Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/udnAhIFlbq2S2sjdf5nnOSx9QkA.roa
File: udnAhIFlbq2S2sjdf5nnOSx9QkA.roa (raw, json)
Hash identifier: zc/Q0cplRTbtOhJrHRGvCFPWd8RjkR9v+W88CUKBN00=
Subject key identifier: B9:D9:C0:84:81:65:6E:AD:92:DA:C8:DD:7F:99:E7:39:2C:7D:42:40
Certificate issuer: /CN=b5cafe1e3aea2f6d911ed107a08aafee979a4f51
Certificate serial: 0193D8CBE93D17EA6D9D90B57084948346D1
Authority key identifier: B5:CA:FE:1E:3A:EA:2F:6D:91:1E:D1:07:A0:8A:AF:EE:97:9A:4F:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcr-HjrqL22RHtEHoIqv7peaT1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/udnAhIFlbq2S2sjdf5nnOSx9QkA.roa
Signing time: Wed 18 Dec 2024 08:04:22 +0000
ROA not before: Wed 18 Dec 2024 08:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3223
IP address blocks: 195.234.0.0/24 maxlen: 24
195.234.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:cb:e9:3d:17:ea:6d:9d:90:b5:70:84:94:83:46:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5cafe1e3aea2f6d911ed107a08aafee979a4f51
Validity
Not Before: Dec 18 08:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9d9c08481656ead92dac8dd7f99e7392c7d4240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a8:fa:2c:ff:43:1a:51:07:33:25:56:da:fa:
5d:ac:e0:b5:4a:52:20:27:ea:b3:57:92:ac:34:de:
b9:49:32:de:e2:f0:2b:82:5c:55:37:55:26:ed:0c:
58:15:e2:19:b8:54:fb:0c:18:d1:f4:b9:cf:7e:34:
49:6f:79:bc:49:f7:b4:86:e5:23:a7:92:f3:68:55:
de:58:74:70:ff:71:1a:3a:31:f7:13:69:23:7e:60:
85:2c:0f:fa:13:5e:36:dc:70:a2:90:18:c6:ce:27:
56:23:28:ae:7f:ac:a5:31:a2:6d:d1:b0:8f:2b:66:
92:36:54:6d:6d:40:3b:8d:28:02:3a:51:20:01:92:
b3:0a:45:12:a6:88:b2:f0:37:66:94:2e:54:2b:d3:
dd:57:b4:e2:c8:8c:71:96:7d:02:a4:3f:5a:47:19:
f3:bc:65:16:b8:41:79:44:5b:22:89:39:a1:7a:7f:
c0:1a:16:08:5c:0b:dd:c0:98:1a:5c:6a:4e:2a:98:
68:cd:02:d0:b5:9d:ed:66:74:e4:ea:d2:4c:4a:9b:
70:34:86:e8:2a:40:9d:48:17:96:10:8e:c2:81:3f:
7a:fd:54:26:f1:21:11:c8:8d:36:47:56:be:d5:e8:
79:fd:19:b8:84:04:45:b6:c5:ee:e4:65:14:89:f6:
49:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D9:C0:84:81:65:6E:AD:92:DA:C8:DD:7F:99:E7:39:2C:7D:42:40
X509v3 Authority Key Identifier:
keyid:B5:CA:FE:1E:3A:EA:2F:6D:91:1E:D1:07:A0:8A:AF:EE:97:9A:4F:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcr-HjrqL22RHtEHoIqv7peaT1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/udnAhIFlbq2S2sjdf5nnOSx9QkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/tcr-HjrqL22RHtEHoIqv7peaT1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.0.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:45:84:14:7a:ff:19:28:f1:55:7c:d1:68:43:ad:95:0e:ad:
