Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1rps1poIePwTCZJSPyGaHYW3tnY.roa
File: 1rps1poIePwTCZJSPyGaHYW3tnY.roa (raw, json)
Hash identifier: Fj7c1vIwABS3Hr4hlbz/7hMjhdSX/8hIQUWyay2wmSU=
Subject key identifier: D6:BA:6C:D6:9A:08:78:FC:13:09:92:52:3F:21:9A:1D:85:B7:B6:76
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01856F022B80D22C3F66701ACDC6E830CB30
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1rps1poIePwTCZJSPyGaHYW3tnY.roa
Signing time: Sun 01 Jan 2023 20:24:51 +0000
ROA not before: Sun 01 Jan 2023 20:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 93.115.155.0/24 maxlen: 24
217.19.1.0/24 maxlen: 24
185.77.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2b:80:d2:2c:3f:66:70:1a:cd:c6:e8:30:cb:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 20:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6ba6cd69a0878fc130992523f219a1d85b7b676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1e:9f:a3:0d:3d:42:47:8d:fd:b6:00:4b:2d:
25:18:8f:6a:d4:db:26:3d:ac:f1:1e:fc:a3:8e:9d:
52:4a:3e:74:d3:00:fb:94:30:d1:17:38:61:96:23:
ad:69:c7:b8:a0:8e:55:cc:4a:0b:96:57:02:f0:78:
c8:60:b8:19:71:fc:9e:53:e8:f2:d7:bc:f9:25:9d:
22:b5:9b:ab:3c:0b:1e:74:47:42:01:c1:a7:60:79:
5f:82:0a:c4:3a:ed:c9:cc:ed:4e:03:da:0e:07:bc:
85:7e:ae:d2:8b:0d:51:c5:ce:12:7a:0e:82:7d:67:
5b:e1:a5:03:23:64:a2:4f:62:c6:c1:3e:e9:65:33:
d0:53:2e:58:55:9a:db:73:53:f3:5c:d1:c4:27:f3:
66:34:02:91:33:ec:5b:a5:8e:c9:db:fd:f3:1d:aa:
22:3f:ec:ed:e1:54:bd:16:a4:74:d5:a1:e3:7d:04:
fe:29:b2:d6:f5:6f:7d:08:41:d5:59:a7:25:cc:9e:
9b:2f:27:4b:eb:e8:e3:68:be:e8:e0:54:23:7b:59:
b0:5e:f4:72:7a:2f:bc:11:f8:f5:1d:6b:f3:a1:67:
92:67:ac:88:94:49:ac:6b:96:52:3a:b5:c3:3c:5c:
91:38:a8:d2:0e:87:4c:f7:14:f7:5a:e9:0c:12:3f:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BA:6C:D6:9A:08:78:FC:13:09:92:52:3F:21:9A:1D:85:B7:B6:76
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1rps1poIePwTCZJSPyGaHYW3tnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.155.0/24
185.77.249.0/24
217.19.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:38:5d:82:2a:73:fb:b2:94:30:50:3e:ce:aa:4e:3f:7b:0b:
90:cf:e4:4a:06:ee:12:2d:4f:76:8f:fc:6f:e6:e9:f1:5d:4c:
62:df:23:e3:db:91:c4:a8:4c:55:1a:2c:3d:c2:21:e9:56:9c:
83:d0:19:05:ac:e1:66:9e:3b:4a:d4:04:b3:92:ef:a5:fa:61:
c5:0d:2b:a5:d8:e0:a1:3b:fe:7a:a2:9c:6b:ca:b8:f6:0c:cc:
a4:f9:57:b2:54:a4:5d:74:2b:ff:97:69:39:e6:87:77:4f:6f:
93:9d:70:a9:a2:3e:8b:47:c2:c3:ed:49:35:d9:e2:c4:d8:06:
92:ac:50:26:76:8e:33:b2:10:95:c5:29:67:24:f6:e6:b8:6e:
0a:94:20:79:7d:47:59:c2:6b:bc:16:19:5b:0e:51:63:32:ab:
7d:ef:12:16:c0:c5:71:f5:85:8d:61:a1:d1:fe:fb:16:d8:54:
de:4c:21:ce:f5:5f:f3:9c:92:28:be:a5:0b:fb:90:1e:38:36:
7d:6b:1f:4b:3a:16:6e:ba:bb:c6:92:f6:52:2e:20:8b:fa:b8:
94:b9:80:89:68:08:97:8e:8c:b0:8d:ed:6d:38:4e:d0:e2:cf:
d6:9e:7e:05:aa:ef:b4:2a:b6:71:92:8a:46:97:2b:7f:22:aa:
11:8d:95:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvAiuA0iw/ZnAazcboMMswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMTAxMjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmJhNmNkNjlhMDg3OGZjMTMwOTkyNTIzZjIxOWExZDg1YjdiNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR6fow09QkeN/bYASy0lGI9q1Nsm
PazxHvyjjp1SSj500wD7lDDRFzhhliOtace4oI5VzEoLllcC8HjIYLgZcfyeU+jy
17z5JZ0itZurPAsedEdCAcGnYHlfggrEOu3JzO1OA9oOB7yFfq7Siw1Rxc4Seg6C
fWdb4aUDI2SiT2LGwT7pZTPQUy5YVZrbc1PzXNHEJ/NmNAKRM+xbpY7J2/3zHaoi
P+zt4VS9FqR01aHjfQT+KbLW9W99CEHVWaclzJ6bLydL6+jjaL7o4FQje1mwXvRy
ei+8Efj1HWvzoWeSZ6yIlEmsa5ZSOrXDPFyROKjSDodM9xT3WukMEj98xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNa6bNaaCHj8EwmSUj8hmh2Ft7Z2MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMXJwczFwb0llUHdUQ1pKU1B5R2FIWVczdG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXObAwQA
uU35AwQA2RMBMA0GCSqGSIb3DQEBCwUAA4IBAQAaOF2CKnP7spQwUD7Oqk4/ewuQ
z+RKBu4SLU92j/xv5unxXUxi3yPj25HEqExVGiw9wiHpVpyD0BkFrOFmnjtK1ASz
ku+l+mHFDSul2OChO/56opxryrj2DMyk+VeyVKRddCv/l2k55od3T2+TnXCpoj6L
R8LD7Uk12eLE2AaSrFAmdo4zshCVxSlnJPbmuG4KlCB5fUdZwmu8FhlbDlFjMqt9
7xIWwMVx9YWNYaHR/vsW2FTeTCHO9V/znJIovqUL+5AeODZ9ax9LOhZuurvGkvZS
LiCL+riUuYCJaAiXjoywje1tOE7Q4s/Wnn4Fqu+0KrZxkopGlyt/IqoRjZUB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:13 2025 by rpki-client