Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/m5SB2Yl8GV5M8IArGz6we-2SkGQ.roa
File: m5SB2Yl8GV5M8IArGz6we-2SkGQ.roa (raw, json)
Hash identifier: jds1OkLvAwsjnsT6rW2+EEau8lqakNyokYQurzMob3A=
Subject key identifier: 9B:94:81:D9:89:7C:19:5E:4C:F0:80:2B:1B:3E:B0:7B:ED:92:90:64
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018E07C3AE9C58A4427B0857E58CF1428F1D
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/m5SB2Yl8GV5M8IArGz6we-2SkGQ.roa
Signing time: Mon 04 Mar 2024 04:40:48 +0000
ROA not before: Mon 04 Mar 2024 04:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 84.234.16.0/20 maxlen: 24
194.58.64.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
195.133.202.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:07:c3:ae:9c:58:a4:42:7b:08:57:e5:8c:f1:42:8f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 4 04:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b9481d9897c195e4cf0802b1b3eb07bed929064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fc:2d:6c:e5:97:a2:11:05:e6:c5:12:8c:93:
84:45:89:29:fd:58:a6:c5:03:71:fa:fd:11:9b:0a:
d8:d7:58:69:8d:af:76:86:83:f9:17:7c:56:0e:0f:
45:19:56:46:d3:39:df:46:65:95:54:0d:74:53:cb:
1f:82:e9:21:9a:c5:bd:50:e1:40:9c:9e:c2:a4:08:
3c:71:a9:51:75:49:1e:de:f0:5c:b7:a0:86:14:c5:
2b:c0:81:09:f7:38:ed:28:9e:3d:e5:7e:f4:df:ab:
03:25:89:65:d8:47:42:ef:a7:20:16:09:af:0f:d6:
3d:fb:3d:6d:20:6d:71:f5:c0:7f:eb:f6:0b:23:06:
3b:90:14:4b:88:8d:35:4b:cc:d8:ec:ab:98:1e:0a:
f0:9d:78:f3:e5:a6:d0:b1:cb:05:4f:52:0c:b9:df:
81:05:8a:3f:c7:fb:4e:ad:fb:22:98:62:5c:e8:0c:
1f:17:3e:55:8f:bf:94:fb:51:b3:d5:93:47:b5:76:
e2:14:7e:14:90:46:6c:b6:35:9c:79:25:3e:33:81:
3e:75:88:29:b9:9e:32:74:4a:dc:24:55:2a:59:93:
f9:ef:3b:85:cc:fb:6e:af:90:54:65:b8:d8:39:b0:
f2:d5:df:e0:1c:1b:a8:26:ce:84:53:f4:01:c4:02:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:94:81:D9:89:7C:19:5E:4C:F0:80:2B:1B:3E:B0:7B:ED:92:90:64
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/m5SB2Yl8GV5M8IArGz6we-2SkGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.16.0/20
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:8e:c1:30:75:d3:b9:ca:31:9a:f6:6d:f9:00:ef:90:e2:cd:
5a:48:df:64:8f:1a:92:32:53:a6:66:7d:0c:53:aa:69:b4:aa:
8b:bf:d8:14:6c:58:0b:ff:fd:dd:65:ab:5b:a8:b1:a5:aa:40:
10:f8:18:8f:b4:9f:56:04:ef:f0:9f:6d:67:ab:20:75:16:d1:
aa:8c:e3:4b:05:89:a7:84:96:49:84:7d:71:81:1e:ae:c6:09:
9c:eb:65:28:1e:04:43:1c:e8:72:a7:28:22:8e:a5:e0:0f:0f:
d8:7e:3e:ab:19:34:6a:68:50:b0:b0:48:7b:01:c1:c9:af:b0:
b8:14:b7:27:9c:f4:59:58:9d:09:70:38:cb:1a:32:d0:8c:c4:
8d:d8:1c:1a:df:cb:e1:7c:e6:8f:f9:85:4f:bf:d9:62:ef:8b:
d5:e9:33:9d:4a:ec:ed:d4:63:02:24:7a:07:77:a1:f9:71:76:
54:e6:8f:85:86:e9:42:86:91:62:7d:75:14:80:a6:50:fa:ed:
43:c1:54:cf:05:41:b8:fe:2e:c3:7e:f1:29:cb:73:1d:07:d0:
78:e8:40:a1:c2:6a:f2:e8:18:ae:e1:3d:47:0b:ab:60:57:c4:
5f:f4:cf:da:db:df:b1:d4:be:df:55:c9:e5:5c:84:eb:61:5c:
19:dc:52:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4Hw66cWKRCewhX5YzxQo8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMzA0MDQ0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk0ODFkOTg5N2MxOTVlNGNmMDgwMmIxYjNlYjA3YmVkOTI5MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPwtbOWXohEF5sUSjJOERYkp/Vim
xQNx+v0RmwrY11hpja92hoP5F3xWDg9FGVZG0znfRmWVVA10U8sfgukhmsW9UOFA
nJ7CpAg8calRdUke3vBct6CGFMUrwIEJ9zjtKJ495X7036sDJYll2EdC76cgFgmv
D9Y9+z1tIG1x9cB/6/YLIwY7kBRLiI01S8zY7KuYHgrwnXjz5abQscsFT1IMud+B
BYo/x/tOrfsimGJc6AwfFz5Vj7+U+1Gz1ZNHtXbiFH4UkEZstjWceSU+M4E+dYgp
uZ4ydErcJFUqWZP57zuFzPtur5BUZbjYObDy1d/gHBuoJs6EU/QBxAJSuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJuUgdmJfBleTPCAKxs+sHvtkpBkMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvbTVTQjJZbDhHVjVNOElBckd6NndlLTJTa0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEVOoQAwQB
wjpAAwQDwlhgAwQBw4XKMA0GCSqGSIb3DQEBCwUAA4IBAQBejsEwddO5yjGa9m35
AO+Q4s1aSN9kjxqSMlOmZn0MU6pptKqLv9gUbFgL//3dZatbqLGlqkAQ+BiPtJ9W
BO/wn21nqyB1FtGqjONLBYmnhJZJhH1xgR6uxgmc62UoHgRDHOhypygijqXgDw/Y
fj6rGTRqaFCwsEh7AcHJr7C4FLcnnPRZWJ0JcDjLGjLQjMSN2Bwa38vhfOaP+YVP
v9li74vV6TOdSuzt1GMCJHoHd6H5cXZU5o+FhulChpFifXUUgKZQ+u1DwVTPBUG4
/i7DfvEpy3MdB9B46EChwmry6Biu4T1HC6tgV8Rf9M/a29+x1L7fVcnlXITrYVwZ
3FL6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:46 2025 by rpki-client