Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/u5cM_QOizpw-qJJPqONMvmbrpo8.roa
File: u5cM_QOizpw-qJJPqONMvmbrpo8.roa (raw, json)
Hash identifier: GZfhlRyj3hdFyyCNQhpcV7zv1K17zHPhBmiPFi/AntI=
Subject key identifier: BB:97:0C:FD:03:A2:CE:9C:3E:A8:92:4F:A8:E3:4C:BE:66:EB:A6:8F
Certificate issuer: /CN=6987d47935e1137d544426db5288e12a9c025ac2
Certificate serial: 019421B25591C152DB12A5BA262147126F61
Authority key identifier: 69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/u5cM_QOizpw-qJJPqONMvmbrpo8.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.84.4.0/24 maxlen: 24
193.84.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:55:91:c1:52:db:12:a5:ba:26:21:47:12:6f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d47935e1137d544426db5288e12a9c025ac2
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb970cfd03a2ce9c3ea8924fa8e34cbe66eba68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:67:02:9e:79:98:ae:89:3d:65:1d:76:80:ef:
6e:91:01:88:d2:0f:09:1c:0f:0b:15:ea:e8:b5:88:
7b:8a:2e:5f:7e:fd:7e:96:4a:d2:e0:f3:d6:c6:6d:
e6:5b:86:d4:aa:64:45:fe:c7:c8:91:4c:69:d9:10:
93:cc:a3:79:bf:77:1e:b1:5f:41:bd:b0:f0:33:a3:
54:99:07:74:94:77:64:bf:78:0d:9d:1a:eb:31:72:
cd:f8:76:9f:fb:45:26:5f:7b:cc:aa:c0:c0:1b:4b:
5b:ea:22:e9:bc:f5:b3:6c:bc:ba:f8:29:5c:25:c9:
17:2e:19:c1:33:0d:8c:49:42:98:8c:2d:65:78:3e:
69:97:26:15:36:af:1f:46:ba:0b:e2:ac:a7:45:a2:
79:80:15:fc:b6:88:61:f2:0b:38:65:97:13:a7:c4:
26:08:dc:80:62:23:1c:f7:00:a7:37:a5:05:d8:34:
1d:27:25:77:7e:2f:89:71:ba:e2:d8:f2:e0:1f:21:
7e:3c:98:f9:23:df:c7:7e:01:39:8f:fd:d6:64:a1:
fc:b6:bf:fb:35:82:84:64:42:12:78:37:60:9a:56:
1d:13:e4:f8:93:8c:af:e3:3e:1d:81:b8:71:b2:6c:
08:e8:09:53:b8:72:ee:db:e4:33:b6:e5:49:fe:eb:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:97:0C:FD:03:A2:CE:9C:3E:A8:92:4F:A8:E3:4C:BE:66:EB:A6:8F
X509v3 Authority Key Identifier:
keyid:69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/u5cM_QOizpw-qJJPqONMvmbrpo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.4.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:f1:d7:36:8e:c5:9a:1b:39:f0:04:90:6a:e6:e7:89:66:20:
b5:94:b8:61:40:88:28:9b:2b:b9:3d:72:7a:df:a6:d9:c9:a7:
f7:1f:3d:22:16:b2:0a:79:f0:10:80:c2:87:4a:cd:54:a4:d3:
77:cd:89:d7:69:82:f4:1f:9b:b3:e9:b6:a8:a3:53:4d:aa:b2:
93:8c:6b:59:55:2a:c6:bd:77:47:2a:f0:6b:58:ef:59:d7:73:
6f:07:a3:1a:00:49:5b:f9:4f:04:de:cc:a7:d7:45:63:3e:37:
53:c5:fe:05:0c:b6:b8:b5:8b:e9:ac:f8:32:e0:88:9c:7f:fc:
e3:fa:58:c4:3a:89:97:f4:3c:86:79:b9:d0:9c:4c:28:58:3f:
44:2e:c9:5b:27:7e:f2:30:4d:a0:14:3d:f9:36:92:e2:47:43:
8d:57:a0:3d:b5:d6:4d:74:53:7a:fe:06:41:45:0c:05:92:11:
b4:79:e8:af:85:83:ed:d0:89:45:a3:d8:47:ad:b0:9f:a3:46:
d5:e7:cd:03:e3:8d:78:b8:70:09:63:38:55:55:cb:1b:89:43:
ae:a2:b3:cf:3a:0c:9d:71:a6:55:a2:19:01:ad:13:ee:e1:a0:
91:de:63:e0:7d:8a:29:14:c6:f3:dd:10:8c:34:a9:48:66:8e:
1e:5b:13:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslWRwVLbEqW6JiFHEm9hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkNDc5MzVlMTEzN2Q1NDQ0MjZkYjUyODhlMTJhOWMw
MjVhYzIwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk3MGNmZDAzYTJjZTljM2VhODkyNGZhOGUzNGNiZTY2ZWJhNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mcCnnmYrok9ZR12gO9ukQGI0g8J
HA8LFerotYh7ii5ffv1+lkrS4PPWxm3mW4bUqmRF/sfIkUxp2RCTzKN5v3cesV9B
vbDwM6NUmQd0lHdkv3gNnRrrMXLN+Haf+0UmX3vMqsDAG0tb6iLpvPWzbLy6+Clc
JckXLhnBMw2MSUKYjC1leD5plyYVNq8fRroL4qynRaJ5gBX8tohh8gs4ZZcTp8Qm
CNyAYiMc9wCnN6UF2DQdJyV3fi+Jcbri2PLgHyF+PJj5I9/HfgE5j/3WZKH8tr/7
NYKEZEISeDdgmlYdE+T4k4yv4z4dgbhxsmwI6AlTuHLu2+QztuVJ/uvh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuXDP0Dos6cPqiST6jjTL5m66aPMB8GA1UdIwQY
MBaAFGmH1Hk14RN9VEQm21KI4SqcAlrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1Zjgt
OWM5NTM1OTRkNmIxLzEvdTVjTV9RT2l6cHctcUpKUHFPTk12bWJycG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIx
LzEvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwVQEMA0G
CSqGSIb3DQEBCwUAA4IBAQA88dc2jsWaGznwBJBq5ueJZiC1lLhhQIgomyu5PXJ6
36bZyaf3Hz0iFrIKefAQgMKHSs1UpNN3zYnXaYL0H5uz6baoo1NNqrKTjGtZVSrG
vXdHKvBrWO9Z13NvB6MaAElb+U8E3syn10VjPjdTxf4FDLa4tYvprPgy4Iicf/zj
+ljEOomX9DyGebnQnEwoWD9ELslbJ37yME2gFD35NpLiR0ONV6A9tdZNdFN6/gZB
RQwFkhG0eeivhYPt0IlFo9hHrbCfo0bV580D4414uHAJYzhVVcsbiUOuorPPOgyd
caZVohkBrRPu4aCR3mPgfYopFMbz3RCMNKlIZo4eWxNS
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:42 2025 by rpki-client