Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xAD0_1QmumRxv79bn3hDDHI0NAU.roa
File: xAD0_1QmumRxv79bn3hDDHI0NAU.roa (raw, json)
Hash identifier: dS4wi5AixKIk8eM95k5EluoAgfbSc4kRt/1uaBMEraU=
Subject key identifier: C4:00:F4:FF:54:26:BA:64:71:BF:BF:5B:9F:78:43:0C:72:34:34:05
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01948E2AA4014E41081E430692906064654F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xAD0_1QmumRxv79bn3hDDHI0NAU.roa
Signing time: Wed 22 Jan 2025 13:19:06 +0000
ROA not before: Wed 22 Jan 2025 13:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 192.36.44.0/23 maxlen: 24
192.71.132.0/23 maxlen: 24
192.71.134.0/23 maxlen: 24
192.71.178.0/23 maxlen: 24
192.121.79.0/24 maxlen: 24
192.165.101.0/24 maxlen: 24
192.165.117.0/24 maxlen: 24
192.165.118.0/24 maxlen: 24
192.176.2.0/24 maxlen: 24
192.176.131.0/24 maxlen: 24
192.176.132.0/23 maxlen: 24
192.176.148.0/23 maxlen: 24
192.176.162.0/23 maxlen: 24
194.14.63.0/24 maxlen: 24
194.14.66.0/23 maxlen: 24
194.14.70.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:2a:a4:01:4e:41:08:1e:43:06:92:90:60:64:65:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 22 13:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c400f4ff5426ba6471bfbf5b9f78430c72343405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:8a:40:f6:53:bb:24:a0:0a:11:6a:54:b1:
22:db:e8:69:8e:1e:7e:ce:d1:f2:f5:ec:39:d9:d8:
b3:0d:65:27:bc:c5:b7:01:73:36:c9:c1:ee:89:44:
97:86:d8:d7:8b:8e:00:fd:05:9c:dc:85:7a:23:78:
7a:63:bd:4b:d4:13:b0:49:09:26:df:f1:bc:d1:ea:
53:5b:98:25:fc:dc:d6:0d:7d:66:5b:42:48:77:0f:
b5:9b:c5:75:b9:75:ec:ed:ef:a6:d0:5e:12:fe:83:
3f:cd:17:cc:64:8b:f7:04:47:0b:2d:70:0d:04:35:
13:56:6e:10:09:7e:7d:79:cf:b1:fa:20:b8:0f:cc:
cb:d9:c4:04:10:28:88:25:fb:2e:5f:99:73:03:63:
85:5f:48:c4:25:ba:3c:0c:60:7a:e4:ee:a7:2c:6d:
fc:ae:15:6b:f0:71:a5:81:f5:36:ad:68:56:7f:a2:
28:c7:f3:43:19:cc:09:71:be:1f:d2:e2:f8:bf:f7:
2f:07:8e:00:c7:58:d9:1e:0c:0b:4d:85:ff:ad:4e:
80:e9:d1:25:98:4e:70:63:bf:25:f5:c0:11:85:f8:
12:b2:a3:ef:e8:ea:43:1a:7c:af:0d:7b:c9:cf:88:
26:89:8c:90:51:41:c1:06:fe:eb:61:df:8b:8b:a4:
a2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:00:F4:FF:54:26:BA:64:71:BF:BF:5B:9F:78:43:0C:72:34:34:05
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xAD0_1QmumRxv79bn3hDDHI0NAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.44.0/23
192.71.132.0/22
192.71.178.0/23
192.121.79.0/24
192.165.101.0/24
