Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rMZoGlm7J8U8pURJJ-Rd32en-q4.roa
File: rMZoGlm7J8U8pURJJ-Rd32en-q4.roa (raw, json)
Hash identifier: i8f9q85DgIIqodjleJg0VxAjbsy3w4ANalBtjKqmQBc=
Subject key identifier: AC:C6:68:1A:59:BB:27:C5:3C:A5:44:49:27:E4:5D:DF:67:A7:FA:AE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB0863CF7CA1EAE547FDFD6276A300
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rMZoGlm7J8U8pURJJ-Rd32en-q4.roa
Signing time: Sun 01 Jan 2023 10:05:23 +0000
ROA not before: Sun 01 Jan 2023 10:05:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204896
IP address blocks: 194.14.30.0/24 maxlen: 24
192.121.244.0/24 maxlen: 24
193.234.25.0/24 maxlen: 24
194.103.40.0/24 maxlen: 24
194.103.158.0/24 maxlen: 24
193.234.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:08:63:cf:7c:a1:ea:e5:47:fd:fd:62:76:a3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acc6681a59bb27c53ca5444927e45ddf67a7faae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:24:f6:7d:06:c5:a5:99:11:7d:69:a8:9f:
11:9c:22:43:61:37:56:ac:0b:70:f0:c0:09:97:bd:
8a:77:54:43:85:51:96:85:2e:0d:05:4b:f7:bf:6e:
09:68:17:25:f0:21:50:bb:82:c1:64:f1:98:c9:65:
31:6e:26:4e:ed:c9:1e:a5:53:9d:86:d5:34:ba:b5:
c2:96:ff:95:b6:e1:09:3e:b3:b0:17:66:4a:b0:36:
ab:69:a5:c3:44:96:f6:3e:d3:6f:90:14:a0:98:a9:
03:44:61:41:8a:7d:75:82:52:90:10:a0:49:05:46:
f4:7a:79:ff:38:fa:c5:44:9d:71:45:d9:36:d7:cc:
46:f0:a8:4c:c7:a2:59:a1:3a:9b:51:6c:5d:f4:5a:
0a:bc:5a:b7:c1:80:12:7b:9a:6a:74:97:e2:9a:79:
44:e5:6a:91:da:a2:d8:41:83:88:45:70:0b:65:3d:
63:da:02:af:2e:17:b8:a4:68:09:ca:dc:2c:44:87:
8b:e4:6c:9d:20:32:95:ad:87:98:1f:f3:d9:89:54:
83:78:a8:ae:0a:e3:84:11:06:39:f0:54:20:60:a7:
86:78:c2:72:76:8d:72:ae:f4:8d:b1:06:9b:0a:1b:
45:22:b0:a4:59:2a:d8:7f:65:9f:b8:09:8b:91:b4:
1b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C6:68:1A:59:BB:27:C5:3C:A5:44:49:27:E4:5D:DF:67:A7:FA:AE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rMZoGlm7J8U8pURJJ-Rd32en-q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.244.0/24
193.234.25.0/24
193.234.61.0/24
194.14.30.0/24
194.103.40.0/24
194.103.158.0/24
Signature Algorithm: sha256WithRSAEncryption
10:f8:be:4e:2b:03:32:d9:15:27:95:95:15:f5:81:e0:67:02:
e5:f1:1d:47:8d:16:4b:14:a2:a9:2a:00:a0:c4:23:6f:73:9d:
3f:d2:76:31:31:97:6f:58:0d:b1:5b:35:31:9e:5f:25:6e:d5:
f9:3b:5a:93:fa:2f:ab:60:db:4b:c4:e9:3f:78:f2:4f:95:62:
d8:9b:9c:7b:93:ee:52:e5:70:49:68:50:76:e5:0f:79:bf:0c:
2b:a3:dc:3e:a6:47:25:1f:8f:69:28:23:17:8b:cd:13:6b:3e:
9c:b8:c1:46:4f:a0:20:af:27:f0:6d:ca:81:06:0d:c4:68:05:
cf:81:c8:10:74:1e:f4:98:7d:ee:62:a0:3d:a9:70:0d:fd:6e:
13:c6:b4:ee:76:c0:fd:6e:8f:78:7b:d1:93:25:fe:53:ac:88:
24:1e:da:1c:39:89:6b:e0:b7:64:87:23:e6:2e:d7:4b:21:a3:
fe:9a:d5:04:eb:2b:a6:50:6f:69:d1:10:72:de:aa:ec:53:64:
74:6a:90:08:97:2e:49:6a:a8:c8:02:8f:39:a4:9f:9b:09:7e:
8f:bf:12:22:a9:d8:5e:9a:96:ee:33:f8:37:58:dc:4e:b7:3e:
89:ce:52:e1:24:27:e3:2b:1c:df:61:38:69:e3:a3:01:ff:a1:
7b:3d:c4:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsywhjz3yh6uVH/f1idqMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M2NjgxYTU5YmIyN2M1M2NhNTQ0NDkyN2U0NWRkZjY3YTdmYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr8k9n0GxaWZEX1pqJ8RnCJDYTdW
rAtw8MAJl72Kd1RDhVGWhS4NBUv3v24JaBcl8CFQu4LBZPGYyWUxbiZO7ckepVOd
htU0urXClv+VtuEJPrOwF2ZKsDaraaXDRJb2PtNvkBSgmKkDRGFBin11glKQEKBJ
BUb0enn/OPrFRJ1xRdk218xG8KhMx6JZoTqbUWxd9FoKvFq3wYASe5pqdJfimnlE
5WqR2qLYQYOIRXALZT1j2gKvLhe4pGgJytwsRIeL5GydIDKVrYeYH/PZiVSDeKiu
CuOEEQY58FQgYKeGeMJydo1yrvSNsQabChtFIrCkWSrYf2WfuAmLkbQbfwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKzGaBpZuyfFPKVESSfkXd9np/quMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvck1ab0dsbTdKOFU4cFVSSkotUmQzMmVuLXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwHn0AwQA
weoZAwQAweo9AwQAwg4eAwQAwmcoAwQAwmeeMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
+L5OKwMy2RUnlZUV9YHgZwLl8R1HjRZLFKKpKgCgxCNvc50/0nYxMZdvWA2xWzUx
nl8lbtX5O1qT+i+rYNtLxOk/ePJPlWLYm5x7k+5S5XBJaFB25Q95vwwro9w+pkcl
H49pKCMXi80Taz6cuMFGT6AgryfwbcqBBg3EaAXPgcgQdB70mH3uYqA9qXAN/W4T
xrTudsD9bo94e9GTJf5TrIgkHtocOYlr4LdkhyPmLtdLIaP+mtUE6yumUG9p0RBy
3qrsU2R0apAIly5JaqjIAo85pJ+bCX6PvxIiqdhempbuM/g3WNxOtz6JzlLhJCfj
KxzfYThp46MB/6F7PcRC
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:08 2025 by rpki-client