Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/afba5b-8b9c-4cb4-8a2a-f14f3e3f340e/1/_d2H6SVdcmCoFHUSn7a4QeheGpc.roa
File: _d2H6SVdcmCoFHUSn7a4QeheGpc.roa (raw, json)
Hash identifier: Uq6U22GrmKqckwyQdWfRtiqXD9yhSTz8PRwGoXDxuzc=
Subject key identifier: FD:DD:87:E9:25:5D:72:60:A8:14:75:12:9F:B6:B8:41:E8:5E:1A:97
Certificate issuer: /CN=89daadb981f7e93da4b19acf41079f9bbe1d672e
Certificate serial: 01856C013B35490CD6B60881E1CFED1AA2D1
Authority key identifier: 89:DA:AD:B9:81:F7:E9:3D:A4:B1:9A:CF:41:07:9F:9B:BE:1D:67:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idqtuYH36T2ksZrPQQefm74dZy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/afba5b-8b9c-4cb4-8a2a-f14f3e3f340e/1/_d2H6SVdcmCoFHUSn7a4QeheGpc.roa
Signing time: Sun 01 Jan 2023 06:24:57 +0000
ROA not before: Sun 01 Jan 2023 06:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15626
IP address blocks: 193.238.152.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:3b:35:49:0c:d6:b6:08:81:e1:cf:ed:1a:a2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89daadb981f7e93da4b19acf41079f9bbe1d672e
Validity
Not Before: Jan 1 06:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fddd87e9255d7260a81475129fb6b841e85e1a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:0c:3b:7f:4a:52:1f:ea:b0:b5:a7:57:51:
2a:2e:b4:f7:ff:78:0c:c2:56:31:ec:5d:f4:ad:20:
71:74:b5:fc:b7:ac:6d:49:b2:a8:be:23:3b:fd:8f:
e3:ca:9f:d7:19:8b:bd:1e:7f:3c:6a:61:de:2c:c7:
4e:9d:c2:e0:98:47:de:7c:ce:6f:f1:38:84:22:4d:
cd:f7:6b:80:ec:aa:71:76:b9:a0:69:e0:c7:fa:da:
31:27:fa:d9:9b:b1:96:69:49:ed:5c:12:7c:0f:35:
51:84:ba:e9:13:fb:eb:2a:28:55:a0:a2:7f:97:31:
f2:2b:21:71:a8:aa:41:0f:c8:e8:7e:37:ff:f8:78:
75:7d:d6:ef:65:db:3d:fa:eb:5f:1c:21:71:d5:00:
d1:92:5e:b4:2c:77:45:20:1f:ae:7e:3f:61:bb:30:
e9:52:2a:7e:70:18:fe:f4:62:4b:29:c8:2a:3f:97:
a4:ef:99:62:41:65:af:db:b4:e6:3c:80:49:01:47:
8b:8d:50:30:cb:29:5d:4a:e5:ed:57:93:7b:f9:00:
d1:d7:0a:83:20:53:08:dd:a5:85:b3:c5:23:f3:34:
ae:eb:51:1f:3c:c6:1e:ce:56:c4:30:6d:88:17:c9:
0f:30:91:56:9c:4e:1b:e7:ac:a5:d9:0d:cd:44:1d:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:DD:87:E9:25:5D:72:60:A8:14:75:12:9F:B6:B8:41:E8:5E:1A:97
X509v3 Authority Key Identifier:
keyid:89:DA:AD:B9:81:F7:E9:3D:A4:B1:9A:CF:41:07:9F:9B:BE:1D:67:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idqtuYH36T2ksZrPQQefm74dZy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/afba5b-8b9c-4cb4-8a2a-f14f3e3f340e/1/_d2H6SVdcmCoFHUSn7a4QeheGpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/afba5b-8b9c-4cb4-8a2a-f14f3e3f340e/1/idqtuYH36T2ksZrPQQefm74dZy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.152.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:24:a6:be:a2:51:70:a1:0e:47:cd:f8:73:88:3b:ee:66:d1:
