Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/G9eGHVDTj16u5aAo_TaVwW0XYSM.roa
File: G9eGHVDTj16u5aAo_TaVwW0XYSM.roa (raw, json)
Hash identifier: HtOSbS9TdWF9ZyD0fSwmEqnXzA6qQ9i8HuOcxUlnd10=
Subject key identifier: 1B:D7:86:1D:50:D3:8F:5E:AE:E5:A0:28:FD:36:95:C1:6D:17:61:23
Certificate issuer: /CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Certificate serial: 018CC8DE75E904525C2957219D6BEF90EC55
Authority key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/G9eGHVDTj16u5aAo_TaVwW0XYSM.roa
Signing time: Tue 02 Jan 2024 06:31:11 +0000
ROA not before: Tue 02 Jan 2024 06:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212138
IP address blocks: 192.145.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:75:e9:04:52:5c:29:57:21:9d:6b:ef:90:ec:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Validity
Not Before: Jan 2 06:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bd7861d50d38f5eaee5a028fd3695c16d176123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f9:af:1e:c4:11:7d:43:df:66:ec:30:63:bd:
97:0c:6e:f2:e2:18:fe:51:8b:28:64:7f:14:5b:b1:
b6:cf:db:45:40:36:7f:40:40:71:04:5d:4f:3a:fd:
38:2a:f9:09:7a:6d:e7:95:84:4d:85:55:7a:06:6d:
de:e2:62:6c:fd:ae:16:a2:69:60:cb:a9:e6:9e:13:
9e:64:cf:95:89:79:82:c1:fa:d4:37:cf:3a:75:36:
bb:88:51:c7:7d:c9:61:1b:e7:37:5d:ea:59:ed:38:
1f:4b:4d:86:9d:0d:fd:01:3d:de:a9:dd:49:59:54:
ea:79:69:ad:cb:fc:84:65:94:17:66:e4:44:85:0c:
4b:a4:38:d8:b1:d8:78:27:16:0a:d4:76:f5:e2:51:
ad:75:11:af:96:96:33:e4:68:40:8a:7d:4b:7d:e6:
68:05:33:75:46:22:f1:bd:c6:85:d6:fc:6a:3e:82:
63:cf:99:6a:11:4e:28:fd:38:f7:8c:f9:d3:c3:30:
2d:2c:f9:15:c5:e9:53:3f:c6:f7:1f:c8:4f:ac:aa:
bc:cb:f1:cd:00:e9:55:aa:28:8c:f9:57:72:32:63:
8e:6f:7e:f0:95:62:a7:96:12:50:65:e8:2c:bd:e7:
4c:18:0a:4f:73:eb:b5:f1:b9:21:a4:2a:00:b3:0c:
89:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D7:86:1D:50:D3:8F:5E:AE:E5:A0:28:FD:36:95:C1:6D:17:61:23
X509v3 Authority Key Identifier:
keyid:4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/G9eGHVDTj16u5aAo_TaVwW0XYSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.104.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:47:10:fe:20:c8:81:28:16:4e:1e:81:f4:b2:ee:4c:f5:22:
f4:25:49:b2:dd:bb:62:78:2d:1d:d9:69:10:1e:5a:b9:dc:46:
80:1c:52:f8:23:eb:1f:9a:a4:d4:22:7b:13:43:80:08:45:d4:
8a:ec:07:62:17:d3:5b:d3:93:52:bb:30:1a:43:1e:85:f0:be:
db:db:75:b2:3a:43:d7:ea:1c:e1:d1:07:26:6d:af:07:ce:da:
c3:7e:4e:4b:38:a1:e8:7b:92:ba:90:cf:01:66:8e:54:a6:e3:
b7:7c:ef:06:bb:d5:a2:b3:63:d0:f0:ed:33:37:b1:45:c9:ed:
cc:60:3b:7b:7a:7c:b5:45:b6:b9:08:09:06:54:02:2b:a9:6c:
0a:7a:9d:af:9f:23:98:9a:e3:4a:b3:67:64:0f:61:25:7d:80:
01:43:1f:3d:fb:3a:30:d5:04:e7:05:7f:9d:d0:df:1a:fc:ab:
ca:30:77:cd:4f:ca:2f:76:ce:8b:10:10:da:92:21:71:3b:a0:
80:18:e9:81:a9:79:6e:b3:ee:a5:ee:bc:7b:c6:88:dd:44:73:
6c:69:36:a5:12:af:4b:d4:a5:2d:cc:92:85:0c:71:52:2e:a5:
ae:8c:ab:c5:ae:19:2e:58:9c:35:b7:46:e6:ae:38:52:6d:7c:
64:cc:09:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3nXpBFJcKVchnWvvkOxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzIwNjZkN2U2Y2E4YWQyZmZhNjJhNjliMDY3OTIzYTQy
ZGY5NmYwHhcNMjQwMTAyMDYzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ3ODYxZDUwZDM4ZjVlYWVlNWEwMjhmZDM2OTVjMTZkMTc2MTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/mvHsQRfUPfZuwwY72XDG7y4hj+
UYsoZH8UW7G2z9tFQDZ/QEBxBF1POv04KvkJem3nlYRNhVV6Bm3e4mJs/a4Womlg
y6nmnhOeZM+ViXmCwfrUN886dTa7iFHHfclhG+c3XepZ7TgfS02GnQ39AT3eqd1J
WVTqeWmty/yEZZQXZuREhQxLpDjYsdh4JxYK1Hb14lGtdRGvlpYz5GhAin1LfeZo
BTN1RiLxvcaF1vxqPoJjz5lqEU4o/Tj3jPnTwzAtLPkVxelTP8b3H8hPrKq8y/HN
AOlVqiiM+VdyMmOOb37wlWKnlhJQZegsvedMGApPc+u18bkhpCoAswyJCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvXhh1Q049eruWgKP02lcFtF2EjMB8GA1UdIwQY
MBaAFEtyBm1+bKitL/pippsGeSOkLflvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQt
MWY2OTkxODc3YjI2LzEvRzllR0hWRFRqMTZ1NWFBb19UYVZ3VzBYWVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQtMWY2OTkxODc3YjI2
LzEvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMA0G
CSqGSIb3DQEBCwUAA4IBAQAdRxD+IMiBKBZOHoH0su5M9SL0JUmy3btieC0d2WkQ
Hlq53EaAHFL4I+sfmqTUInsTQ4AIRdSK7AdiF9Nb05NSuzAaQx6F8L7b23WyOkPX
6hzh0Qcmba8HztrDfk5LOKHoe5K6kM8BZo5UpuO3fO8Gu9Wis2PQ8O0zN7FFye3M
YDt7eny1Rba5CAkGVAIrqWwKep2vnyOYmuNKs2dkD2ElfYABQx89+zow1QTnBX+d
0N8a/KvKMHfNT8ovds6LEBDakiFxO6CAGOmBqXlus+6l7rx7xojdRHNsaTalEq9L
1KUtzJKFDHFSLqWujKvFrhkuWJw1t0bmrjhSbXxkzAk7
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:23 2024 by rpki-client on console.sobornost.net