B+RN7LrauNPh0IqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTg5NjQyNzA4ZWNiMjE2YjQxZGI3M2M0Y2Y4MGFjZTFhMWQ1ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3F8UxilQpLGRyjMjizijiSOSN+Z
e5Rrpm9CRtYEZvQstzEJqdODY06z911MAeHMtboL0Hv2ayw0kh5wwY/qaZ1JkToW
ueV2+60i5JoNsCURu0Ikpw4hcHIeMdRWdNsB4/sZJNxdbsuuvXzdHTmpMFlH4vWr
us5+/Rjt3FKNdF6a/b207thG/1Jsk5abpo/tS1PSCHLFU7faF/WTy/pjm4hpMf60
DFewATG1E2rJtWUfbFX3KTfFpNhom10Rm3uwYSnNlpKMrngErss7RqrHlyGM+Ve4
mpJEvAMEHoR4rImNup3GXBwLm6UxpOXIfEeiyRBFBrEwkcSy5j1tW5KYEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFImJZCcI7LIWtB23PEz4Cs4aHV9bMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaVlsa0p3anNzaGEwSGJjOFRQZ0t6aG9kWDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwHnMAwQC
wLDgAwQCwbRMAwQDweqAAwQCwoRIMA0GCSqGSIb3DQEBCwUAA4IBAQCW2+uHVw5z
nrIcrX0jtcVkYVwoyDB/NlVJdKaYMMqpdqrIFneOa7dQ4DI/dnlGi8PMCn+f6njD
oFxtD5KPdFggQ3//2dBnKonh/LK6y8Ioj6lerYYYhFjw9sWR814Nns0icxPhjmIg
oMyrw8wrhcNi8Id0Sn9sgOK2H2zMk4KCJc1nmJ2eD2HWG43TkMml+um4wyahIGPP
p0e5PPvZrbqWLone+iV8WUClY9yA6n81s5FtOlkJrsNBmbN1Ub8Od/6OWOU4pqmM
4yKIDV+92IfUb4C/OTgAabULEXj4Rb2oHRgrr3aiH+Gb3lDEgrw0wK5N1y3Aka2u
pSH/gtUCOM4J
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:44 2025 by rpki-client