Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Ax333ECvwcaRt0ykFD1SQrfQSf0.roa
File: Ax333ECvwcaRt0ykFD1SQrfQSf0.roa (raw, json)
Hash identifier: lbW0m6KUaWEv44XyvJyUZeLapNkpIZpNolyiJ5M2Wp4=
Subject key identifier: 03:1D:F7:DC:40:AF:C1:C6:91:B7:4C:A4:14:3D:52:42:B7:D0:49:FD
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018D324C3635F359E358297D36DD532E0C9F
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Ax333ECvwcaRt0ykFD1SQrfQSf0.roa
Signing time: Mon 22 Jan 2024 17:51:11 +0000
ROA not before: Mon 22 Jan 2024 17:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 14.102.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:4c:36:35:f3:59:e3:58:29:7d:36:dd:53:2e:0c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 22 17:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=031df7dc40afc1c691b74ca4143d5242b7d049fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:79:54:dd:64:4b:28:62:12:77:54:b9:d1:
06:f5:2d:7f:2f:82:62:01:3f:94:30:d8:c6:a0:9d:
94:ca:8b:58:24:4d:3f:19:00:0c:43:9d:41:73:83:
42:9f:1b:7a:ff:4b:38:cf:33:18:52:88:55:ac:68:
a5:0d:53:18:12:95:e2:58:da:bf:10:5c:f8:81:c3:
a9:fa:fb:9d:96:94:18:85:7f:fa:e8:5a:ac:fa:a7:
ff:f3:32:9d:4c:95:20:94:1a:9e:58:58:e5:35:43:
4a:e5:1f:bc:25:45:cd:4f:4f:3e:53:33:12:a5:98:
94:22:c7:70:4a:8a:e6:1f:08:8b:6c:31:52:e1:4a:
65:68:70:05:7a:ca:56:1d:c6:a0:5b:95:f6:a1:7a:
76:f7:53:9c:c3:35:53:81:00:7c:75:05:fa:d1:62:
8e:91:33:1a:b8:af:8a:f8:46:25:10:78:92:a8:96:
1a:4b:cf:d0:fa:85:31:89:55:b0:42:cb:23:b4:02:
6f:4f:5d:8c:5a:bb:cb:ab:ba:76:21:85:3f:04:fc:
8b:21:ac:67:de:b3:5a:f2:da:5b:2c:4f:f8:b1:68:
62:12:0f:b9:ba:5a:2b:bd:ac:05:e4:e5:4b:57:72:
af:a4:de:a7:55:61:e9:eb:a3:fa:9a:f7:5a:32:77:
85:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1D:F7:DC:40:AF:C1:C6:91:B7:4C:A4:14:3D:52:42:B7:D0:49:FD
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Ax333ECvwcaRt0ykFD1SQrfQSf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:37:17:82:d5:f4:11:9d:52:d2:0b:2a:e7:26:d8:0f:5d:b4:
45:02:b8:88:c3:70:ce:ef:ce:d3:e8:63:bf:9f:1f:ff:ab:df:
f6:7c:61:70:56:a1:b7:ac:6e:7c:4d:65:5d:e0:4b:a6:22:d0:
d9:2e:38:e2:bb:8f:81:22:b9:a0:71:74:12:a3:4d:a6:f9:f4:
f1:64:59:a6:90:24:0d:f4:74:11:df:41:dc:df:dd:a1:de:f3:
a3:26:92:fd:06:7d:88:59:84:e3:76:90:43:84:e5:55:bf:68:
fc:3e:27:ce:8d:db:e8:e7:00:2e:9b:9a:05:f0:03:b2:36:4c:
ba:cd:c1:a5:98:67:62:a1:f3:3f:66:29:8f:5e:dc:b0:84:16:
33:a9:21:72:43:13:a0:91:f8:a8:3f:cd:eb:38:98:e3:19:c4:
e4:9b:b2:c4:0d:10:1e:d0:d8:03:34:26:0e:b5:d3:da:3b:85:
05:94:7c:70:49:aa:15:87:42:95:00:d3:45:a5:9b:e1:52:0f:
5c:02:fd:15:ca:5a:ba:b5:61:ae:b7:c9:ce:07:5e:e8:97:78:
35:c7:4c:ce:72:32:07:cc:fc:ce:3b:33:f6:52:32:db:6b:0f:
be:51:4b:1b:a3:92:93:49:64:38:db:af:63:ac:12:a9:7b:42:
d0:e6:44:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0yTDY181njWCl9Nt1TLgyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTIyMTc1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFkZjdkYzQwYWZjMWM2OTFiNzRjYTQxNDNkNTI0MmI3ZDA0OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocl5VN1kSyhiEndUudEG9S1/L4Ji
AT+UMNjGoJ2UyotYJE0/GQAMQ51Bc4NCnxt6/0s4zzMYUohVrGilDVMYEpXiWNq/
EFz4gcOp+vudlpQYhX/66Fqs+qf/8zKdTJUglBqeWFjlNUNK5R+8JUXNT08+UzMS
pZiUIsdwSormHwiLbDFS4UplaHAFespWHcagW5X2oXp291OcwzVTgQB8dQX60WKO
kTMauK+K+EYlEHiSqJYaS8/Q+oUxiVWwQssjtAJvT12MWrvLq7p2IYU/BPyLIaxn
3rNa8tpbLE/4sWhiEg+5ulorvawF5OVLV3KvpN6nVWHp66P6mvdaMneFqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMd99xAr8HGkbdMpBQ9UkK30En9MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvQXgzMzNFQ3Z3Y2FSdDB5a0ZEMVNRcmZRU2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbnMA0G
CSqGSIb3DQEBCwUAA4IBAQBaNxeC1fQRnVLSCyrnJtgPXbRFAriIw3DO787T6GO/
nx//q9/2fGFwVqG3rG58TWVd4EumItDZLjjiu4+BIrmgcXQSo02m+fTxZFmmkCQN
9HQR30Hc392h3vOjJpL9Bn2IWYTjdpBDhOVVv2j8PifOjdvo5wAum5oF8AOyNky6
zcGlmGdiofM/ZimPXtywhBYzqSFyQxOgkfioP83rOJjjGcTkm7LEDRAe0NgDNCYO
tdPaO4UFlHxwSaoVh0KVANNFpZvhUg9cAv0Vylq6tWGut8nOB17ol3g1x0zOcjIH
zPzOOzP2UjLbaw++UUsbo5KTSWQ4269jrBKpe0LQ5kRG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:01 2025 by rpki-client