Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/s1uawTeOUkgDW6mBKyzm3NI6hxc.roa
File: s1uawTeOUkgDW6mBKyzm3NI6hxc.roa (raw, json)
Hash identifier: lpqkVOyU/cokka/2U3UZmXPkRI7YfeF62rGfPTiCmjg=
Subject key identifier: B3:5B:9A:C1:37:8E:52:48:03:5B:A9:81:2B:2C:E6:DC:D2:3A:87:17
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 019421B20DE299C31846ED0225B9CBC43AA9
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/s1uawTeOUkgDW6mBKyzm3NI6hxc.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 132.70.0.0/16 maxlen: 16
132.71.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0d:e2:99:c3:18:46:ed:02:25:b9:cb:c4:3a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b35b9ac1378e5248035ba9812b2ce6dcd23a8717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:74:0c:45:a8:5d:84:a3:4d:e5:c3:0e:b9:7d:
c8:46:c2:08:3e:b9:1f:1f:8a:30:65:ce:35:49:ec:
c4:93:96:65:06:e1:a8:81:a2:cf:f8:c9:6a:21:6a:
ee:4d:de:30:d5:95:94:40:61:fa:51:52:8b:ad:62:
a1:3e:01:e7:61:c5:70:a1:8e:2e:ee:24:f0:89:bd:
b2:95:ca:63:a0:ad:2c:4c:38:9e:f2:5f:c0:ab:2b:
89:6d:b9:7b:cd:ac:3b:11:77:b1:f0:5b:9e:96:99:
62:57:af:88:84:05:b4:b8:52:37:01:b4:44:34:65:
29:cc:59:58:5d:10:d9:a9:61:e9:83:00:c8:1f:a4:
25:e4:96:85:08:05:04:56:21:d7:e0:9e:69:f8:a8:
34:ff:3e:6e:58:4b:9b:62:23:a7:8f:8c:7d:9b:23:
01:f2:cf:10:a7:eb:ec:ae:7d:6a:82:5f:32:4d:84:
63:88:55:43:36:b4:84:63:99:56:df:29:ba:e5:78:
89:02:e4:1f:05:cd:26:3d:e8:b0:a4:ba:24:5e:67:
8a:d4:dc:a0:ab:1a:70:12:36:7d:77:6d:62:b7:cd:
69:ae:bb:5c:8d:31:b7:74:cc:3e:54:70:f9:f9:89:
ee:a8:8c:5b:6f:04:69:19:c4:ef:fe:74:f3:87:b4:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5B:9A:C1:37:8E:52:48:03:5B:A9:81:2B:2C:E6:DC:D2:3A:87:17
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/s1uawTeOUkgDW6mBKyzm3NI6hxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
42:c7:d1:76:48:bf:5c:5d:d0:c2:b6:10:50:5c:df:58:34:1e:
d1:6a:02:cc:56:59:b0:dc:2b:9b:c9:43:cf:63:8a:a0:d5:7e:
01:35:1a:4d:81:31:df:7c:45:cd:64:c9:97:d9:a2:e1:d8:b0:
3a:2c:c1:d8:0b:8f:ea:f9:85:bb:f8:00:d0:a8:af:c5:ee:49:
32:bb:ed:0a:b3:64:0f:09:8b:4d:86:0b:f1:d9:e5:cb:04:15:
d5:28:5d:db:37:a3:4d:82:a9:68:fb:bc:9e:73:ea:8a:17:d2:
51:a0:a1:f3:98:06:fa:eb:63:78:dc:da:bb:40:93:c4:10:14:
5b:9c:99:f6:a4:a1:0d:4c:23:dd:28:7e:a2:db:99:00:8e:1f:
1c:ae:70:28:6c:a2:9e:73:13:5b:da:42:ea:e9:84:5d:c6:4f:
e3:7c:34:87:21:7e:19:7a:05:91:24:a8:1d:a4:76:66:12:2b:
c1:6d:00:44:87:61:fa:f2:91:a1:34:b8:00:11:26:7f:5c:21:
7a:68:b5:77:7e:de:30:14:db:0e:46:0d:7b:e8:97:05:2e:35:
b6:81:a8:90:e9:59:78:b1:1f:c4:19:40:b2:98:b9:5e:e6:b1:
14:a0:63:36:56:2b:f4:b0:4f:b0:75:4c:57:85:da:1f:eb:e8:
5f:3c:6a:68
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQhsg3imcMYRu0CJbnLxDqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzViOWFjMTM3OGU1MjQ4MDM1YmE5ODEyYjJjZTZkY2QyM2E4NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XQMRahdhKNN5cMOuX3IRsIIPrkf
H4owZc41SezEk5ZlBuGogaLP+MlqIWruTd4w1ZWUQGH6UVKLrWKhPgHnYcVwoY4u
7iTwib2ylcpjoK0sTDie8l/AqyuJbbl7zaw7EXex8FuelpliV6+IhAW0uFI3AbRE
NGUpzFlYXRDZqWHpgwDIH6Ql5JaFCAUEViHX4J5p+Kg0/z5uWEubYiOnj4x9myMB
8s8Qp+vsrn1qgl8yTYRjiFVDNrSEY5lW3ym65XiJAuQfBc0mPeiwpLokXmeK1Nyg
qxpwEjZ9d21it81prrtcjTG3dMw+VHD5+YnuqIxbbwRpGcTv/nTzh7QxiwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLNbmsE3jlJIA1upgSss5tzSOocXMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvczF1YXdUZU9Va2dEVzZtQkt5em0zTkk2aHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAELH0XZIv1xd0MK2EFBc31g0HtFqAsxWWbDcK5vJQ89j
iqDVfgE1Gk2BMd98Rc1kyZfZouHYsDoswdgLj+r5hbv4ANCor8XuSTK77QqzZA8J
i02GC/HZ5csEFdUoXds3o02CqWj7vJ5z6ooX0lGgofOYBvrrY3jc2rtAk8QQFFuc
mfakoQ1MI90ofqLbmQCOHxyucChsop5zE1vaQurphF3GT+N8NIchfhl6BZEkqB2k
dmYSK8FtAESHYfrykaE0uAARJn9cIXpotXd+3jAU2w5GDXvolwUuNbaBqJDpWXix
H8QZQLKYuV7msRSgYzZWK/SwT7B1TFeF2h/r6F88amg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:59:35 2025 by rpki-client