Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/247X9D1Esz836HPvMIfzLW0B854.roa
File: 247X9D1Esz836HPvMIfzLW0B854.roa (raw, json)
Hash identifier: Fkey/OHY+Y9n6nw6ttvvB2iW6TWF5VqkiLPkPWvaqPI=
Subject key identifier: DB:8E:D7:F4:3D:44:B3:3F:37:E8:73:EF:30:87:F3:2D:6D:01:F3:9E
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 019423D6D8953C2A3E8EF71C944FB3566F98
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/247X9D1Esz836HPvMIfzLW0B854.roa
Signing time: Wed 01 Jan 2025 21:47:50 +0000
ROA not before: Wed 01 Jan 2025 21:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57479
IP address blocks: 176.124.228.0/24 maxlen: 24
176.124.229.0/24 maxlen: 24
176.124.230.0/24 maxlen: 24
194.60.252.0/24 maxlen: 24
194.60.253.0/24 maxlen: 24
2001:67c:11a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d8:95:3c:2a:3e:8e:f7:1c:94:4f:b3:56:6f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Jan 1 21:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db8ed7f43d44b33f37e873ef3087f32d6d01f39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:43:bc:4d:ac:ec:53:42:bf:3d:7d:d1:10:
f6:ac:84:d3:6c:0c:d3:1d:38:b3:3d:cc:ac:12:e4:
e3:3e:3a:39:6e:52:c7:d1:6b:c8:23:d6:9f:a9:b0:
06:89:fd:6b:d3:96:39:ec:2f:b0:3d:d6:fe:46:eb:
2d:75:a7:63:f9:60:4a:12:2c:13:91:99:54:aa:cd:
c5:36:9c:5e:76:f6:e9:8a:02:bf:3a:30:b7:dc:c1:
9b:10:1c:6e:7d:5e:74:59:12:95:ec:c3:88:af:d8:
fc:55:37:a7:29:ed:64:08:8b:f6:8f:ef:0d:f6:6c:
da:f4:8e:93:e1:a6:de:5e:e0:49:ce:ce:16:56:f8:
e3:29:5d:a4:08:e0:ae:37:e7:4f:fb:12:9e:73:65:
f7:df:f9:e2:51:7a:40:a8:f2:81:43:ca:72:88:8b:
73:0c:67:79:f1:7b:30:f8:c6:9b:6a:59:3f:10:5a:
a0:e3:29:a5:82:5f:c1:e1:39:ca:24:a1:54:85:31:
14:6b:08:d8:07:4d:d1:b4:0d:05:bc:87:75:77:74:
64:24:80:98:5d:c1:ce:bf:ee:0e:f3:0a:90:a4:7d:
1b:d3:92:0c:d8:f4:5c:b5:e4:70:67:46:02:2b:86:
14:5c:88:50:8c:ea:2f:ad:9e:4a:d9:65:8d:30:3a:
dc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8E:D7:F4:3D:44:B3:3F:37:E8:73:EF:30:87:F3:2D:6D:01:F3:9E
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/247X9D1Esz836HPvMIfzLW0B854.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.228.0-176.124.230.255
194.60.252.0/23
IPv6:
2001:67c:11a0::/48
Signature Algorithm: sha256WithRSAEncryption
54:e1:85:cc:80:c3:a5:e5:12:8f:9e:71:4c:d6:53:3a:12:a0:
26:89:71:ec:6c:c6:82:21:91:3a:7a:79:aa:93:b3:24:72:a1:
a9:6f:88:3c:5d:94:d4:17:2c:3f:3f:2f:99:b7:46:b7:53:39:
ff:48:88:8a:fc:9e:1b:f6:92:ee:00:8c:1f:f0:bb:d3:ca:63:
8b:48:99:22:71:74:e3:b2:70:10:65:e8:a9:52:44:8f:2a:0e:
5c:f3:d5:10:5b:f6:ea:83:50:62:39:2c:28:78:44:ba:cc:b9:
a7:c6:ac:0c:00:e6:77:59:91:18:d2:a2:9a:31:bf:f2:29:1b:
99:c9:06:2f:60:f4:c3:e2:92:84:ff:40:3d:f4:fc:35:5b:42:
e2:fc:5f:bc:1f:6a:83:21:25:e9:5b:0a:d0:e2:67:c6:54:b5:
46:13:78:07:5e:bc:a0:95:f9:da:e4:53:1c:b6:88:42:6f:8e:
25:af:0d:37:20:13:ad:5e:5d:fd:be:ff:6e:a7:52:99:1a:42:
14:50:37:66:3f:1b:72:46:e9:c1:db:96:39:69:10:85:cd:77:
b9:a3:07:04:54:24:f1:95:41:2d:46:06:70:7c:d4:65:ba:2a:
ff:b5:f2:95:c5:eb:54:07:1a:fc:6b:dc:45:a2:10:99:33:aa:
37:6b:a3:6d
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQj1tiVPCo+jvcclE+zVm+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjUwMTAxMjE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhlZDdmNDNkNDRiMzNmMzdlODczZWYzMDg3ZjMyZDZkMDFmMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJRDvE2s7FNCvz190RD2rITTbAzT
HTizPcysEuTjPjo5blLH0WvII9afqbAGif1r05Y57C+wPdb+Rustdadj+WBKEiwT
kZlUqs3FNpxedvbpigK/OjC33MGbEBxufV50WRKV7MOIr9j8VTenKe1kCIv2j+8N
9mza9I6T4abeXuBJzs4WVvjjKV2kCOCuN+dP+xKec2X33/niUXpAqPKBQ8pyiItz
DGd58Xsw+Mabalk/EFqg4ymlgl/B4TnKJKFUhTEUawjYB03RtA0FvId1d3RkJICY
XcHOv+4O8wqQpH0b05IM2PRcteRwZ0YCK4YUXIhQjOovrZ5K2WWNMDrcVwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNuO1/Q9RLM/N+hz7zCH8y1tAfOeMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvMjQ3WDlEMUVzejgzNkhQdk1JZnpMVzBCODU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgtMDU1NTljMWY1OTE1
LzEvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAKwfOQD
BACwfOYDBAHCPPwwDwQCAAIwCQMHACABBnwRoDANBgkqhkiG9w0BAQsFAAOCAQEA
VOGFzIDDpeUSj55xTNZTOhKgJolx7GzGgiGROnp5qpOzJHKhqW+IPF2U1BcsPz8v
mbdGt1M5/0iIivyeG/aS7gCMH/C708pji0iZInF047JwEGXoqVJEjyoOXPPVEFv2
6oNQYjksKHhEusy5p8asDADmd1mRGNKimjG/8ikbmckGL2D0w+KShP9APfT8NVtC
4vxfvB9qgyEl6VsK0OJnxlS1RhN4B168oJX52uRTHLaIQm+OJa8NNyATrV5d/b7/
bqdSmRpCFFA3Zj8bckbpwduWOWkQhc13uaMHBFQk8ZVBLUYGcHzUZboq/7XylcXr
VAca/GvcRaIQmTOqN2ujbQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:40 2025 by rpki-client