Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UUSLhwj0GZbX5iX63I2BCh3Nshc.roa
File: UUSLhwj0GZbX5iX63I2BCh3Nshc.roa (raw, json)
Hash identifier: GLxS00LoqUklaBY3NKoXCS7qATinVUkLSGcAH5pQQcM=
Subject key identifier: 51:44:8B:87:08:F4:19:96:D7:E6:25:FA:DC:8D:81:0A:1D:CD:B2:17
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 04D93501
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UUSLhwj0GZbX5iX63I2BCh3Nshc.roa
Signing time: Thu 07 Apr 2022 19:53:48 +0000
ROA not before: Thu 07 Apr 2022 19:53:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 185.95.158.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81343745 (0x4d93501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 7 19:53:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51448b8708f41996d7e625fadc8d810a1dcdb217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:f2:19:2e:8a:65:1d:b3:f8:e4:20:a6:86:
d1:f3:53:ca:5a:a2:0f:e0:43:29:da:27:34:fe:9e:
c5:e9:27:f2:5d:be:26:aa:ad:19:e8:43:9c:0f:49:
1c:93:2f:c6:c6:dc:ef:db:51:1d:8e:c0:10:4f:28:
4f:e5:e6:05:ee:c1:01:c9:4a:93:95:58:dd:fa:4a:
98:16:09:62:b2:d3:09:9d:9f:90:9e:0d:f8:d2:be:
cf:23:09:bb:b3:ad:4d:94:2e:4c:8e:98:3e:3e:b7:
2a:51:78:6f:64:38:5b:ff:11:e8:72:f3:f3:94:6b:
14:a5:1b:fb:89:39:d1:fc:5c:da:ec:93:00:60:cf:
d6:f9:7c:2e:12:6a:cc:9b:24:06:5b:9c:70:4a:0c:
59:ff:4b:94:b2:2c:4d:04:c9:09:33:de:44:4e:48:
c5:2e:dd:81:12:5c:14:53:ce:d8:52:54:a4:35:bb:
36:90:d5:04:bb:c2:a5:b3:2a:27:a9:dc:7c:f3:fe:
09:b6:cc:13:fb:c0:90:a1:c0:1c:2f:6f:ed:40:49:
bd:72:db:db:9d:56:b8:32:56:48:95:47:a5:30:1d:
6c:7c:61:9b:44:2f:db:12:ff:f0:5a:30:68:ec:48:
51:4c:4d:56:bb:93:37:e5:13:4b:ef:75:d7:6b:82:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:44:8B:87:08:F4:19:96:D7:E6:25:FA:DC:8D:81:0A:1D:CD:B2:17
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UUSLhwj0GZbX5iX63I2BCh3Nshc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.156.0/24
185.95.158.0/24
Signature Algorithm: sha256WithRSAEncryption
25:d6:81:04:e3:d3:c9:71:36:46:ae:26:5a:47:6b:fe:a2:37:
9c:5f:e4:b9:15:ca:cf:a9:8f:ff:f1:d0:90:e0:ef:11:15:c0:
2f:3b:99:b1:30:1e:7c:09:17:6d:29:b1:bb:79:ae:2d:63:3f:
0b:ef:f8:22:1e:f5:ad:43:29:67:d9:4f:9e:b6:76:2a:5a:26:
3e:52:11:8f:4e:e8:67:82:16:de:0c:a9:94:3f:61:0c:ba:9f:
ae:58:be:23:66:d8:e0:8b:65:f1:dd:4f:fe:88:96:ce:81:df:
53:26:95:df:ff:c1:ac:0c:d6:2e:e4:a0:08:93:f3:e2:a4:c2:
c6:5f:64:6a:54:4d:b4:79:32:af:1f:2d:67:79:9a:8d:4d:1b:
3a:77:1c:ea:b2:fb:e9:42:a6:0d:f9:ec:b4:62:6d:e8:ac:6d:
96:ea:e2:1c:e0:73:1d:cc:24:80:6b:10:26:29:8a:54:f7:9f:
eb:91:93:b6:24:b4:6a:b8:4a:c0:42:bd:53:10:86:0f:e9:cb:
6a:35:ae:f1:b8:df:12:ef:b2:9c:5b:49:73:fb:2a:36:42:57:
c6:81:cd:59:84:ae:91:a1:8c:7e:84:05:4a:5b:bd:d0:f3:48:
03:ec:73:8e:d4:f9:e0:ca:3c:95:49:4c:fb:82:b5:0a:50:3f:
02:41:9e:f5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBNk1ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDQw
NzE5NTM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE0NDhiODcwOGY0
MTk5NmQ3ZTYyNWZhZGM4ZDgxMGExZGNkYjIxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6C8hkuimUds/jkIKaG0fNTylqiD+BDKdonNP6exekn8l2+
JqqtGehDnA9JHJMvxsbc79tRHY7AEE8oT+XmBe7BAclKk5VY3fpKmBYJYrLTCZ2f
kJ4N+NK+zyMJu7OtTZQuTI6YPj63KlF4b2Q4W/8R6HLz85RrFKUb+4k50fxc2uyT
AGDP1vl8LhJqzJskBluccEoMWf9LlLIsTQTJCTPeRE5IxS7dgRJcFFPO2FJUpDW7
NpDVBLvCpbMqJ6ncfPP+CbbME/vAkKHAHC9v7UBJvXLb251WuDJWSJVHpTAdbHxh
m0Qv2xL/8FowaOxIUUxNVruTN+UTS+9112uCR98CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRRRIuHCPQZltfmJfrcjYEKHc2yFzAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L1VVU0xod2owR1piWDVpWDYzSTJCQ2gzTnNoYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALlfnAMEALlfnjANBgkqhkiG9w0B
AQsFAAOCAQEAJdaBBOPTyXE2Rq4mWkdr/qI3nF/kuRXKz6mP//HQkODvERXALzuZ
sTAefAkXbSmxu3muLWM/C+/4Ih71rUMpZ9lPnrZ2KlomPlIRj07oZ4IW3gyplD9h
DLqfrli+I2bY4Itl8d1P/oiWzoHfUyaV3//BrAzWLuSgCJPz4qTCxl9kalRNtHky
rx8tZ3majU0bOncc6rL76UKmDfnstGJt6KxtluriHOBzHcwkgGsQJimKVPef65GT
tiS0arhKwEK9UxCGD+nLajWu8bjfEu+ynFtJc/sqNkJXxoHNWYSukaGMfoQFSlu9
0PNIA+xzjtT54Mo8lUlM+4K1ClA/AkGe9Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:04 2025 by rpki-client