Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uf2jc0z9xE2nv9zTYZDj_Vei7hY.roa
File: uf2jc0z9xE2nv9zTYZDj_Vei7hY.roa (raw, json)
Hash identifier: 8MgmMBPz+igA8/ZynQXo/VChUQmTu0ScQoOS9EFMR10=
Subject key identifier: B9:FD:A3:73:4C:FD:C4:4D:A7:BF:DC:D3:61:90:E3:FD:57:A2:EE:16
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824F62046DFF16BEB82B129CDB35349
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uf2jc0z9xE2nv9zTYZDj_Vei7hY.roa
Signing time: Thu 02 Jan 2025 17:51:38 +0000
ROA not before: Thu 02 Jan 2025 17:51:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61003
IP address blocks: 212.193.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:f6:20:46:df:f1:6b:eb:82:b1:29:cd:b3:53:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9fda3734cfdc44da7bfdcd36190e3fd57a2ee16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:13:45:e0:d0:a8:d1:31:b0:ae:45:9e:43:7f:
9a:56:8f:ee:ae:dd:65:20:d4:98:ab:12:e1:42:20:
63:f8:e2:23:1d:b1:61:80:0f:b5:6c:18:34:b4:a7:
d5:b7:4b:cd:4c:4f:63:53:50:b8:55:40:71:c4:d7:
9e:ee:37:7d:f2:23:20:3e:d9:7b:c7:4d:09:2c:7f:
50:bc:bd:58:32:82:d6:e4:e6:15:e6:36:80:21:29:
22:fa:12:20:fb:4d:97:99:be:66:2f:19:b8:ba:51:
81:e4:b2:01:d7:76:92:bd:7a:63:ad:fa:a1:4c:c5:
a4:54:91:63:71:32:67:c2:b1:02:46:f6:de:e2:a8:
19:c6:86:5c:3c:e0:49:c6:3d:45:fc:b5:34:58:2f:
db:e4:e6:11:b0:4e:25:c7:f6:a2:31:d5:25:a7:b3:
89:ec:0e:4e:3b:b5:44:0c:b6:8d:06:11:af:56:23:
8c:0e:fb:1a:af:c0:8e:55:83:b4:94:3b:16:54:35:
7b:97:f2:80:e8:f7:7a:7f:09:10:49:ab:a1:4f:99:
13:08:40:8e:13:8e:77:58:20:df:3b:53:f4:25:f6:
ab:d0:d2:8c:6f:5a:16:ef:36:a6:ce:c0:b7:69:e5:
d2:84:ef:35:1f:e0:47:ed:3b:75:5e:2a:f1:0b:af:
af:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FD:A3:73:4C:FD:C4:4D:A7:BF:DC:D3:61:90:E3:FD:57:A2:EE:16
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uf2jc0z9xE2nv9zTYZDj_Vei7hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6c:e4:c2:de:b7:c0:6a:68:a2:e8:b7:66:ab:cc:a6:30:59:
4e:60:bd:84:ea:0b:89:90:df:77:7b:db:56:e7:a5:7e:27:b7:
54:75:f2:12:36:37:6a:22:13:36:68:e7:52:38:13:03:c9:87:
5b:0d:7a:e2:9a:08:14:f8:2a:56:79:cc:92:dd:68:0c:92:f0:
e5:c0:f6:7b:82:37:77:cf:2f:12:60:1f:2d:4b:fb:2a:ab:b1:
a6:64:11:99:1a:5f:25:3d:88:4e:2b:7c:d2:f6:09:d3:3e:e0:
3e:53:ed:17:85:e9:be:76:17:b4:d8:2a:26:5c:64:75:e1:70:
04:96:cf:a7:a1:88:8e:5b:a8:03:70:ed:f8:e8:1d:23:d2:15:
e9:ad:72:c8:ac:61:e0:9d:41:8d:7e:0a:ed:ae:02:5f:e4:23:
95:84:6c:73:45:e7:29:ca:ad:9a:c7:3d:52:da:89:6b:d4:2f:
75:d3:5d:18:2f:bf:80:77:80:d8:d9:d1:66:1b:da:da:af:8b:
71:63:c0:62:4e:06:09:04:df:0c:03:38:e8:62:be:b9:ac:6e:
d2:7d:a6:4c:67:5f:5a:13:74:4c:d5:a4:77:08:b7:da:50:a0:
42:ca:42:f2:97:35:10:a9:3f:a4:b4:b3:60:f2:3d:f7:02:9b:
d8:98:c7:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJPYgRt/xa+uCsSnNs1NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZkYTM3MzRjZmRjNDRkYTdiZmRjZDM2MTkwZTNmZDU3YTJlZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRNF4NCo0TGwrkWeQ3+aVo/urt1l
INSYqxLhQiBj+OIjHbFhgA+1bBg0tKfVt0vNTE9jU1C4VUBxxNee7jd98iMgPtl7
x00JLH9QvL1YMoLW5OYV5jaAISki+hIg+02Xmb5mLxm4ulGB5LIB13aSvXpjrfqh
TMWkVJFjcTJnwrECRvbe4qgZxoZcPOBJxj1F/LU0WC/b5OYRsE4lx/aiMdUlp7OJ
7A5OO7VEDLaNBhGvViOMDvsar8COVYO0lDsWVDV7l/KA6Pd6fwkQSauhT5kTCECO
E453WCDfO1P0Jfar0NKMb1oW7zamzsC3aeXShO81H+BH7Tt1XirxC6+vgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn9o3NM/cRNp7/c02GQ4/1Xou4WMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdWYyamMwejl4RTJudjl6VFlaRGpfVmVpN2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MEDMA0G
CSqGSIb3DQEBCwUAA4IBAQBPbOTC3rfAamii6Ldmq8ymMFlOYL2E6guJkN93e9tW
56V+J7dUdfISNjdqIhM2aOdSOBMDyYdbDXrimggU+CpWecyS3WgMkvDlwPZ7gjd3
zy8SYB8tS/sqq7GmZBGZGl8lPYhOK3zS9gnTPuA+U+0Xhem+dhe02ComXGR14XAE
ls+noYiOW6gDcO346B0j0hXprXLIrGHgnUGNfgrtrgJf5COVhGxzRecpyq2axz1S
2olr1C91010YL7+Ad4DY2dFmG9rar4txY8BiTgYJBN8MAzjoYr65rG7SfaZMZ19a
E3RM1aR3CLfaUKBCykLylzUQqT+ktLNg8j33ApvYmMcb
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:49:05 2025 by rpki-client