Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/3db9a9-abef-4ed7-b392-9ae3dfe97481/1/ucSRsLLMevrwHj_ixOK-_R0I2KE.roa
File: ucSRsLLMevrwHj_ixOK-_R0I2KE.roa (raw, json)
Hash identifier: FBR/7mbC57mUIZmyiL1jg05aQ0ROSGzALqk5FG3esU0=
Subject key identifier: B9:C4:91:B0:B2:CC:7A:FA:F0:1E:3F:E2:C4:E2:BE:FD:1D:08:D8:A1
Certificate issuer: /CN=d61eb53cb56718df0d9476cd984aac4432b90f6c
Certificate serial: 01856E78DE935F61CDFF8932B88EDEBEC919
Authority key identifier: D6:1E:B5:3C:B5:67:18:DF:0D:94:76:CD:98:4A:AC:44:32:B9:0F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1h61PLVnGN8NlHbNmEqsRDK5D2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/3db9a9-abef-4ed7-b392-9ae3dfe97481/1/ucSRsLLMevrwHj_ixOK-_R0I2KE.roa
Signing time: Sun 01 Jan 2023 17:54:53 +0000
ROA not before: Sun 01 Jan 2023 17:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33821
IP address blocks: 195.28.176.0/24 maxlen: 24
195.28.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:de:93:5f:61:cd:ff:89:32:b8:8e:de:be:c9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d61eb53cb56718df0d9476cd984aac4432b90f6c
Validity
Not Before: Jan 1 17:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c491b0b2cc7afaf01e3fe2c4e2befd1d08d8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:3a:d2:66:ab:57:e3:45:45:4a:66:c6:aa:
d1:d4:bb:8d:55:73:c7:7d:81:b0:b9:e8:3a:e5:fa:
92:3d:9f:cd:3b:39:b0:14:81:3c:f4:63:c6:26:1c:
0d:43:2b:49:00:df:85:df:39:54:25:63:be:dc:e8:
4e:66:ba:e6:4b:aa:55:5a:62:63:05:ab:c8:b0:2c:
93:fe:88:be:97:71:a7:34:29:6d:fd:ea:01:2c:d0:
a4:5e:40:01:1f:b5:d3:1d:01:75:df:95:3b:d2:9a:
7c:f4:5e:89:75:f7:89:6f:70:30:73:fa:48:f2:d2:
fc:77:77:da:bd:1d:35:a5:da:9a:f6:8d:21:1a:3e:
83:5c:8d:57:b0:a0:b9:46:d4:09:3c:1d:f3:44:e8:
9d:8e:52:05:66:3e:16:e4:b0:bb:78:eb:46:a3:fd:
26:83:c2:af:38:d3:83:f5:9b:fc:4b:10:0a:a6:9e:
ee:97:3c:41:78:cc:28:52:7a:e5:f6:6c:36:2e:6c:
fb:a1:9b:84:48:41:3c:67:cf:3f:15:5d:71:e3:96:
31:7d:c5:0e:f0:d7:b9:b1:ef:7f:2f:b5:f7:4c:a2:
86:41:cd:cc:92:30:1f:a1:a5:97:95:7a:fe:6f:0c:
58:de:d8:9a:e4:49:0d:55:4d:b1:f1:6c:9f:df:3d:
82:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C4:91:B0:B2:CC:7A:FA:F0:1E:3F:E2:C4:E2:BE:FD:1D:08:D8:A1
X509v3 Authority Key Identifier:
keyid:D6:1E:B5:3C:B5:67:18:DF:0D:94:76:CD:98:4A:AC:44:32:B9:0F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1h61PLVnGN8NlHbNmEqsRDK5D2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3db9a9-abef-4ed7-b392-9ae3dfe97481/1/ucSRsLLMevrwHj_ixOK-_R0I2KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/3db9a9-abef-4ed7-b392-9ae3dfe97481/1/1h61PLVnGN8NlHbNmEqsRDK5D2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.176.0/23
