Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/U11EgxJj3vWydMXXj47fu6c9oJU.roa
File: U11EgxJj3vWydMXXj47fu6c9oJU.roa (raw, json)
Hash identifier: O6q4O52x0/hSWdM6G8XHS8BF1GrAPa5PsVo4kAs071U=
Subject key identifier: 53:5D:44:83:12:63:DE:F5:B2:74:C5:D7:8F:8E:DF:BB:A7:3D:A0:95
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 019425FC0C95191E446CDF7EBA021817F8CA
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/U11EgxJj3vWydMXXj47fu6c9oJU.roa
Signing time: Thu 02 Jan 2025 07:47:42 +0000
ROA not before: Thu 02 Jan 2025 07:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 147.189.18.0/24 maxlen: 24
147.189.19.0/24 maxlen: 24
147.189.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0c:95:19:1e:44:6c:df:7e:ba:02:18:17:f8:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 2 07:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=535d44831263def5b274c5d78f8edfbba73da095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:de:b7:06:be:b2:0d:37:43:0f:88:a2:6a:
97:83:0b:c5:d7:33:ec:46:9b:83:32:5e:89:87:a2:
33:ff:99:dc:e4:0e:7b:2e:71:eb:84:e8:48:d5:69:
3d:e3:c8:a3:5a:73:98:b4:20:f4:0b:90:78:9f:b0:
ca:39:48:f4:73:c5:5d:ab:9d:5c:6e:00:fd:d6:d4:
46:b0:33:43:0a:8d:55:25:d8:25:94:09:9a:45:5c:
32:bd:37:30:01:7f:ac:9a:5d:a3:55:cb:5f:93:ab:
ba:84:db:53:b4:fc:56:71:63:09:bf:43:09:58:b0:
e8:61:5b:ce:ed:d4:95:86:b5:ed:d6:93:6d:d8:a3:
ef:63:42:da:8e:f3:b9:e7:3f:3b:90:4d:c5:5e:09:
71:76:08:64:0d:ad:4f:66:1a:e1:e4:df:bc:99:74:
c5:d1:7c:c8:cd:38:e2:4e:bb:6b:0b:7e:e0:45:f1:
e9:78:6a:13:bc:7b:e5:b6:c6:cd:0e:2e:cb:84:4e:
0b:b9:0f:7d:b7:df:5e:43:cf:48:4a:56:2d:9e:36:
f0:e8:60:33:e7:31:4e:98:7a:69:b1:da:f2:dd:54:
b7:29:70:28:11:07:e1:5a:75:7b:72:6c:60:bc:8e:
33:8f:fd:c4:a8:b7:86:d2:57:1e:67:ed:bb:5a:b8:
8b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5D:44:83:12:63:DE:F5:B2:74:C5:D7:8F:8E:DF:BB:A7:3D:A0:95
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/U11EgxJj3vWydMXXj47fu6c9oJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.18.0-147.189.20.255
Signature Algorithm: sha256WithRSAEncryption
63:73:a8:c6:02:a6:a7:f7:d7:63:c7:a4:d6:1f:31:24:99:98:
40:31:d0:04:c9:d7:fc:55:7e:d1:0c:ed:9f:2d:e4:2f:65:08:
7f:e6:74:b6:f1:12:6e:80:ca:6e:16:4c:57:ad:dc:97:91:4f:
e0:fe:9d:fc:7e:07:66:69:5f:e2:2c:45:fe:59:73:35:06:fb:
a9:a3:10:da:e4:f0:10:fe:e2:a9:26:d3:c1:ff:8a:9e:28:5f:
65:eb:5e:f8:48:79:43:09:ac:58:82:1c:d7:f6:4a:7c:39:78:
68:b3:35:5d:70:09:09:a0:a8:94:1a:8e:32:fa:4a:f5:6a:21:
23:42:06:1e:57:42:46:38:06:19:95:ac:78:bb:92:ba:ce:a4:
cd:ca:fb:ba:b4:63:5e:0e:50:5d:28:13:48:e6:db:9b:8d:ae:
2d:5f:25:3a:fa:29:ae:9f:48:65:80:7b:10:8a:ec:0b:5d:9b:
6f:6f:40:13:a6:76:2b:27:22:f4:fa:f1:8a:28:eb:b7:1c:0e:
b4:4e:05:00:a1:d7:aa:47:02:74:ae:85:64:91:29:46:d9:51:
37:94:8d:2e:93:4b:d6:38:74:5c:7c:d1:a9:30:43:15:a5:35:
40:7e:94:1c:3f:31:08:40:f2:e2:cb:e5:8b:ca:0d:c4:53:49:
a6:e6:10:53
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/AyVGR5EbN9+ugIYF/jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjUwMTAyMDc0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzVkNDQ4MzEyNjNkZWY1YjI3NGM1ZDc4ZjhlZGZiYmE3M2RhMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR3etwa+sg03Qw+IomqXgwvF1zPs
RpuDMl6Jh6Iz/5nc5A57LnHrhOhI1Wk948ijWnOYtCD0C5B4n7DKOUj0c8Vdq51c
bgD91tRGsDNDCo1VJdgllAmaRVwyvTcwAX+sml2jVctfk6u6hNtTtPxWcWMJv0MJ
WLDoYVvO7dSVhrXt1pNt2KPvY0LajvO55z87kE3FXglxdghkDa1PZhrh5N+8mXTF
0XzIzTjiTrtrC37gRfHpeGoTvHvltsbNDi7LhE4LuQ99t99eQ89ISlYtnjbw6GAz
5zFOmHppsdry3VS3KXAoEQfhWnV7cmxgvI4zj/3EqLeG0lceZ+27WriLXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFNdRIMSY971snTF14+O37unPaCVMB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvVTExRWd4Smozdld5ZE1YWGo0N2Z1NmM5b0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGTvRID
BACTvRQwDQYJKoZIhvcNAQELBQADggEBAGNzqMYCpqf312PHpNYfMSSZmEAx0ATJ
1/xVftEM7Z8t5C9lCH/mdLbxEm6Aym4WTFet3JeRT+D+nfx+B2ZpX+IsRf5ZczUG
+6mjENrk8BD+4qkm08H/ip4oX2XrXvhIeUMJrFiCHNf2Snw5eGizNV1wCQmgqJQa
jjL6SvVqISNCBh5XQkY4BhmVrHi7krrOpM3K+7q0Y14OUF0oE0jm25uNri1fJTr6
Ka6fSGWAexCK7Atdm29vQBOmdisnIvT68Yoo67ccDrROBQCh16pHAnSuhWSRKUbZ
UTeUjS6TS9Y4dFx80akwQxWlNUB+lBw/MQhA8uLL5YvKDcRTSabmEFM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:43:15 2025 by rpki-client