Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/c762b9-f91a-45b4-8068-20de177bfbf7/1/cTHBZNlW-KJgYw0iwUGUMYun8h4.roa
File: cTHBZNlW-KJgYw0iwUGUMYun8h4.roa (raw, json)
Hash identifier: JWvBvyrvkwpa4XE9r6h3hMioodUacOBwG87mHNCUMtA=
Subject key identifier: 71:31:C1:64:D9:56:F8:A2:60:63:0D:22:C1:41:94:31:8B:A7:F2:1E
Certificate issuer: /CN=3e047b4b6df73e35ac4d9a827b4048bd90a21237
Certificate serial: 01853F40114D4C8598D3F6AA7BC8F1ADFA8D
Authority key identifier: 3E:04:7B:4B:6D:F7:3E:35:AC:4D:9A:82:7B:40:48:BD:90:A2:12:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgR7S233PjWsTZqCe0BIvZCiEjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/c762b9-f91a-45b4-8068-20de177bfbf7/1/cTHBZNlW-KJgYw0iwUGUMYun8h4.roa
Signing time: Fri 23 Dec 2022 13:50:41 +0000
ROA not before: Fri 23 Dec 2022 13:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21155
IP address blocks: 195.144.10.0/24 maxlen: 24
194.150.208.0/23 maxlen: 24
2001:678:10c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:40:11:4d:4c:85:98:d3:f6:aa:7b:c8:f1:ad:fa:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e047b4b6df73e35ac4d9a827b4048bd90a21237
Validity
Not Before: Dec 23 13:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7131c164d956f8a260630d22c14194318ba7f21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:57:d9:84:2e:78:b2:8a:ea:02:51:06:da:4a:
9e:d8:36:81:16:4a:e7:d4:1c:88:1b:15:36:db:c8:
a9:8a:80:f2:69:c7:53:e9:3a:d3:13:ce:cf:76:cd:
90:d7:e3:f0:a0:09:4d:5d:47:93:c4:30:91:3a:08:
48:9e:ac:f5:54:c3:c6:cc:0f:b0:b8:04:6e:ca:4d:
04:fe:e1:80:71:b9:3e:86:d0:0d:6a:30:87:0b:d4:
f6:ac:20:b8:3a:bc:22:35:53:56:69:20:87:50:c4:
01:67:85:3e:b4:0a:f1:c2:2b:69:77:bb:7e:0c:67:
2a:86:38:85:25:e1:2e:f4:85:31:33:44:ed:62:df:
2f:e4:e9:76:6c:ef:db:a9:11:a4:e4:84:d3:2b:5d:
9f:ef:9e:ee:9f:e2:53:c0:8e:d7:67:ee:ab:93:28:
aa:13:98:25:d3:6f:6a:57:76:d4:d9:2f:c4:25:32:
84:bc:86:17:32:19:b8:f7:c3:1a:5e:46:32:44:e7:
28:30:72:2d:2d:8d:74:31:4e:86:c6:78:6f:07:d2:
ec:1b:cc:ae:fa:f9:24:8f:73:5a:8c:77:ff:af:3e:
3e:98:8c:cd:ae:85:da:34:e4:07:aa:06:e8:f9:33:
a9:6d:77:1b:3a:3d:ab:00:fa:5b:a1:44:e7:21:9a:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:31:C1:64:D9:56:F8:A2:60:63:0D:22:C1:41:94:31:8B:A7:F2:1E
X509v3 Authority Key Identifier:
keyid:3E:04:7B:4B:6D:F7:3E:35:AC:4D:9A:82:7B:40:48:BD:90:A2:12:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgR7S233PjWsTZqCe0BIvZCiEjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/c762b9-f91a-45b4-8068-20de177bfbf7/1/cTHBZNlW-KJgYw0iwUGUMYun8h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/c762b9-f91a-45b4-8068-20de177bfbf7/1/PgR7S233PjWsTZqCe0BIvZCiEjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.208.0/23
