Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/06uynIA9E1o2rHGun8q4nXPyyTE.roa
File: 06uynIA9E1o2rHGun8q4nXPyyTE.roa (raw, json)
Hash identifier: aBNiiZdcKhZp3Lixy+q+T8iNnbWOs1L45+N3UbNVKHg=
Subject key identifier: D3:AB:B2:9C:80:3D:13:5A:36:AC:71:AE:9F:CA:B8:9D:73:F2:C9:31
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 01919A33F89117F715F641A437538891F2D8
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/06uynIA9E1o2rHGun8q4nXPyyTE.roa
Signing time: Wed 28 Aug 2024 18:16:22 +0000
ROA not before: Wed 28 Aug 2024 18:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56884
IP address blocks: 84.246.111.0/24 maxlen: 24
91.247.178.0/24 maxlen: 24
176.97.213.0/24 maxlen: 24
178.23.188.0/24 maxlen: 24
194.26.223.0/24 maxlen: 24
213.232.252.0/24 maxlen: 24
2a11:a100::/29 maxlen: 29
2a13:8e00::/29 maxlen: 29
2a13:da00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9a:33:f8:91:17:f7:15:f6:41:a4:37:53:88:91:f2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Aug 28 18:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3abb29c803d135a36ac71ae9fcab89d73f2c931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:33:83:1e:86:ba:fd:32:23:44:31:87:48:
b3:e7:7f:c4:c0:06:b2:a8:b4:b6:54:f1:a7:f0:44:
2d:a4:38:bc:a2:4b:09:2b:a7:24:c1:47:0f:18:6c:
3c:49:74:4c:5f:6e:85:24:77:4a:9f:1f:a7:58:ee:
06:18:99:80:32:a0:77:08:57:13:5c:75:79:d8:1e:
a2:12:9b:f7:26:75:35:78:cb:af:65:74:34:0d:12:
fc:1f:10:b2:41:fe:7a:85:ba:ce:c3:95:56:1c:0f:
64:c5:0e:40:f6:74:81:fb:9d:30:7d:ef:f4:bf:fa:
c7:7d:db:7c:d6:24:f4:e4:cd:93:ce:33:23:4d:8a:
07:ba:49:1a:bc:1f:9a:83:9b:96:f1:fe:a2:cf:6d:
09:0c:55:39:b3:1b:40:1c:e9:5e:45:ad:52:5a:a1:
b7:58:b8:38:1a:1b:55:bd:dd:43:fb:50:00:6f:20:
53:8b:6c:e3:46:0a:c7:36:2b:25:8d:dd:c1:0b:04:
1b:d3:c5:d5:e5:c0:8d:c6:d7:f6:76:6f:3c:61:93:
7d:d2:53:46:fb:a9:a1:29:ae:73:23:58:44:08:44:
a2:50:a9:e7:d0:2c:cf:00:b6:57:9a:1b:a9:fa:1b:
25:e3:c2:f6:79:48:e8:13:c7:8e:3a:93:3a:9d:df:
b6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:AB:B2:9C:80:3D:13:5A:36:AC:71:AE:9F:CA:B8:9D:73:F2:C9:31
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/06uynIA9E1o2rHGun8q4nXPyyTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
91.247.178.0/24
176.97.213.0/24
178.23.188.0/24
194.26.223.0/24
213.232.252.0/24
IPv6:
2a11:a100::/29
2a13:8e00::/29
2a13:da00::/29
Signature Algorithm: sha256WithRSAEncryption
7c:8e:6b:0b:96:de:a7:ac:d8:07:44:a7:48:d7:14:9d:75:67:
56:7b:d2:c2:67:af:0f:94:1b:ae:55:8c:3a:a9:39:b1:ce:a1:
fd:f4:02:3a:6a:91:0d:21:96:5d:36:7c:a4:c0:18:a0:b3:81:
75:67:d3:18:89:ef:a7:df:23:d4:ed:0a:03:ef:5b:04:06:a8:
8c:18:80:da:a5:9d:c1:dd:38:98:49:7c:27:2b:cc:16:b7:7a:
47:91:72:1b:20:a9:7d:36:e0:3e:29:c1:5d:87:3d:c8:f5:38:
bd:ca:e3:3c:20:ac:a3:f8:60:bb:02:6c:86:4f:af:f6:8b:28:
5f:f4:66:74:71:d5:4a:62:f9:a7:df:61:5d:31:ee:8d:10:8c:
9b:d9:22:7e:d2:57:23:7b:7b:1e:a2:3b:75:02:02:ac:c5:00:
39:9e:64:9c:9f:51:8f:90:0a:be:91:5c:b3:be:75:c0:13:75:
73:72:12:7c:b2:4e:55:d0:79:ca:57:fb:33:b1:8e:07:20:c1:
0e:02:6c:a8:da:25:a2:01:73:33:bd:8b:92:28:81:19:df:2a:
69:a6:c4:3a:dc:da:e5:5c:d0:08:3d:57:cc:4a:5c:2f:8d:c4:
5e:8a:e9:f6:ef:21:08:5d:92:f3:34:2e:12:d7:82:53:fb:04:
8f:33:2b:8a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZGaM/iRF/cV9kGkN1OIkfLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwODI4MTgxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FiYjI5YzgwM2QxMzVhMzZhYzcxYWU5ZmNhYjg5ZDczZjJjOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxszgx6Guv0yI0Qxh0iz53/EwAay
qLS2VPGn8EQtpDi8oksJK6ckwUcPGGw8SXRMX26FJHdKnx+nWO4GGJmAMqB3CFcT
XHV52B6iEpv3JnU1eMuvZXQ0DRL8HxCyQf56hbrOw5VWHA9kxQ5A9nSB+50wfe/0
v/rHfdt81iT05M2TzjMjTYoHukkavB+ag5uW8f6iz20JDFU5sxtAHOleRa1SWqG3
WLg4GhtVvd1D+1AAbyBTi2zjRgrHNisljd3BCwQb08XV5cCNxtf2dm88YZN90lNG
+6mhKa5zI1hECESiUKnn0CzPALZXmhup+hsl48L2eUjoE8eOOpM6nd+2TwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFNOrspyAPRNaNqxxrp/KuJ1z8skxMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMDZ1eW5JQTlFMW8yckhHdW44cTRuWFB5eVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQAVPZvAwQA
W/eyAwQAsGHVAwQAshe8AwQAwhrfAwQA1ej8MBsEAgACMBUDBQMqEaEAAwUDKhOO
AAMFAyoT2gAwDQYJKoZIhvcNAQELBQADggEBAHyOawuW3qes2AdEp0jXFJ11Z1Z7
0sJnrw+UG65VjDqpObHOof30AjpqkQ0hll02fKTAGKCzgXVn0xiJ76ffI9TtCgPv
WwQGqIwYgNqlncHdOJhJfCcrzBa3ekeRchsgqX024D4pwV2HPcj1OL3K4zwgrKP4
YLsCbIZPr/aLKF/0ZnRx1Upi+affYV0x7o0QjJvZIn7SVyN7ex6iO3UCAqzFADme
ZJyfUY+QCr6RXLO+dcATdXNyEnyyTlXQecpX+zOxjgcgwQ4CbKjaJaIBczO9i5Io
gRnfKmmmxDrc2uVc0Ag9V8xKXC+NxF6K6fbvIQhdkvM0LhLXglP7BI8zK4o=
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:50:15 2025 by rpki-client