Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1b610b-2740-44e9-844a-9a3ccd99bdb4/1/iaID34_Qng8erE-UP6GHMj-yrFA.roa
File: iaID34_Qng8erE-UP6GHMj-yrFA.roa (raw, json)
Hash identifier: t9fF7j9ORQ31/cN3LLS6oA+bIuajQl5AXUHb8uWWkL0=
Subject key identifier: 89:A2:03:DF:8F:D0:9E:0F:1E:AC:4F:94:3F:A1:87:32:3F:B2:AC:50
Certificate issuer: /CN=dcf035f7bfd506df6e19240fb43aeeb2c85200d4
Certificate serial: 018A400673DBB30319DAF057F9F057AF8D29
Authority key identifier: DC:F0:35:F7:BF:D5:06:DF:6E:19:24:0F:B4:3A:EE:B2:C8:52:00:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PA197_VBt9uGSQPtDrusshSANQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1b610b-2740-44e9-844a-9a3ccd99bdb4/1/iaID34_Qng8erE-UP6GHMj-yrFA.roa
Signing time: Tue 29 Aug 2023 06:41:19 +0000
ROA not before: Tue 29 Aug 2023 06:41:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209638
IP address blocks: 130.193.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:06:73:db:b3:03:19:da:f0:57:f9:f0:57:af:8d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf035f7bfd506df6e19240fb43aeeb2c85200d4
Validity
Not Before: Aug 29 06:41:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89a203df8fd09e0f1eac4f943fa187323fb2ac50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bf:ba:eb:cf:69:39:1b:e6:4f:bf:fe:af:48:
11:61:ba:ef:58:98:51:5e:80:b9:ee:ca:35:d1:25:
dc:c1:ee:87:79:40:35:ef:61:fb:2a:51:38:31:e0:
07:1e:79:c8:9e:62:1f:20:d5:9c:ac:4c:d9:18:a2:
73:75:c7:cd:cb:8a:ff:85:ff:07:35:d4:b3:32:ba:
93:b2:9a:ac:35:a0:56:c3:c4:54:18:7e:19:e3:78:
c6:fc:a2:80:46:cd:22:72:bf:f1:b3:2a:b8:a0:30:
6f:c5:68:48:8e:e5:30:74:ae:e5:11:60:f2:3f:49:
1c:fd:ac:60:7a:ba:72:ed:f3:64:7b:89:78:0f:87:
1c:3e:e4:b6:63:2b:9b:38:82:91:eb:f5:db:c5:aa:
43:e2:3d:b0:80:16:37:24:77:b7:3f:be:16:16:b1:
d7:7d:56:4c:a9:62:b3:b7:fa:65:07:c0:6c:df:05:
b8:ad:e1:fd:f7:66:46:4c:dd:2c:d5:4e:21:5c:a8:
06:e6:d2:01:b6:bd:09:29:b4:5e:58:c0:c2:70:03:
5e:eb:58:58:64:0e:49:0c:85:87:39:67:f6:e2:4a:
af:76:05:4c:40:b5:e9:81:ff:67:e0:06:42:29:d6:
a1:f5:d5:fe:46:e1:3c:4a:b1:0f:73:08:c8:f5:0c:
a5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A2:03:DF:8F:D0:9E:0F:1E:AC:4F:94:3F:A1:87:32:3F:B2:AC:50
X509v3 Authority Key Identifier:
keyid:DC:F0:35:F7:BF:D5:06:DF:6E:19:24:0F:B4:3A:EE:B2:C8:52:00:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PA197_VBt9uGSQPtDrusshSANQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1b610b-2740-44e9-844a-9a3ccd99bdb4/1/iaID34_Qng8erE-UP6GHMj-yrFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1b610b-2740-44e9-844a-9a3ccd99bdb4/1/3PA197_VBt9uGSQPtDrusshSANQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.77.0/24