195.144.10.0/24
IPv6:
2001:678:10c::/48
Signature Algorithm: sha256WithRSAEncryption
72:38:be:9a:48:89:5e:53:d3:34:5c:33:c0:60:a4:90:59:4c:
5c:36:2d:02:00:1d:df:3d:50:57:7d:be:fe:73:1e:e5:8b:d0:
a3:c0:58:11:13:23:22:8c:73:32:7c:15:b4:11:d5:43:8f:65:
63:c4:db:fd:d5:71:7e:3d:5f:17:b5:9c:21:cb:33:a6:b1:2f:
9f:75:b1:21:92:d5:c4:0c:54:e8:80:53:50:fe:3b:5d:e0:35:
8b:55:f6:56:a5:44:70:b4:20:1e:eb:93:1f:c8:9e:a1:fa:89:
ad:e4:66:17:97:d1:7a:b9:41:9a:d9:a0:7d:63:0e:3f:8e:96:
bf:02:1a:b3:0f:45:36:06:cb:b1:44:a5:a6:c7:2a:d7:c1:f8:
91:1c:80:97:24:26:a3:2d:a8:d9:e5:f1:58:55:c7:82:27:9a:
8a:15:76:9d:a0:18:df:86:be:8a:2f:10:e8:39:f7:31:47:db:
7b:cb:e2:da:e0:88:93:32:d4:d1:d3:73:e1:fe:ce:6c:70:e4:
3b:33:ee:5a:e6:77:a5:1e:69:28:bc:bc:24:fe:d3:df:e9:2a:
b0:2a:4d:97:ef:28:0c:48:82:44:ec:0a:ec:09:3b:db:bd:64:
2f:ec:5b:dd:eb:19:0c:b0:3a:1b:49:17:d0:3e:1f:c7:e4:82:
dd:e0:76:25
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYU/QBFNTIWY0/aqe8jxrfqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDQ3YjRiNmRmNzNlMzVhYzRkOWE4MjdiNDA0OGJkOTBh
MjEyMzcwHhcNMjIxMjIzMTM1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTMxYzE2NGQ5NTZmOGEyNjA2MzBkMjJjMTQxOTQzMThiYTdmMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1fZhC54sorqAlEG2kqe2DaBFkrn
1ByIGxU228ipioDyacdT6TrTE87Pds2Q1+PwoAlNXUeTxDCROghInqz1VMPGzA+w
uARuyk0E/uGAcbk+htANajCHC9T2rCC4OrwiNVNWaSCHUMQBZ4U+tArxwitpd7t+
DGcqhjiFJeEu9IUxM0TtYt8v5Ol2bO/bqRGk5ITTK12f757un+JTwI7XZ+6rkyiq
E5gl029qV3bU2S/EJTKEvIYXMhm498MaXkYyROcoMHItLY10MU6GxnhvB9LsG8yu
+vkkj3NajHf/rz4+mIzNroXaNOQHqgbo+TOpbXcbOj2rAPpboUTnIZqsOQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHExwWTZVviiYGMNIsFBlDGLp/IeMB8GA1UdIwQY
MBaAFD4Ee0tt9z41rE2agntASL2QohI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdSN1MyMzNQaldzVFpxQ2UwQkl2WkNpRWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9jNzYyYjktZjkxYS00NWI0LTgwNjgt
MjBkZTE3N2JmYmY3LzEvY1RIQlpObFctS0pnWXcwaXdVR1VNWXVuOGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9jNzYyYjktZjkxYS00NWI0LTgwNjgtMjBkZTE3N2JmYmY3
LzEvUGdSN1MyMzNQaldzVFpxQ2UwQkl2WkNpRWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwpbQAwQA
w5AKMA8EAgACMAkDBwAgAQZ4AQwwDQYJKoZIhvcNAQELBQADggEBAHI4vppIiV5T
0zRcM8BgpJBZTFw2LQIAHd89UFd9vv5zHuWL0KPAWBETIyKMczJ8FbQR1UOPZWPE
2/3VcX49Xxe1nCHLM6axL591sSGS1cQMVOiAU1D+O13gNYtV9lalRHC0IB7rkx/I
nqH6ia3kZheX0Xq5QZrZoH1jDj+Olr8CGrMPRTYGy7FEpabHKtfB+JEcgJckJqMt
qNnl8VhVx4InmooVdp2gGN+GvoovEOg59zFH23vL4trgiJMy1NHTc+H+zmxw5Dsz
7lrmd6UeaSi8vCT+09/pKrAqTZfvKAxIgkTsCuwJO9u9ZC/sW93rGQywOhtJF9A+
H8fkgt3gdiU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:54 2025 by rpki-client