12:c8:74:df:ed:89:0e:a1:63:59:ff:6b:f0:c9:96:78:e8:45:
49:bb:f2:3b:6f:e4:3c:3e:0b:bc:c7:73:90:ac:13:ae:e2:44:
19:66:df:0e:40:61:68:c8:72:df:c4:e7:ec:4c:63:0d:b3:7e:
7f:c7:4f:a9:fb:6d:bd:07:3c:21:1e:a0:eb:33:1d:db:48:b9:
60:d4:2f:90:b0:21:82:79:ed:0f:86:08:9d:e1:a5:cc:3f:d0:
c7:af:1b:67:4e:97:d2:d1:0f:5f:28:56:7a:6b:70:ad:fe:b5:
3c:13:f2:e5:b5:26:23:07:49:f1:84:26:2f:c1:8a:6c:96:fa:
2c:63:38:4b:b7:c6:22:e6:45:9d:40:0a:23:ca:04:78:9e:05:
92:d8:fd:9b:d7:68:b7:05:bc:58:35:e4:70:96:a3:d8:84:63:
83:46:36:31:96:ec:e2:95:a8:d4:57:41:26:7f:fc:30:40:18:
1c:d8:0d:aa:95:0f:17:07:e2:4f:3f:39:f9:5a:5a:ec:83:f7:
16:39:28:e0:5c:49:bf:ed:7b:41:7c:c4:d4:e9:73:9e:07:53:
f8:45:0e:fa:7d:98:c9:3c:a3:47:c8:9d:62:43:d2:41:db:4a:
ca:07:b6:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsATs1SQzWtgiB4c/tGqLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGFhZGI5ODFmN2U5M2RhNGIxOWFjZjQxMDc5ZjliYmUx
ZDY3MmUwHhcNMjMwMTAxMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRkODdlOTI1NWQ3MjYwYTgxNDc1MTI5ZmI2Yjg0MWU4NWUxYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKYMO39KUh/qsLWnV1EqLrT3/3gM
wlYx7F30rSBxdLX8t6xtSbKoviM7/Y/jyp/XGYu9Hn88amHeLMdOncLgmEfefM5v
8TiEIk3N92uA7KpxdrmgaeDH+toxJ/rZm7GWaUntXBJ8DzVRhLrpE/vrKihVoKJ/
lzHyKyFxqKpBD8jofjf/+Hh1fdbvZds9+utfHCFx1QDRkl60LHdFIB+ufj9huzDp
Uip+cBj+9GJLKcgqP5ek75liQWWv27TmPIBJAUeLjVAwyyldSuXtV5N7+QDR1wqD
IFMI3aWFs8Uj8zSu61EfPMYezlbEMG2IF8kPMJFWnE4b56yl2Q3NRB1wbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3dh+klXXJgqBR1Ep+2uEHoXhqXMB8GA1UdIwQY
MBaAFInarbmB9+k9pLGaz0EHn5u+HWcuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRxdHVZSDM2VDJrc1pyUFFRZWZtNzRkWnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hZmJhNWItOGI5Yy00Y2I0LThhMmEt
ZjE0ZjNlM2YzNDBlLzEvX2QySDZTVmRjbUNvRkhVU243YTRRZWhlR3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hZmJhNWItOGI5Yy00Y2I0LThhMmEtZjE0ZjNlM2YzNDBl
LzEvaWRxdHVZSDM2VDJrc1pyUFFRZWZtNzRkWnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwe6YMA0G
CSqGSIb3DQEBCwUAA4IBAQA9JKa+olFwoQ5HzfhziDvuZtESyHTf7YkOoWNZ/2vw
yZZ46EVJu/I7b+Q8Pgu8x3OQrBOu4kQZZt8OQGFoyHLfxOfsTGMNs35/x0+p+229
BzwhHqDrMx3bSLlg1C+QsCGCee0Phgid4aXMP9DHrxtnTpfS0Q9fKFZ6a3Ct/rU8
E/LltSYjB0nxhCYvwYpslvosYzhLt8Yi5kWdQAojygR4ngWS2P2b12i3BbxYNeRw
lqPYhGODRjYxluzilajUV0Emf/wwQBgc2A2qlQ8XB+JPPzn5Wlrsg/cWOSjgXEm/
7XtBfMTU6XOeB1P4RQ76fZjJPKNHyJ1iQ9JB20rKB7b3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:38 2025 by rpki-client