192.165.117.0-192.165.118.255
192.176.2.0/24
192.176.131.0-192.176.133.255
192.176.148.0/23
192.176.162.0/23
194.14.63.0/24
194.14.66.0/23
194.14.70.0/23
Signature Algorithm: sha256WithRSAEncryption
33:6c:2b:8a:7a:1e:a3:a4:83:e5:72:b8:0a:16:a3:ae:da:8f:
b2:03:8c:da:ed:ce:61:a2:be:75:39:e0:d0:08:21:d6:92:0e:
55:c5:67:73:1d:12:02:ef:b3:92:1f:2f:47:33:5a:a2:7c:d9:
cd:4d:a5:44:5a:ed:4a:16:84:4d:88:a5:84:5d:f9:5d:94:e5:
17:c7:5e:95:0a:30:4c:c7:aa:ee:8d:de:94:25:4c:84:f5:31:
8d:97:84:24:55:56:d9:f5:f9:91:25:7b:0c:d9:26:86:a8:11:
32:16:85:74:01:e0:35:b0:29:c8:53:47:20:60:4d:17:81:0c:
3e:26:93:19:db:9d:83:58:33:41:a5:01:7f:86:06:53:42:7f:
85:b5:0d:27:05:e8:01:ae:24:45:88:02:29:35:5e:2a:cb:a2:
c4:96:7f:7b:e0:2c:83:24:63:02:2f:85:6a:78:c8:60:d3:23:
7a:61:54:98:65:21:a0:d9:9e:c4:77:54:73:29:a9:15:11:92:
3d:6a:7a:16:3c:25:ec:a9:92:f5:08:2f:7d:db:ce:d8:04:df:
c5:69:16:2c:29:ef:e8:e4:f8:2c:7d:98:b4:05:4e:b9:16:87:
9b:dc:f3:5a:e1:69:f2:48:5d:24:bc:2a:eb:eb:89:f9:4f:ff:
8b:2f:b2:2e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZSOKqQBTkEIHkMGkpBgZGVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTIyMTMxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDAwZjRmZjU0MjZiYTY0NzFiZmJmNWI5Zjc4NDMwYzcyMzQzNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWuKQPZTuySgChFqVLEi2+hpjh5+
ztHy9ew52dizDWUnvMW3AXM2ycHuiUSXhtjXi44A/QWc3IV6I3h6Y71L1BOwSQkm
3/G80epTW5gl/NzWDX1mW0JIdw+1m8V1uXXs7e+m0F4S/oM/zRfMZIv3BEcLLXAN
BDUTVm4QCX59ec+x+iC4D8zL2cQEECiIJfsuX5lzA2OFX0jEJbo8DGB65O6nLG38
rhVr8HGlgfU2rWhWf6Iox/NDGcwJcb4f0uL4v/cvB44Ax1jZHgwLTYX/rU6A6dEl
mE5wY78l9cARhfgSsqPv6OpDGnyvDXvJz4gmiYyQUUHBBv7rYd+Li6SiWwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFMQA9P9UJrpkcb+/W594QwxyNDQFMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveEFEMF8xUW11bVJ4djc5Ym4zaERESEkwTkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBwCQsAwQC
wEeEAwQBwEeyAwQAwHlPAwQAwKVlMAwDBADApXUDBADApXYDBADAsAIwDAMEAMCw
gwMEAcCwhAMEAcCwlAMEAcCwogMEAMIOPwMEAcIOQgMEAcIORjANBgkqhkiG9w0B
AQsFAAOCAQEAM2wrinoeo6SD5XK4ChajrtqPsgOM2u3OYaK+dTng0Agh1pIOVcVn
cx0SAu+zkh8vRzNaonzZzU2lRFrtShaETYilhF35XZTlF8delQowTMeq7o3elCVM
hPUxjZeEJFVW2fX5kSV7DNkmhqgRMhaFdAHgNbApyFNHIGBNF4EMPiaTGdudg1gz
QaUBf4YGU0J/hbUNJwXoAa4kRYgCKTVeKsuixJZ/e+AsgyRjAi+FanjIYNMjemFU
mGUhoNmexHdUcympFRGSPWp6Fjwl7KmS9QgvfdvO2ATfxWkWLCnv6OT4LH2YtAVO
uRaHm9zzWuFp8khdJLwq6+uJ+U//iy+yLg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:21 2025 by rpki-client