Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/00Qw5l6rJ5016a7vhVdHQvg32wc.roa
File: 00Qw5l6rJ5016a7vhVdHQvg32wc.roa (raw, json)
Hash identifier: KAI0svhpQLU3KrnnxHihBRbLPvn8kfLZVN+jCqL6s1k=
Subject key identifier: D3:44:30:E6:5E:AB:27:9D:35:E9:AE:EF:85:57:47:42:F8:37:DB:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748830710F4074DE03F6DBA4F977CC8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/00Qw5l6rJ5016a7vhVdHQvg32wc.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 192.121.82.0/24 maxlen: 24
192.121.247.0/24 maxlen: 24
193.234.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:83:07:10:f4:07:4d:e0:3f:6d:ba:4f:97:7c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d34430e65eab279d35e9aeef85574742f837db07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ee:06:1d:d4:62:43:ca:95:eb:bb:dd:27:d1:
27:cb:42:70:03:c1:1d:a0:bb:ee:3b:2d:cd:11:85:
34:c2:e2:66:23:00:b8:56:87:de:83:94:24:e4:fb:
92:ea:17:42:4e:47:db:b4:d8:76:f5:18:19:7c:44:
1f:ad:fc:c6:d0:97:aa:7d:f4:d3:ab:50:ba:90:7c:
7c:80:8a:e5:03:0f:be:2a:c0:30:3c:62:f0:1c:8c:
12:33:07:e5:63:eb:02:ae:43:74:6d:82:8c:b8:d3:
f5:77:d6:d0:da:4a:b0:2d:e3:41:74:da:02:5f:ec:
39:28:e2:ae:89:8f:40:7f:dd:2a:6b:a7:8c:3c:dd:
aa:33:05:8d:01:f0:e2:57:8d:a3:e3:a3:ca:82:f1:
e6:57:ad:d5:31:70:7d:9d:57:b8:27:8b:2c:c7:8f:
a6:25:b8:ad:b9:6b:eb:69:d0:d1:95:76:41:1b:b9:
65:db:52:b2:ea:94:bb:ca:34:36:f2:f6:dd:1c:38:
0d:ee:32:7d:21:47:e8:5d:cd:62:c1:d9:b7:03:77:
97:64:1b:5e:2f:3a:a9:c6:14:fe:dc:dd:4d:cc:0a:
f5:b0:11:22:83:ad:0a:17:56:54:b7:e9:5d:6f:a0:
55:43:a6:a7:c3:e8:f7:ed:a6:9c:91:ab:4e:4d:6a:
a3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:44:30:E6:5E:AB:27:9D:35:E9:AE:EF:85:57:47:42:F8:37:DB:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/00Qw5l6rJ5016a7vhVdHQvg32wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.82.0/24
192.121.247.0/24
193.234.55.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:85:ca:24:30:ae:54:95:ad:19:47:55:8a:79:b2:61:39:67:
50:d3:c3:43:5f:60:da:98:1f:2c:c7:00:2e:ac:48:8d:78:40:
6e:0e:2f:a0:12:8a:7d:bf:41:e3:45:b0:a7:8d:5c:e9:dc:c1:
f2:c4:07:6a:e6:eb:de:c1:38:c7:81:e7:5c:51:2c:d7:7e:3c:
f8:ae:74:7c:63:8e:72:64:89:1c:72:f3:b9:af:01:73:53:be:
45:b8:6e:dd:a4:cf:2f:6d:06:d6:6b:cb:c9:6a:6a:52:b6:39:
70:18:49:69:96:53:15:43:8e:ea:e0:7e:3f:19:f4:f9:32:37:
dd:8c:8a:d2:3f:a0:21:e2:49:8c:da:7a:1e:21:d9:07:e5:8f:
8c:2a:db:d7:08:8a:0a:f8:df:10:7d:e4:a2:f8:db:85:b8:3b:
9b:22:87:a6:23:fc:ff:43:9b:0c:48:96:e3:bc:10:e2:c0:a3:
84:e2:9e:30:96:5c:ea:24:ec:6b:3b:74:6a:26:30:76:2f:2d:
97:5a:f9:1a:e8:ae:7f:62:f9:8c:71:17:1d:82:52:48:8a:a9:
f6:d7:85:ed:9a:35:a4:e4:41:83:2d:84:a1:df:ee:5e:a2:62:
1a:5d:b5:83:28:79:87:a2:ac:a4:00:83:8d:37:ec:1b:e6:85:
08:a3:ac:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSIMHEPQHTeA/bbpPl3zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ0MzBlNjVlYWIyNzlkMzVlOWFlZWY4NTU3NDc0MmY4MzdkYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu4GHdRiQ8qV67vdJ9Eny0JwA8Ed
oLvuOy3NEYU0wuJmIwC4Vofeg5Qk5PuS6hdCTkfbtNh29RgZfEQfrfzG0JeqffTT
q1C6kHx8gIrlAw++KsAwPGLwHIwSMwflY+sCrkN0bYKMuNP1d9bQ2kqwLeNBdNoC
X+w5KOKuiY9Af90qa6eMPN2qMwWNAfDiV42j46PKgvHmV63VMXB9nVe4J4ssx4+m
JbituWvradDRlXZBG7ll21Ky6pS7yjQ28vbdHDgN7jJ9IUfoXc1iwdm3A3eXZBte
LzqpxhT+3N1NzAr1sBEig60KF1ZUt+ldb6BVQ6anw+j37aackatOTWqjFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNNEMOZeqyedNemu74VXR0L4N9sHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMDBRdzVsNnJKNTAxNmE3dmhWZEhRdmczMndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHlSAwQA
wHn3AwQAweo3MA0GCSqGSIb3DQEBCwUAA4IBAQC4hcokMK5Ula0ZR1WKebJhOWdQ
08NDX2DamB8sxwAurEiNeEBuDi+gEop9v0HjRbCnjVzp3MHyxAdq5uvewTjHgedc
USzXfjz4rnR8Y45yZIkccvO5rwFzU75FuG7dpM8vbQbWa8vJampStjlwGElpllMV
Q47q4H4/GfT5MjfdjIrSP6Ah4kmM2noeIdkH5Y+MKtvXCIoK+N8QfeSi+NuFuDub
IoemI/z/Q5sMSJbjvBDiwKOE4p4wllzqJOxrO3RqJjB2Ly2XWvka6K5/YvmMcRcd
glJIiqn214XtmjWk5EGDLYSh3+5eomIaXbWDKHmHoqykAIONN+wb5oUIo6xm
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:13:47 2025 by rpki-client