Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q914RbuiCBzcsSKDa6V3Um5ax_I.roa
File: q914RbuiCBzcsSKDa6V3Um5ax_I.roa (raw, json)
Hash identifier: bD9A6VobteSIcKNgfFMlVDwLGoSPK/yrOxj3uzmDA4M=
Subject key identifier: AB:DD:78:45:BB:A2:08:1C:DC:B1:22:83:6B:A5:77:52:6E:5A:C7:F2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427487D08BBD8994099DB24FCE39E8ECC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q914RbuiCBzcsSKDa6V3Um5ax_I.roa
Signing time: Thu 02 Jan 2025 13:50:49 +0000
ROA not before: Thu 02 Jan 2025 13:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209437
IP address blocks: 192.71.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:7d:08:bb:d8:99:40:99:db:24:fc:e3:9e:8e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abdd7845bba2081cdcb122836ba577526e5ac7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:11:88:e2:c1:6c:07:5f:42:ce:82:69:56:
1a:d8:4e:eb:fd:10:03:13:b6:b7:63:ab:7a:96:1e:
ea:37:d2:79:8c:5d:5a:2e:f4:54:c5:94:65:35:74:
26:d1:00:00:8e:86:1f:89:7c:98:a4:be:4d:e6:c4:
3d:3a:9e:33:df:a1:bb:11:92:4a:5e:1b:16:58:01:
80:97:02:bd:92:0f:04:f5:5d:07:38:06:d3:84:67:
7f:be:86:8b:2a:22:17:c2:c9:4d:64:24:07:ba:87:
fb:6f:44:1d:68:71:ba:ec:8b:7c:d1:e2:47:9e:e1:
c9:a1:6f:da:34:e5:7c:68:b5:51:24:8a:0a:0b:6d:
45:33:84:31:40:b6:32:a2:39:29:da:55:c7:e6:54:
13:5a:e1:77:ab:c2:de:ad:41:48:58:9e:c5:45:80:
ee:0d:dc:3a:a5:f7:02:11:37:ae:80:77:82:75:dc:
04:2f:08:42:78:3d:53:8e:16:8c:a4:ed:bd:d1:c6:
79:3c:44:9c:cd:9d:e8:94:d0:53:bc:b3:64:21:7a:
8c:5d:88:9b:ef:21:f1:18:6f:0a:d3:e4:1a:85:62:
ba:17:e7:8f:0e:fd:36:eb:82:24:13:f4:5c:4e:e0:
8e:79:cb:fb:f1:bf:cc:d4:13:1a:96:d5:94:09:94:
86:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DD:78:45:BB:A2:08:1C:DC:B1:22:83:6B:A5:77:52:6E:5A:C7:F2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/q914RbuiCBzcsSKDa6V3Um5ax_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.184.0/24
Signature Algorithm: sha256WithRSAEncryption
99:35:ee:ae:ff:d5:06:08:a8:17:b9:ec:bd:88:a3:1e:e2:82:
51:89:25:ac:fc:9f:c2:d5:54:7e:10:f0:f0:fb:90:92:8b:ac:
ea:65:17:3e:8e:ea:b6:f4:e2:ab:bc:ea:25:d2:5b:10:59:3a:
ef:91:0b:f4:80:e9:73:c8:31:2c:1c:8c:2d:17:98:63:65:79:
b9:e3:5e:9c:88:5a:ac:01:ce:7f:87:7a:38:e8:91:e1:7e:e4:
49:ee:9b:64:6d:2f:0b:d8:40:13:ea:0c:66:25:56:e1:f8:7a:
df:ea:6c:ac:61:77:e5:05:90:41:1d:87:67:e3:77:c1:b9:2e:
b4:ac:45:7f:aa:92:68:81:21:e3:f0:2e:f4:cf:6a:71:3f:79:
42:07:42:ec:c9:b9:cf:15:0d:b3:bd:6d:5e:0e:34:9f:24:29:
ef:fc:b9:0e:34:b3:d2:a3:47:f5:87:4d:2d:0e:fe:5c:3f:cb:
04:96:7e:1f:20:be:f8:59:e6:29:1e:8b:d7:d4:49:69:3f:db:
13:c5:9a:89:1c:d2:1f:4c:e7:c7:fd:56:80:2c:65:b2:d6:56:
6e:c9:03:0d:b2:39:08:6a:09:17:13:9f:5d:ea:2b:6e:39:ac:
75:97:c7:20:3d:22:94:d2:bd:3b:a2:48:84:5e:3d:fc:24:2f:
e3:b2:72:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSH0Iu9iZQJnbJPzjno7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRkNzg0NWJiYTIwODFjZGNiMTIyODM2YmE1Nzc1MjZlNWFjN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1ERiOLBbAdfQs6CaVYa2E7r/RAD
E7a3Y6t6lh7qN9J5jF1aLvRUxZRlNXQm0QAAjoYfiXyYpL5N5sQ9Op4z36G7EZJK
XhsWWAGAlwK9kg8E9V0HOAbThGd/voaLKiIXwslNZCQHuof7b0QdaHG67It80eJH
nuHJoW/aNOV8aLVRJIoKC21FM4QxQLYyojkp2lXH5lQTWuF3q8LerUFIWJ7FRYDu
Ddw6pfcCETeugHeCddwELwhCeD1TjhaMpO290cZ5PESczZ3olNBTvLNkIXqMXYib
7yHxGG8K0+QahWK6F+ePDv0264IkE/RcTuCOecv78b/M1BMaltWUCZSGIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvdeEW7oggc3LEig2uld1JuWsfyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcTkxNFJidWlDQnpjc1NLRGE2VjNVbTVheF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEe4MA0G
CSqGSIb3DQEBCwUAA4IBAQCZNe6u/9UGCKgXuey9iKMe4oJRiSWs/J/C1VR+EPDw
+5CSi6zqZRc+juq29OKrvOol0lsQWTrvkQv0gOlzyDEsHIwtF5hjZXm5416ciFqs
Ac5/h3o46JHhfuRJ7ptkbS8L2EAT6gxmJVbh+Hrf6mysYXflBZBBHYdn43fBuS60
rEV/qpJogSHj8C70z2pxP3lCB0LsybnPFQ2zvW1eDjSfJCnv/LkONLPSo0f1h00t
Dv5cP8sEln4fIL74WeYpHovX1ElpP9sTxZqJHNIfTOfH/VaALGWy1lZuyQMNsjkI
agkXE59d6ituOax1l8cgPSKU0r07okiEXj38JC/jsnJN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:15 2025 by rpki-client