Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/hN1N0bBD1GZ96kRfuVHi9Fj8XB8.roa
File: hN1N0bBD1GZ96kRfuVHi9Fj8XB8.roa (raw, json)
Hash identifier: PGMZRWST6tDB0IriK0EOOWQ8sAAdayipDiz9GLFcoA8=
Subject key identifier: 84:DD:4D:D1:B0:43:D4:66:7D:EA:44:5F:B9:51:E2:F4:58:FC:5C:1F
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F562A31375A8587522A6D5D67D95EAD11
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/hN1N0bBD1GZ96kRfuVHi9Fj8XB8.roa
Signing time: Wed 08 May 2024 03:05:56 +0000
ROA not before: Wed 08 May 2024 03:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214979
IP address blocks: 86.106.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:56:2a:31:37:5a:85:87:52:2a:6d:5d:67:d9:5e:ad:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: May 8 03:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84dd4dd1b043d4667dea445fb951e2f458fc5c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d6:8f:6b:49:f9:a6:fb:06:a5:ee:c0:39:13:
cc:5a:00:ca:cd:0b:20:30:2c:29:2b:86:a5:0c:b9:
c2:82:ee:91:ce:5d:74:96:cb:16:30:44:ff:91:0a:
31:cd:17:eb:9a:b6:79:78:1b:31:b5:c2:ef:91:6b:
f4:ec:64:e1:88:5b:6f:e0:71:ab:ac:da:04:a3:43:
ed:43:e0:48:18:0c:80:51:a1:f9:ff:4e:49:7a:e3:
54:e4:98:77:90:dc:be:ab:90:a7:de:14:f6:78:bd:
56:dc:89:5b:28:d3:1f:60:5e:6f:ba:d9:83:b1:ca:
e7:4c:3a:9b:3b:d5:42:74:da:77:ad:61:7b:47:95:
1b:6a:7f:e7:a3:be:88:fa:d3:19:c4:2c:3d:b0:55:
ab:de:eb:ff:79:22:93:66:a7:2c:0b:c2:1a:53:6e:
6a:4d:cf:25:be:70:ab:43:a0:c7:f2:5d:3e:51:89:
c4:14:2e:1b:94:3b:b3:96:15:7a:fd:a7:17:e2:71:
44:71:e0:07:ab:f4:14:8f:9d:19:91:f9:79:22:ee:
65:60:65:43:35:cb:8a:17:77:41:21:2d:0c:c4:2c:
22:40:a3:a2:e7:78:17:77:0e:fe:70:d1:e1:63:ec:
02:be:aa:d3:dd:3f:fc:86:e7:d3:dd:5d:c7:28:1e:
5e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DD:4D:D1:B0:43:D4:66:7D:EA:44:5F:B9:51:E2:F4:58:FC:5C:1F
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/hN1N0bBD1GZ96kRfuVHi9Fj8XB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:81:9f:35:87:e4:a6:97:00:35:93:f5:c6:24:23:9c:15:25:
ed:9e:ce:1d:17:ca:68:6e:38:07:27:fb:da:2a:3a:7d:07:e2:
b5:03:c8:45:ab:4f:b4:1d:0a:06:40:92:d8:c6:2c:36:dc:98:
9e:0f:0c:de:68:78:37:5a:61:6e:0e:fc:f9:33:17:f4:6f:76:
03:76:f2:14:ab:49:08:90:86:ee:1e:66:2f:d0:a6:ff:ab:20:
34:b9:a3:b1:a7:fa:df:60:28:2d:a9:ad:46:f2:b0:25:6e:e1:
5b:3a:42:61:5f:eb:09:87:e9:f2:28:a8:6c:2d:22:6f:d1:a8:
3f:bd:e7:90:78:58:99:df:f9:d3:9f:3d:04:2d:d8:21:92:3c:
ba:be:05:e8:23:69:47:ed:9d:70:fd:48:52:33:1c:44:6d:8f:
72:87:bd:f6:6b:a8:db:36:0a:fb:fb:60:c3:0b:15:79:68:d3:
34:b6:50:5b:eb:78:f6:02:d8:0d:35:aa:f1:25:46:66:91:de:
08:da:dc:6a:99:dc:7a:8e:2c:2e:8f:f9:5a:0d:26:c4:c2:e7:
5d:95:61:9e:b6:c7:2c:e5:8c:54:d3:dd:75:1a:63:b0:85:0d:
1b:b5:fd:12:f1:4c:81:32:00:14:76:53:76:3d:22:f6:3c:a0:
b5:b9:ac:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9WKjE3WoWHUiptXWfZXq0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNTA4MDMwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRkNGRkMWIwNDNkNDY2N2RlYTQ0NWZiOTUxZTJmNDU4ZmM1YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NaPa0n5pvsGpe7AORPMWgDKzQsg
MCwpK4alDLnCgu6Rzl10lssWMET/kQoxzRfrmrZ5eBsxtcLvkWv07GThiFtv4HGr
rNoEo0PtQ+BIGAyAUaH5/05JeuNU5Jh3kNy+q5Cn3hT2eL1W3IlbKNMfYF5vutmD
scrnTDqbO9VCdNp3rWF7R5Uban/no76I+tMZxCw9sFWr3uv/eSKTZqcsC8IaU25q
Tc8lvnCrQ6DH8l0+UYnEFC4blDuzlhV6/acX4nFEceAHq/QUj50Zkfl5Iu5lYGVD
NcuKF3dBIS0MxCwiQKOi53gXdw7+cNHhY+wCvqrT3T/8hufT3V3HKB5exwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITdTdGwQ9RmfepEX7lR4vRY/FwfMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvaE4xTjBiQkQxR1o5NmtSZnVWSGk5Rmo4WEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmpsMA0G
CSqGSIb3DQEBCwUAA4IBAQA6gZ81h+SmlwA1k/XGJCOcFSXtns4dF8pobjgHJ/va
Kjp9B+K1A8hFq0+0HQoGQJLYxiw23JieDwzeaHg3WmFuDvz5Mxf0b3YDdvIUq0kI
kIbuHmYv0Kb/qyA0uaOxp/rfYCgtqa1G8rAlbuFbOkJhX+sJh+nyKKhsLSJv0ag/
veeQeFiZ3/nTnz0ELdghkjy6vgXoI2lH7Z1w/UhSMxxEbY9yh732a6jbNgr7+2DD
CxV5aNM0tlBb63j2AtgNNarxJUZmkd4I2txqmdx6jiwuj/laDSbEwuddlWGetscs
5YxU0911GmOwhQ0btf0S8UyBMgAUdlN2PSL2PKC1uazX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:15 2025 by rpki-client