Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sg68D0LmcFsppWpVOIHIKTVss2w.roa
File: sg68D0LmcFsppWpVOIHIKTVss2w.roa (raw, json)
Hash identifier: 1rLEinCvUmiaqIaSoatEAgdcCJSX7fvuAligbhI4gQ4=
Subject key identifier: B2:0E:BC:0F:42:E6:70:5B:29:A5:6A:55:38:81:C8:29:35:6C:B3:6C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E5B4AB0420448DAC0EDE98BE6E633AD56
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sg68D0LmcFsppWpVOIHIKTVss2w.roa
Signing time: Wed 20 Mar 2024 09:56:45 +0000
ROA not before: Wed 20 Mar 2024 09:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57630
IP address blocks: 192.71.0.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
193.181.34.0/24 maxlen: 24
193.183.20.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
193.234.94.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.234.144.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
194.71.0.0/23 maxlen: 23
194.71.219.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
194.103.95.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:4a:b0:42:04:48:da:c0:ed:e9:8b:e6:e6:33:ad:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 20 09:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20ebc0f42e6705b29a56a553881c829356cb36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:58:d7:2d:7b:fb:3c:5c:2e:fb:fa:87:66:8d:
48:04:e8:49:63:a0:48:b4:4f:97:ec:bb:5c:e0:5e:
c0:f2:54:16:e2:3a:bc:5a:78:13:bc:39:d1:03:85:
2e:1c:9f:81:93:d2:cb:5c:b1:38:20:c3:92:68:24:
42:67:5a:40:96:83:7e:39:f9:c1:73:c5:a2:f7:b4:
21:11:e4:b4:74:c6:ee:9c:87:95:44:67:7f:cd:75:
5a:0b:3d:1a:fd:cb:71:84:33:0c:d8:da:2f:47:91:
7b:6a:a9:87:9e:20:47:c6:2f:e6:4e:38:1e:42:3f:
61:e6:8d:4e:3f:ae:0f:e7:cc:23:3b:2c:89:73:51:
9a:28:a4:5d:20:2d:a7:a4:69:9a:4a:d2:cb:ef:31:
ec:7b:02:f4:b4:12:80:36:ba:2f:ce:75:9e:e4:1b:
01:98:2a:59:56:80:49:a1:8b:97:21:37:f1:d2:9e:
38:40:37:99:00:5f:39:ca:eb:4e:6c:25:eb:59:97:
e2:11:42:bd:0f:62:91:74:55:d5:83:29:f0:f0:78:
99:5c:8f:3c:a2:44:91:e4:64:c1:1d:e4:aa:b8:95:
90:2a:a2:0e:ca:a5:68:d2:f6:6d:a9:5d:60:1e:d5:
e5:14:56:43:00:22:3f:f1:ac:e6:fa:78:db:47:09:
57:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0E:BC:0F:42:E6:70:5B:29:A5:6A:55:38:81:C8:29:35:6C:B3:6C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/sg68D0LmcFsppWpVOIHIKTVss2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.71.0.0/23
194.71.219.0/24
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
16:82:a3:d4:02:e4:c8:0a:93:86:6a:90:6c:05:d1:a1:b9:af:
0f:54:2c:53:9f:cd:c8:7f:ca:29:ef:e7:d5:9b:cf:38:33:63:
86:1f:9e:41:90:86:49:ed:61:bd:da:58:26:5e:4d:58:c1:5e:
c0:53:51:ad:d5:07:5f:9f:9d:77:5f:ce:4d:24:a9:a5:8b:86:
de:65:9e:8f:9c:ce:e6:cb:05:fa:16:ff:b0:c2:01:63:47:4c:
21:90:ae:79:fa:49:78:7c:1c:ca:aa:15:70:74:09:7d:97:ee:
ef:b9:8c:16:4b:42:ea:ac:1b:75:ae:dc:93:b8:0e:2b:8c:a5:
77:d5:ff:47:41:61:1a:19:52:5a:53:42:e8:15:0d:29:be:b8:
6c:0e:e4:4f:7b:16:9f:5e:5b:24:80:41:d7:2f:88:13:ba:ed:
c1:63:ee:95:5a:f7:89:76:80:40:9e:19:1e:f7:3b:6b:ad:1c:
f5:ed:58:84:d7:2c:c0:76:04:96:f8:25:26:4b:14:70:ce:ba:
28:bb:e4:13:64:3a:5d:93:67:36:d3:43:be:23:56:61:91:9a:
db:07:40:9c:99:e6:b8:d2:3f:7b:d8:7f:c5:45:d8:63:b5:15:
6d:2d:3e:37:8c:6e:9d:73:1b:ea:6d:7f:d8:52:6f:6d:b5:76:
5f:89:2c:38
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY5bSrBCBEjawO3pi+bmM61WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzIwMDk1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBlYmMwZjQyZTY3MDViMjlhNTZhNTUzODgxYzgyOTM1NmNiMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgljXLXv7PFwu+/qHZo1IBOhJY6BI
tE+X7Ltc4F7A8lQW4jq8WngTvDnRA4UuHJ+Bk9LLXLE4IMOSaCRCZ1pAloN+OfnB
c8Wi97QhEeS0dMbunIeVRGd/zXVaCz0a/ctxhDMM2NovR5F7aqmHniBHxi/mTjge
Qj9h5o1OP64P58wjOyyJc1GaKKRdIC2npGmaStLL7zHsewL0tBKANrovznWe5BsB
mCpZVoBJoYuXITfx0p44QDeZAF85yutObCXrWZfiEUK9D2KRdFXVgynw8HiZXI88
okSR5GTBHeSquJWQKqIOyqVo0vZtqV1gHtXlFFZDACI/8azm+njbRwlX4QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFLIOvA9C5nBbKaVqVTiByCk1bLNsMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvc2c2OEQwTG1jRnNwcFdwVk9JSElLVFZzczJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBADA
RwADBADApQMDBAHApYYDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB6gMDBADB
6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADCRLUDBAHCRwADBADCR9sDBAHC
ZxADBADCZ18DBADCZ5EDBADCZ8UDBADChKQDBADChKYDBADChLowDQYJKoZIhvcN
AQELBQADggEBABaCo9QC5MgKk4ZqkGwF0aG5rw9ULFOfzch/yinv59WbzzgzY4Yf
nkGQhkntYb3aWCZeTVjBXsBTUa3VB1+fnXdfzk0kqaWLht5lno+czubLBfoW/7DC
AWNHTCGQrnn6SXh8HMqqFXB0CX2X7u+5jBZLQuqsG3Wu3JO4DiuMpXfV/0dBYRoZ
UlpTQugVDSm+uGwO5E97Fp9eWySAQdcviBO67cFj7pVa94l2gECeGR73O2utHPXt
WITXLMB2BJb4JSZLFHDOuii75BNkOl2TZzbTQ74jVmGRmtsHQJyZ5rjSP3vYf8VF
2GO1FW0tPjeMbp1zG+ptf9hSb221dl+JLDg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:39 2025 by rpki-client