d3:8a:97:7b:98:d4:60:be:ec:aa:9a:62:4e:6d:82:63:f1:fa:
a0:ee:8b:25:43:d8:ff:ce:f9:fe:3a:ec:5b:f7:01:4f:30:18:
54:f7:5a:7b:c8:10:57:22:c1:2b:8d:1a:56:7e:a9:08:a1:5e:
16:df:10:70:41:91:37:8c:aa:13:dd:2a:79:94:8c:1a:45:f6:
36:07:6e:25:b7:f3:03:1f:8f:3d:7a:36:83:bc:56:9a:ce:d6:
f5:29:c6:18:13:69:51:80:db:43:be:f8:78:be:dc:06:33:12:
b8:2b:bb:f6:7e:a7:86:34:7d:79:1b:20:e7:d6:a8:8e:70:e6:
5c:dd:f9:5c:9f:de:19:6b:fd:4c:86:cd:c2:36:05:f9:98:44:
15:a2:f9:f2:81:9c:35:e7:20:19:9c:81:0d:8f:e2:32:37:a7:
fe:22:69:f2:69:a4:fd:6c:cb:eb:23:28:c9:b9:51:40:09:bb:
fc:94:f8:cc:bb:83:18:91:ee:ed:4c:2f:5b:4e:86:ce:d7:3f:
6f:85:be:6a:5f:45:8f:39:de:fb:0d:3c:71:46:d8:d2:ff:28:
b7:3a:ad:ec:4e:9f:17:f0:7e:e3:3a:32:2a:74:0f:9c:e4:b6:
f9:5f:86:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPYy+k9F+ptnZC1cISUg0bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Y2FmZTFlM2FlYTJmNmQ5MTFlZDEwN2EwOGFhZmVlOTc5
YTRmNTEwHhcNMjQxMjE4MDgwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ5YzA4NDgxNjU2ZWFkOTJkYWM4ZGQ3Zjk5ZTczOTJjN2Q0MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKj6LP9DGlEHMyVW2vpdrOC1SlIg
J+qzV5KsNN65STLe4vArglxVN1Um7QxYFeIZuFT7DBjR9LnPfjRJb3m8Sfe0huUj
p5LzaFXeWHRw/3EaOjH3E2kjfmCFLA/6E1423HCikBjGzidWIyiuf6ylMaJt0bCP
K2aSNlRtbUA7jSgCOlEgAZKzCkUSpoiy8DdmlC5UK9PdV7TiyIxxln0CpD9aRxnz
vGUWuEF5RFsiiTmhen/AGhYIXAvdwJgaXGpOKphozQLQtZ3tZnTk6tJMSptwNIbo
KkCdSBeWEI7CgT96/VQm8SERyI02R1a+1eh5/Rm4hARFtsXu5GUUifZJbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnZwISBZW6tktrI3X+Z5zksfUJAMB8GA1UdIwQY
MBaAFLXK/h466i9tkR7RB6CKr+6Xmk9RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNyLUhqcnFMMjJSSHRFSG9JcXY3cGVhVDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83N2Y5OWMtMzVjYi00N2E2LWJhYzMt
Y2FiYTgxYzlhMTUyLzEvdWRuQWhJRmxicTJTMnNqZGY1bm5PU3g5UWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83N2Y5OWMtMzVjYi00N2E2LWJhYzMtY2FiYTgxYzlhMTUy
LzEvdGNyLUhqcnFMMjJSSHRFSG9JcXY3cGVhVDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+oAMA0G
CSqGSIb3DQEBCwUAA4IBAQAfRYQUev8ZKPFVfNFoQ62VDq3Tipd7mNRgvuyqmmJO
bYJj8fqg7oslQ9j/zvn+Ouxb9wFPMBhU91p7yBBXIsErjRpWfqkIoV4W3xBwQZE3
jKoT3Sp5lIwaRfY2B24lt/MDH489ejaDvFaaztb1KcYYE2lRgNtDvvh4vtwGMxK4
K7v2fqeGNH15GyDn1qiOcOZc3flcn94Za/1Mhs3CNgX5mEQVovnygZw15yAZnIEN
j+IyN6f+ImnyaaT9bMvrIyjJuVFACbv8lPjMu4MYke7tTC9bTobO1z9vhb5qX0WP
Od77DTxxRtjS/yi3Oq3sTp8X8H7jOjIqdA+c5Lb5X4YN
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:43:49 2025 by rpki-client