Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/1UTlekbA8oM0GnlQQpq5lbJeZd4.roa
File: 1UTlekbA8oM0GnlQQpq5lbJeZd4.roa (raw, json)
Hash identifier: 5rH7fliqouSZooxvy/iLZyhTewB2xxjhMaohfv+q+gg=
Subject key identifier: D5:44:E5:7A:46:C0:F2:83:34:1A:79:50:42:9A:B9:95:B2:5E:65:DE
Certificate issuer: /CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Certificate serial: 019206E6E815C9F2C2425AD5DCBDFE0EFBA3
Authority key identifier: 93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/1UTlekbA8oM0GnlQQpq5lbJeZd4.roa
Signing time: Wed 18 Sep 2024 20:50:48 +0000
ROA not before: Wed 18 Sep 2024 20:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35600
IP address blocks: 185.49.123.0/24 maxlen: 24
2a01:4fe0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:06:e6:e8:15:c9:f2:c2:42:5a:d5:dc:bd:fe:0e:fb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9334a82fdc08f0e8de5d848d377e0cc5d97799bf
Validity
Not Before: Sep 18 20:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d544e57a46c0f283341a7950429ab995b25e65de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:0b:0f:11:d2:b5:f5:ff:4b:34:29:bd:e4:
3e:36:0d:b4:7d:47:7c:aa:7d:4b:6b:d0:a3:2c:a2:
c6:c4:ab:b0:3a:37:97:3b:d7:fe:37:af:9d:5a:03:
a4:ee:2d:fa:8c:20:f0:32:15:4e:2f:cc:53:ca:0b:
bb:d9:ce:77:c5:18:d8:95:bc:9b:81:51:04:95:0c:
bb:f3:8b:2f:ae:01:4d:b0:4a:6c:1a:1f:7c:dc:86:
3a:88:5a:58:ac:20:68:2a:a4:41:30:1b:31:4b:38:
d4:61:cc:28:75:23:c0:c6:10:bc:a8:a2:9b:ff:05:
8a:30:21:3c:70:ea:78:49:ae:dc:fb:44:ef:80:9c:
37:25:98:e7:70:77:48:da:b4:d4:c2:70:08:74:e3:
a7:6c:05:6f:fc:be:19:4f:7a:e8:9a:cf:5c:29:50:
bf:bd:4c:d5:48:cd:ab:7c:6c:f6:f6:fa:71:99:9c:
5f:0e:63:07:d8:f9:d1:42:bc:c3:42:97:d4:3d:94:
3d:a3:9c:a1:5f:3f:ef:9f:4f:45:17:63:07:77:eb:
7a:a0:42:05:d1:fa:9d:13:95:78:9a:37:e2:66:fe:
4f:f1:7c:8b:d9:e0:c2:b1:f8:69:dd:dc:f4:62:ed:
3c:52:8a:24:03:7a:52:3d:76:eb:a5:15:a6:80:23:
e6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:44:E5:7A:46:C0:F2:83:34:1A:79:50:42:9A:B9:95:B2:5E:65:DE
X509v3 Authority Key Identifier:
keyid:93:34:A8:2F:DC:08:F0:E8:DE:5D:84:8D:37:7E:0C:C5:D9:77:99:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzSoL9wI8OjeXYSNN34Mxdl3mb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/1UTlekbA8oM0GnlQQpq5lbJeZd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb6e7e-ab1d-4da5-9c96-ff68e9225f7d/1/kzSoL9wI8OjeXYSNN34Mxdl3mb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.123.0/24
IPv6:
