Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAWtOIA-9rVcRPabKX_eCOyJNxY.roa
File: tAWtOIA-9rVcRPabKX_eCOyJNxY.roa (raw, json)
Hash identifier: ZH8PRzhpCZvlIQaSRLitxOQZN95hwben4+9LeQe+9/I=
Subject key identifier: B4:05:AD:38:80:3E:F6:B5:5C:44:F6:9B:29:7F:DE:08:EC:89:37:16
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DF50F795B890ABC3BF69A6E83ABE5DEF3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAWtOIA-9rVcRPabKX_eCOyJNxY.roa
Signing time: Thu 29 Feb 2024 13:30:48 +0000
ROA not before: Thu 29 Feb 2024 13:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49769
IP address blocks: 192.165.152.0/22 maxlen: 22
192.165.152.0/24 maxlen: 24
192.165.153.0/24 maxlen: 24
192.165.154.0/24 maxlen: 24
192.165.155.0/24 maxlen: 24
192.165.156.0/24 maxlen: 24
192.165.158.0/23 maxlen: 23
193.235.1.0/24 maxlen: 24
193.235.2.0/23 maxlen: 23
193.235.2.0/24 maxlen: 24
193.235.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:0f:79:5b:89:0a:bc:3b:f6:9a:6e:83:ab:e5:de:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 29 13:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b405ad38803ef6b55c44f69b297fde08ec893716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3e:81:d1:d1:93:e3:bc:8c:2c:26:4c:3d:c1:
52:25:f5:d0:b2:7f:ea:65:d3:be:11:36:ea:f8:e6:
0c:74:84:0e:7f:73:76:0a:42:c1:31:bd:a8:6d:4a:
6a:42:62:99:a5:c2:9c:56:1a:af:9a:f1:78:0a:a0:
0e:42:dd:87:da:41:59:23:bb:5f:b9:ef:d9:7c:f8:
25:2f:ea:70:58:31:9a:23:f9:56:81:78:33:e7:e1:
3c:3c:a6:f4:51:a8:46:ff:41:7a:27:52:10:3b:01:
67:66:87:06:ae:ed:5f:f9:5d:04:75:2a:17:44:a4:
75:cd:a8:32:24:f5:d1:6d:6f:d5:f0:c2:ed:43:18:
d2:69:15:7d:2a:1b:ef:7a:68:ab:0e:fc:1f:2d:fb:
fa:72:25:63:0e:ad:b9:e2:9f:80:d5:f1:bb:56:77:
ff:bc:98:fe:be:94:56:06:d0:0e:b2:59:d7:d2:90:
a1:bb:1e:cd:1b:26:c6:ec:28:0f:24:4a:61:3e:78:
ac:56:3a:38:e5:30:00:f4:be:9c:55:df:f2:89:e1:
a2:95:17:17:f2:33:ec:e4:ed:c0:e0:df:20:5a:87:
72:ff:43:a6:b5:1a:c2:56:3b:f9:db:e5:70:40:c9:
88:a8:dd:13:59:92:0e:7f:29:1e:b3:f4:fc:7a:96:
7f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:05:AD:38:80:3E:F6:B5:5C:44:F6:9B:29:7F:DE:08:EC:89:37:16
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/tAWtOIA-9rVcRPabKX_eCOyJNxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.152.0-192.165.156.255
192.165.158.0/23
193.235.1.0-193.235.3.255
Signature Algorithm: sha256WithRSAEncryption
57:b0:ce:c3:29:0e:ba:c4:a5:36:a1:9c:5e:09:47:e3:7b:7b:
1e:ed:25:dd:cd:8f:a0:c4:34:da:35:87:61:1e:8a:2d:4c:ca:
b5:d5:e2:43:ec:b0:9a:28:a1:54:30:bf:e1:3a:79:38:f6:c8:
5c:00:eb:fa:32:c6:c5:45:41:9b:32:b8:3e:84:ae:13:2d:8e:
b7:86:3e:07:89:b2:0e:1e:ae:c5:af:0c:42:05:9e:50:0f:4b:
7b:84:00:69:89:7c:18:fe:f2:a2:62:6b:75:55:2e:b2:56:1d:
a4:92:3a:42:8c:44:20:c2:98:3b:2f:75:0b:12:b2:2a:f4:f1:
6d:f5:82:93:c6:8c:bb:23:11:f9:b0:6a:a5:cb:2d:8e:16:58:
b0:bd:e0:8f:ff:51:28:95:c7:2a:db:b3:2a:0c:22:ce:80:ec:
5b:6a:6b:e7:d0:75:95:25:ab:b5:72:29:8d:07:9e:13:8b:6c:
50:fd:19:04:f4:80:69:b6:ad:3b:a5:a5:1b:dd:94:19:d0:b3:
36:06:04:4f:44:6c:4b:f6:54:29:ff:e6:35:6d:ac:e8:8f:8f:
6b:72:92:cc:47:33:2b:84:83:33:a1:44:e8:87:e8:ad:82:4f:
bf:56:75:93:5f:6c:23:69:21:26:36:57:80:cf:45:f0:f3:02:
f5:47:42:52
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY31D3lbiQq8O/aaboOr5d7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjI5MTMzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA1YWQzODgwM2VmNmI1NWM0NGY2OWIyOTdmZGUwOGVjODkzNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz6B0dGT47yMLCZMPcFSJfXQsn/q
ZdO+ETbq+OYMdIQOf3N2CkLBMb2obUpqQmKZpcKcVhqvmvF4CqAOQt2H2kFZI7tf
ue/ZfPglL+pwWDGaI/lWgXgz5+E8PKb0UahG/0F6J1IQOwFnZocGru1f+V0EdSoX
RKR1zagyJPXRbW/V8MLtQxjSaRV9KhvvemirDvwfLfv6ciVjDq254p+A1fG7Vnf/
vJj+vpRWBtAOslnX0pChux7NGybG7CgPJEphPnisVjo45TAA9L6cVd/yieGilRcX
8jPs5O3A4N8gWody/0OmtRrCVjv52+VwQMmIqN0TWZIOfykes/T8epZ/LwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLQFrTiAPva1XET2myl/3gjsiTcWMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdEFXdE9JQS05clZjUlBhYktYX2VDT3lKTnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAPApZgD
BADApZwDBAHApZ4wDAMEAMHrAQMEAsHrADANBgkqhkiG9w0BAQsFAAOCAQEAV7DO
wykOusSlNqGcXglH43t7Hu0l3c2PoMQ02jWHYR6KLUzKtdXiQ+ywmiihVDC/4Tp5
OPbIXADr+jLGxUVBmzK4PoSuEy2Ot4Y+B4myDh6uxa8MQgWeUA9Le4QAaYl8GP7y
omJrdVUuslYdpJI6QoxEIMKYOy91CxKyKvTxbfWCk8aMuyMR+bBqpcstjhZYsL3g
j/9RKJXHKtuzKgwizoDsW2pr59B1lSWrtXIpjQeeE4tsUP0ZBPSAabatO6WlG92U
GdCzNgYET0RsS/ZUKf/mNW2s6I+Pa3KSzEczK4SDM6FE6IforYJPv1Z1k19sI2kh
JjZXgM9F8PMC9UdCUg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:41 2025 by rpki-client