Signature Algorithm: sha256WithRSAEncryption
39:ac:d5:f1:12:67:d7:69:b0:24:3d:be:24:78:ad:40:32:c2:
3f:29:60:db:6a:8f:05:f6:a3:4e:7b:0f:22:02:63:79:ff:d7:
ac:84:51:14:b0:5e:5c:94:84:b9:b3:5d:f9:fc:03:67:29:dd:
c7:24:9c:5b:96:5d:1b:29:2b:48:f0:5c:12:94:22:39:1e:49:
d7:26:2a:17:9d:f6:1b:e9:6e:d1:4c:4a:f0:bd:a7:ce:e9:c1:
a3:80:f8:1d:71:a6:11:75:f8:6e:11:5c:c1:be:45:68:84:30:
82:2a:34:75:b0:5d:32:d7:b5:f0:b6:f1:8b:4a:e4:69:19:2b:
2a:b4:c7:0d:40:ab:a8:46:37:b1:b2:ef:0e:5d:eb:e1:c8:a7:
44:1d:74:7b:86:a4:77:98:a8:c1:52:bc:bc:cd:21:b3:29:0a:
62:62:e5:87:91:10:3a:65:f6:2b:2f:e2:fd:6f:59:5b:14:3c:
0b:ec:eb:20:bc:c4:18:1a:f0:cf:64:9a:9c:21:73:a2:1c:ca:
04:fa:c5:2f:6a:f4:2d:54:f6:74:e3:c4:5d:98:d9:45:83:ad:
e7:cb:d1:66:61:ab:4f:97:0c:71:39:f2:1d:4a:e0:47:58:4f:
4c:5b:9f:e0:cc:70:36:13:9a:2c:e1:22:20:da:80:2c:2b:42:
fe:5c:b7:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpABnPbswMZ2vBX+fBXr40pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjAzNWY3YmZkNTA2ZGY2ZTE5MjQwZmI0M2FlZWIyYzg1
MjAwZDQwHhcNMjMwODI5MDY0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEyMDNkZjhmZDA5ZTBmMWVhYzRmOTQzZmExODczMjNmYjJhYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb+6689pORvmT7/+r0gRYbrvWJhR
XoC57so10SXcwe6HeUA172H7KlE4MeAHHnnInmIfINWcrEzZGKJzdcfNy4r/hf8H
NdSzMrqTspqsNaBWw8RUGH4Z43jG/KKARs0icr/xsyq4oDBvxWhIjuUwdK7lEWDy
P0kc/axgerpy7fNke4l4D4ccPuS2YyubOIKR6/XbxapD4j2wgBY3JHe3P74WFrHX
fVZMqWKzt/plB8Bs3wW4reH992ZGTN0s1U4hXKgG5tIBtr0JKbReWMDCcANe61hY
ZA5JDIWHOWf24kqvdgVMQLXpgf9n4AZCKdah9dX+RuE8SrEPcwjI9Qyl9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImiA9+P0J4PHqxPlD+hhzI/sqxQMB8GA1UdIwQY
MBaAFNzwNfe/1QbfbhkkD7Q67rLIUgDUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BBMTk3X1ZCdDl1R1NRUHREcnVzc2hTQU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xYjYxMGItMjc0MC00NGU5LTg0NGEt
OWEzY2NkOTliZGI0LzEvaWFJRDM0X1FuZzhlckUtVVA2R0hNai15ckZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xYjYxMGItMjc0MC00NGU5LTg0NGEtOWEzY2NkOTliZGI0
LzEvM1BBMTk3X1ZCdDl1R1NRUHREcnVzc2hTQU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsFNMA0G
CSqGSIb3DQEBCwUAA4IBAQA5rNXxEmfXabAkPb4keK1AMsI/KWDbao8F9qNOew8i
AmN5/9eshFEUsF5clIS5s135/ANnKd3HJJxbll0bKStI8FwSlCI5HknXJioXnfYb
6W7RTErwvafO6cGjgPgdcaYRdfhuEVzBvkVohDCCKjR1sF0y17XwtvGLSuRpGSsq
tMcNQKuoRjexsu8OXevhyKdEHXR7hqR3mKjBUry8zSGzKQpiYuWHkRA6ZfYrL+L9
b1lbFDwL7OsgvMQYGvDPZJqcIXOiHMoE+sUvavQtVPZ048RdmNlFg63ny9FmYatP
lwxxOfIdSuBHWE9MW5/gzHA2E5os4SIg2oAsK0L+XLcR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:22 2025 by rpki-client