Signature Algorithm: sha256WithRSAEncryption
76:16:72:23:69:9e:41:dc:88:df:d7:6d:d7:e3:1d:19:c2:98:
0d:ea:c2:91:d7:4d:67:ae:6f:50:e9:34:13:0d:68:e6:9e:5c:
ba:4e:e7:85:8d:d5:1a:b8:4b:82:3e:c7:30:72:52:79:2e:28:
00:9f:4b:ef:bc:09:ed:8e:aa:29:08:a1:e9:29:cc:d7:85:74:
5b:77:1e:22:4e:df:43:1c:54:ac:e8:a2:0d:9a:70:1e:63:8c:
c4:94:6c:d0:f6:fa:13:43:03:96:5d:9c:e6:f3:bf:7c:c1:1b:
1f:82:84:6c:7c:4e:e4:78:0e:a3:4c:6d:25:45:74:60:f4:76:
8e:8c:6c:5b:e4:05:47:21:a3:d0:7b:b4:f2:ee:e9:b9:b0:38:
72:d5:27:a6:c8:91:d6:e7:d9:d9:ce:71:0b:a4:39:ca:e6:2a:
e9:9a:e7:30:d9:3b:cc:aa:42:a4:ed:80:66:cd:e2:fc:1d:9f:
ee:53:7f:5b:ba:8c:6b:4b:75:f3:ef:a8:fa:3b:27:02:bd:fe:
c2:d2:96:d8:eb:ec:36:dd:cf:98:bf:27:60:d8:c4:73:85:b0:
a3:dc:91:78:91:6d:f5:59:60:9b:59:e1:3b:fb:24:97:16:94:
fc:5c:c9:ed:2d:dd:86:5b:6d:a1:88:d9:cf:6a:3d:f7:dc:47:
db:ca:f7:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueN6TX2HN/4kyuI7evskZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MWViNTNjYjU2NzE4ZGYwZDk0NzZjZDk4NGFhYzQ0MzJi
OTBmNmMwHhcNMjMwMTAxMTc1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM0OTFiMGIyY2M3YWZhZjAxZTNmZTJjNGUyYmVmZDFkMDhkOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIU60marV+NFRUpmxqrR1LuNVXPH
fYGwueg65fqSPZ/NOzmwFIE89GPGJhwNQytJAN+F3zlUJWO+3OhOZrrmS6pVWmJj
BavIsCyT/oi+l3GnNClt/eoBLNCkXkABH7XTHQF135U70pp89F6JdfeJb3Awc/pI
8tL8d3favR01pdqa9o0hGj6DXI1XsKC5RtQJPB3zROidjlIFZj4W5LC7eOtGo/0m
g8KvONOD9Zv8SxAKpp7ulzxBeMwoUnrl9mw2Lmz7oZuESEE8Z88/FV1x45YxfcUO
8Ne5se9/L7X3TKKGQc3MkjAfoaWXlXr+bwxY3tia5EkNVU2x8Wyf3z2CvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnEkbCyzHr68B4/4sTivv0dCNihMB8GA1UdIwQY
MBaAFNYetTy1ZxjfDZR2zZhKrEQyuQ9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWg2MVBMVm5HTjhObEhiTm1FcXNSREs1RDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zZGI5YTktYWJlZi00ZWQ3LWIzOTIt
OWFlM2RmZTk3NDgxLzEvdWNTUnNMTE1ldnJ3SGpfaXhPSy1fUjBJMktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zZGI5YTktYWJlZi00ZWQ3LWIzOTItOWFlM2RmZTk3NDgx
LzEvMWg2MVBMVm5HTjhObEhiTm1FcXNSREs1RDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxywMA0G
CSqGSIb3DQEBCwUAA4IBAQB2FnIjaZ5B3Ijf123X4x0ZwpgN6sKR101nrm9Q6TQT
DWjmnly6TueFjdUauEuCPscwclJ5LigAn0vvvAntjqopCKHpKczXhXRbdx4iTt9D
HFSs6KINmnAeY4zElGzQ9voTQwOWXZzm8798wRsfgoRsfE7keA6jTG0lRXRg9HaO
jGxb5AVHIaPQe7Ty7um5sDhy1SemyJHW59nZznELpDnK5irpmucw2TvMqkKk7YBm
zeL8HZ/uU39buoxrS3Xz76j6OycCvf7C0pbY6+w23c+Yvydg2MRzhbCj3JF4kW31
WWCbWeE7+ySXFpT8XMntLd2GW22hiNnPaj333Efbyvey
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:41 2025 by rpki-client