Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/p9_f3QWYc8u-hO71w-jW4kverKo.roa
File: p9_f3QWYc8u-hO71w-jW4kverKo.roa (raw, json)
Hash identifier: uJRvhhxMfsdr4Tv1r412h8aLjaFIfm9VLiSvIU5cRJk=
Subject key identifier: A7:DF:DF:DD:05:98:73:CB:BE:84:EE:F5:C3:E8:D6:E2:4B:DE:AC:AA
Certificate issuer: /CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Certificate serial: 018CC8DF1D9CA0737F2B2A34FDF08D6EF5D7
Authority key identifier: 2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/p9_f3QWYc8u-hO71w-jW4kverKo.roa
Signing time: Tue 02 Jan 2024 06:31:54 +0000
ROA not before: Tue 02 Jan 2024 06:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
185.28.100.0/22 maxlen: 32
2001:15e8::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:1d:9c:a0:73:7f:2b:2a:34:fd:f0:8d:6e:f5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e5d85dc24e97d5811a30ff4fd7cf7aec12ccc6e
Validity
Not Before: Jan 2 06:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7dfdfdd059873cbbe84eef5c3e8d6e24bdeacaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:44:b4:8d:3f:85:65:89:59:db:74:c5:13:
ac:7c:55:76:8c:9f:49:1c:73:55:66:4c:ee:b9:eb:
8f:12:6d:bf:81:2b:12:44:e0:91:09:b0:05:27:1e:
bb:70:a7:c4:70:e1:dd:2b:74:d7:05:f5:70:6f:51:
4e:4e:fa:78:1c:eb:55:92:e0:90:de:09:60:7d:1f:
93:6a:3b:57:94:63:c3:8e:04:22:d3:8a:61:40:7e:
8e:f6:7c:55:b6:9e:b2:7c:ce:5e:c5:28:61:c9:08:
2a:41:32:3b:81:4f:64:fe:ad:e2:d0:8e:f9:8c:e9:
87:82:83:3f:5e:56:0d:3b:1d:c5:ea:79:2d:15:90:
17:23:a2:5e:44:36:22:67:e3:5d:1c:b6:43:4b:c5:
b3:c0:79:a6:45:21:66:3a:9d:29:bb:a8:da:10:4d:
a2:6c:7d:f1:5b:b6:91:53:cd:28:1e:1a:df:9f:38:
ad:ca:c0:1a:a4:eb:d4:95:c8:35:5f:82:ab:40:a7:
20:0a:ba:62:69:6f:68:44:b5:b8:1f:d2:58:38:47:
39:d9:b7:68:c0:91:20:fc:e3:69:3e:7c:1f:c3:b4:
5d:7e:dd:88:0e:f5:60:83:bf:a6:91:5e:7e:2a:6b:
fd:1f:43:5a:f7:6a:16:40:26:a1:91:f5:e2:ce:6a:
9d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DF:DF:DD:05:98:73:CB:BE:84:EE:F5:C3:E8:D6:E2:4B:DE:AC:AA
X509v3 Authority Key Identifier:
keyid:2E:5D:85:DC:24:E9:7D:58:11:A3:0F:F4:FD:7C:F7:AE:C1:2C:CC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ll2F3CTpfVgRow_0_Xz3rsEszG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/p9_f3QWYc8u-hO71w-jW4kverKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a8383-aab0-4367-89c3-92b47adb2b90/1/Ll2F3CTpfVgRow_0_Xz3rsEszG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/29
Signature Algorithm: sha256WithRSAEncryption
4a:2e:bf:2c:3f:8a:5e:48:f2:ac:1c:b4:0b:d6:2b:57:b0:c8:
0e:61:38:64:f7:08:5b:a5:c6:07:97:27:de:59:60:ae:36:c1:
db:bd:01:81:36:d5:a9:fc:f1:b6:29:da:ee:8a:2c:73:02:d2:
d2:b9:b3:4d:95:0b:07:ba:93:d1:c7:fc:ac:71:d3:a0:e8:91:
4e:97:03:7b:d8:f8:91:82:27:d7:46:54:67:67:44:ab:7a:a4:
2f:93:1e:a8:11:c4:49:f3:08:b2:56:4a:75:f9:40:32:78:c5:
c6:91:de:bf:93:5b:77:6a:ed:74:34:4e:59:fd:92:9b:15:ff:
1f:dc:87:70:ca:d0:08:6c:3a:71:33:a8:15:d5:02:56:b7:c0:
ae:3d:51:cd:2f:4e:d2:30:d0:aa:44:5a:fc:ea:57:8d:3b:0a:
bd:49:aa:fc:2e:cd:68:cb:a6:cc:40:b3:0d:d0:30:71:19:13:
45:ab:3f:89:70:d5:f1:e0:08:55:53:f2:62:f5:7f:72:b6:56:
c9:00:08:11:7d:b1:4f:4c:4f:83:f4:53:e0:87:d3:be:4c:39:
54:e3:94:ec:3d:c1:62:04:fe:9d:51:25:3c:5f:17:18:64:a0:
ff:e8:0f:75:e2:02:28:12:c1:85:f5:64:8a:f6:17:ff:ce:11:
8f:a5:6e:27
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3x2coHN/Kyo0/fCNbvXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNWQ4NWRjMjRlOTdkNTgxMWEzMGZmNGZkN2NmN2FlYzEy
Y2NjNmUwHhcNMjQwMTAyMDYzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RmZGZkZDA1OTg3M2NiYmU4NGVlZjVjM2U4ZDZlMjRiZGVhY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGZEtI0/hWWJWdt0xROsfFV2jJ9J
HHNVZkzuueuPEm2/gSsSROCRCbAFJx67cKfEcOHdK3TXBfVwb1FOTvp4HOtVkuCQ
3glgfR+TajtXlGPDjgQi04phQH6O9nxVtp6yfM5exShhyQgqQTI7gU9k/q3i0I75
jOmHgoM/XlYNOx3F6nktFZAXI6JeRDYiZ+NdHLZDS8WzwHmmRSFmOp0pu6jaEE2i
bH3xW7aRU80oHhrfnzitysAapOvUlcg1X4KrQKcgCrpiaW9oRLW4H9JYOEc52bdo
wJEg/ONpPnwfw7Rdft2IDvVgg7+mkV5+Kmv9H0Na92oWQCahkfXizmqdUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKff390FmHPLvoTu9cPo1uJL3qyqMB8GA1UdIwQY
MBaAFC5dhdwk6X1YEaMP9P18967BLMxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGwyRjNDVHBmVmdSb3dfMF9YejNyc0Vzekc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYTgzODMtYWFiMC00MzY3LTg5YzMt
OTJiNDdhZGIyYjkwLzEvcDlfZjNRV1ljOHUtaE83MXctalc0a3ZlcktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYTgzODMtYWFiMC00MzY3LTg5YzMtOTJiNDdhZGIyYjkw
LzEvTGwyRjNDVHBmVmdSb3dfMF9YejNyc0Vzekc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUQLAAwQC
uRxkAwQCuYGIAwQEw7XQMA0EAgACMAcDBQMgARXoMA0GCSqGSIb3DQEBCwUAA4IB
AQBKLr8sP4peSPKsHLQL1itXsMgOYThk9whbpcYHlyfeWWCuNsHbvQGBNtWp/PG2
KdruiixzAtLSubNNlQsHupPRx/yscdOg6JFOlwN72PiRgifXRlRnZ0SreqQvkx6o
EcRJ8wiyVkp1+UAyeMXGkd6/k1t3au10NE5Z/ZKbFf8f3IdwytAIbDpxM6gV1QJW
t8CuPVHNL07SMNCqRFr86leNOwq9Sar8Ls1oy6bMQLMN0DBxGRNFqz+JcNXx4AhV
U/Ji9X9ytlbJAAgRfbFPTE+D9FPgh9O+TDlU45TsPcFiBP6dUSU8XxcYZKD/6A91
4gIoEsGF9WSK9hf/zhGPpW4n
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:09 2025 by rpki-client