Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/P2y2cD2EgGqe1YUmsJgnRbpAOAM.roa
File: P2y2cD2EgGqe1YUmsJgnRbpAOAM.roa (raw, json)
Hash identifier: josb5HfaIJruBSZxQhW9XH5CRqWd0XDHgJBQ5c618As=
Subject key identifier: 3F:6C:B6:70:3D:84:80:6A:9E:D5:85:26:B0:98:27:45:BA:40:38:03
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019315A8C3A68A630887A0F0AC2B4F989B32
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/P2y2cD2EgGqe1YUmsJgnRbpAOAM.roa
Signing time: Sun 10 Nov 2024 10:40:01 +0000
ROA not before: Sun 10 Nov 2024 10:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 84.239.60.0/24 maxlen: 24
84.239.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:a8:c3:a6:8a:63:08:87:a0:f0:ac:2b:4f:98:9b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Nov 10 10:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6cb6703d84806a9ed58526b0982745ba403803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:53:a2:10:97:86:dd:9e:1d:9e:84:7e:1d:0c:
48:83:90:84:21:3c:80:57:5a:cb:46:1d:17:77:ed:
b2:91:b7:bb:54:87:21:1b:eb:fb:4f:05:5f:3a:70:
c8:2d:6f:c3:5b:b3:53:8b:2b:8a:d6:10:ad:a4:73:
c4:0a:9a:47:13:26:21:d7:60:82:79:9b:2a:6f:c7:
47:a4:b2:39:ed:73:cd:f0:8f:39:94:c3:2f:84:d9:
d7:1d:d5:1d:fb:37:44:09:f9:5a:ef:3d:87:24:8b:
58:98:62:0f:b4:cc:2b:e8:1b:be:c3:e9:f2:0b:f2:
8e:b2:12:e2:c6:49:7b:5e:a2:16:d7:4b:ed:01:45:
ac:59:43:ea:24:cc:c6:cf:01:5e:2f:7c:a0:30:7e:
b6:cc:22:60:c6:76:50:d5:f4:fa:09:55:bf:f3:45:
8e:b6:94:05:a0:79:f7:91:a6:ea:8d:fa:ad:60:49:
45:d5:2f:fc:2a:87:63:e8:3b:27:c4:13:90:4b:a0:
10:76:c5:6f:bd:09:8a:98:fb:1c:87:cc:8c:b9:77:
b5:6f:3d:fd:12:6e:e5:bb:40:81:07:20:55:fc:4e:
b4:ad:73:30:76:33:81:d3:d5:06:7f:55:d1:7f:e1:
c2:65:85:6f:de:12:d1:aa:6f:42:94:80:be:26:49:
01:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6C:B6:70:3D:84:80:6A:9E:D5:85:26:B0:98:27:45:BA:40:38:03
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/P2y2cD2EgGqe1YUmsJgnRbpAOAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.60.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:13:e8:6a:48:ab:5f:b7:c2:8a:b7:17:d3:bb:8a:19:88:5a:
9c:e0:b9:4e:ee:1e:2a:8d:18:b1:45:d6:73:a2:f9:57:60:e5:
9b:7b:cd:e6:ee:c2:ef:30:1c:3f:2b:60:26:6d:a4:b1:ac:fc:
33:44:bc:65:f1:0e:58:1f:9e:9e:57:eb:82:95:e9:74:bc:d6:
6b:59:ef:34:78:c1:f5:0e:a5:b7:cc:a2:db:19:45:11:3d:41:
63:d9:e7:5b:00:de:34:b6:f1:87:50:1c:62:9c:2e:1a:e0:41:
27:45:25:59:d3:39:cf:42:84:56:6f:ab:8e:fa:42:40:f8:5d:
af:86:16:f4:ab:60:49:96:dd:82:0c:5b:82:72:c0:54:8d:b8:
ad:c9:98:91:f1:95:a0:74:4e:16:4e:90:14:8c:22:9d:a0:5c:
ed:d1:67:ad:27:74:89:06:74:a6:d5:a2:2c:a8:44:b1:42:04:
27:49:c8:20:1c:31:a8:e4:93:71:65:0d:7b:c6:98:3f:a0:4a:
00:17:26:4e:80:2e:90:cc:a8:26:61:5d:b0:d8:c0:7b:7e:b1:
99:73:57:ee:17:5a:2f:12:2c:5d:71:6a:33:24:5c:4a:18:96:
fb:e8:81:11:37:c3:96:7b:eb:49:47:db:35:5a:13:08:ed:ae:
90:a4:5c:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMVqMOmimMIh6DwrCtPmJsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQxMTEwMTA0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZjYjY3MDNkODQ4MDZhOWVkNTg1MjZiMDk4Mjc0NWJhNDAzODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlOiEJeG3Z4dnoR+HQxIg5CEITyA
V1rLRh0Xd+2ykbe7VIchG+v7TwVfOnDILW/DW7NTiyuK1hCtpHPECppHEyYh12CC
eZsqb8dHpLI57XPN8I85lMMvhNnXHdUd+zdECfla7z2HJItYmGIPtMwr6Bu+w+ny
C/KOshLixkl7XqIW10vtAUWsWUPqJMzGzwFeL3ygMH62zCJgxnZQ1fT6CVW/80WO
tpQFoHn3kabqjfqtYElF1S/8Kodj6DsnxBOQS6AQdsVvvQmKmPsch8yMuXe1bz39
Em7lu0CBByBV/E60rXMwdjOB09UGf1XRf+HCZYVv3hLRqm9ClIC+JkkByQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9stnA9hIBqntWFJrCYJ0W6QDgDMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvUDJ5MmNEMkVnR3FlMVlVbXNKZ25SYnBBT0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVO88MA0G
CSqGSIb3DQEBCwUAA4IBAQAbE+hqSKtft8KKtxfTu4oZiFqc4LlO7h4qjRixRdZz
ovlXYOWbe83m7sLvMBw/K2AmbaSxrPwzRLxl8Q5YH56eV+uClel0vNZrWe80eMH1
DqW3zKLbGUURPUFj2edbAN40tvGHUBxinC4a4EEnRSVZ0znPQoRWb6uO+kJA+F2v
hhb0q2BJlt2CDFuCcsBUjbityZiR8ZWgdE4WTpAUjCKdoFzt0WetJ3SJBnSm1aIs
qESxQgQnScggHDGo5JNxZQ17xpg/oEoAFyZOgC6QzKgmYV2w2MB7frGZc1fuF1ov
EixdcWozJFxKGJb76IERN8OWe+tJR9s1WhMI7a6QpFw6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:16 2025 by rpki-client