2a01:4fe0::/32
Signature Algorithm: sha256WithRSAEncryption
87:9b:a7:1a:bd:23:84:53:36:5a:e1:26:7a:7d:bd:d6:0f:82:
8d:9f:2e:54:6c:08:74:d3:99:45:bf:46:52:52:99:5d:aa:f2:
63:b0:31:d5:17:57:91:bf:d2:4d:99:f3:16:7f:b8:75:b5:17:
92:c1:0b:7a:05:85:f5:7e:bf:0c:06:09:19:f1:da:6e:86:d3:
4a:6d:60:53:38:e7:55:3e:9b:21:85:9e:23:d9:ed:67:53:5a:
5a:27:b2:29:0b:62:bb:e0:c5:73:e4:64:72:fe:42:47:0f:b9:
07:18:25:3e:24:0e:5e:4b:17:c5:c7:5e:75:cd:6d:24:8a:45:
bb:9a:64:af:5e:19:5a:d5:42:ec:c1:21:ea:48:57:bf:db:c0:
cf:80:5d:13:bc:51:71:3f:8b:ba:29:b3:65:df:8f:85:c1:f9:
e3:68:dc:bd:13:06:5c:c6:22:7a:c0:86:3e:09:f3:3f:0e:51:
8b:f9:2a:d7:c7:a2:65:ca:2e:f2:36:ae:b2:b5:cc:f3:0a:72:
a6:3d:4d:46:58:5b:b2:a4:f0:a8:bc:86:0a:3e:12:87:2c:5d:
3a:8a:59:be:88:16:a1:61:13:f3:88:c7:c8:14:75:af:2f:de:
dd:ba:36:c0:1a:21:4b:60:7b:c6:55:67:de:f4:d1:6d:2a:bc:
08:11:62:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIG5ugVyfLCQlrV3L3+DvujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzRhODJmZGMwOGYwZThkZTVkODQ4ZDM3N2UwY2M1ZDk3
Nzk5YmYwHhcNMjQwOTE4MjA1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ0ZTU3YTQ2YzBmMjgzMzQxYTc5NTA0MjlhYjk5NWIyNWU2NWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueYLDxHStfX/SzQpveQ+Ng20fUd8
qn1La9CjLKLGxKuwOjeXO9f+N6+dWgOk7i36jCDwMhVOL8xTygu72c53xRjYlbyb
gVEElQy784svrgFNsEpsGh983IY6iFpYrCBoKqRBMBsxSzjUYcwodSPAxhC8qKKb
/wWKMCE8cOp4Sa7c+0TvgJw3JZjncHdI2rTUwnAIdOOnbAVv/L4ZT3roms9cKVC/
vUzVSM2rfGz29vpxmZxfDmMH2PnRQrzDQpfUPZQ9o5yhXz/vn09FF2MHd+t6oEIF
0fqdE5V4mjfiZv5P8XyL2eDCsfhp3dz0Yu08UookA3pSPXbrpRWmgCPmvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNVE5XpGwPKDNBp5UEKauZWyXmXeMB8GA1UdIwQY
MBaAFJM0qC/cCPDo3l2EjTd+DMXZd5m/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYt
ZmY2OGU5MjI1ZjdkLzEvMVVUbGVrYkE4b00wR25sUVFwcTVsYkplWmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYjZlN2UtYWIxZC00ZGE1LTljOTYtZmY2OGU5MjI1Zjdk
LzEva3pTb0w5d0k4T2plWFlTTk4zNE14ZGwzbWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTF7MA0E
AgACMAcDBQAqAU/gMA0GCSqGSIb3DQEBCwUAA4IBAQCHm6cavSOEUzZa4SZ6fb3W
D4KNny5UbAh005lFv0ZSUpldqvJjsDHVF1eRv9JNmfMWf7h1tReSwQt6BYX1fr8M
BgkZ8dpuhtNKbWBTOOdVPpshhZ4j2e1nU1paJ7IpC2K74MVz5GRy/kJHD7kHGCU+
JA5eSxfFx151zW0kikW7mmSvXhla1ULswSHqSFe/28DPgF0TvFFxP4u6KbNl34+F
wfnjaNy9EwZcxiJ6wIY+CfM/DlGL+SrXx6Jlyi7yNq6ytczzCnKmPU1GWFuypPCo
vIYKPhKHLF06ilm+iBahYRPziMfIFHWvL97dujbAGiFLYHvGVWfe9NFtKrwIEWLx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:56 2025 by rpki-client