Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ux9zLJtd4_p9NV0Me_W8PVyz43I.roa
File: Ux9zLJtd4_p9NV0Me_W8PVyz43I.roa (raw, json)
Hash identifier: GS5Alel3iVAtxVyr3H/1KmbzeB55m9O8mdahO6mwu3I=
Subject key identifier: 53:1F:73:2C:9B:5D:E3:FA:7D:35:5D:0C:7B:F5:BC:3D:5C:B3:E3:72
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 01942686DA368B696B1E49B1E4151533B2A0
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ux9zLJtd4_p9NV0Me_W8PVyz43I.roa
Signing time: Thu 02 Jan 2025 10:19:19 +0000
ROA not before: Thu 02 Jan 2025 10:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 5.198.248.0/21 maxlen: 24
141.138.208.0/21 maxlen: 24
185.13.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:86:da:36:8b:69:6b:1e:49:b1:e4:15:15:33:b2:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Jan 2 10:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=531f732c9b5de3fa7d355d0c7bf5bc3d5cb3e372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:e5:34:f7:a0:c5:9e:a4:fd:1e:54:cc:5f:
f7:e0:33:d1:01:0a:bf:90:7a:f3:a2:67:32:0f:ba:
fb:23:71:4f:3e:c5:f7:2e:ac:2d:ce:c9:30:df:57:
4c:67:ab:91:8c:df:4c:5c:6d:75:3f:e8:f8:fc:d3:
09:eb:70:ed:bd:0c:36:a8:c9:82:4a:c4:97:2d:21:
04:84:fa:56:d0:03:91:24:b5:7f:d2:60:59:d7:7c:
60:6e:c5:e2:d8:9d:c8:c8:b9:c1:7a:7e:ab:75:1b:
32:55:b9:9d:59:7c:c1:6b:3d:57:ed:de:fa:5e:0c:
8a:9a:d6:44:28:74:b3:5e:08:99:b1:68:af:e1:ab:
ef:80:b1:b0:1f:a3:f2:d7:3b:da:33:1e:67:31:f0:
fd:bf:48:46:6c:70:7d:21:1a:dc:bb:94:c5:1a:b4:
3f:46:92:d1:f0:0c:8a:2c:ff:93:57:9e:ca:64:cb:
3a:2c:8f:e8:e4:5f:16:2b:1a:88:97:78:af:ad:fe:
3a:22:e9:d7:80:4f:44:74:ea:33:27:2d:94:be:9b:
f1:ff:5c:cb:e0:e2:08:ec:9a:cd:08:4f:4f:35:26:
2f:d2:3e:f8:e3:69:58:89:21:6c:77:71:bd:eb:fa:
5f:fa:1b:15:ba:21:9a:84:9c:bb:ca:3e:2f:36:76:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1F:73:2C:9B:5D:E3:FA:7D:35:5D:0C:7B:F5:BC:3D:5C:B3:E3:72
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/Ux9zLJtd4_p9NV0Me_W8PVyz43I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.248.0/21
141.138.208.0/21
185.13.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:40:ca:51:52:3b:75:b8:43:c4:0a:94:0d:0b:ff:0a:3f:c8:
be:2a:9e:42:ab:01:cf:ac:8f:e6:8e:5a:d5:c2:bd:b6:d1:1a:
ad:c0:53:8e:91:d7:73:5e:4e:a3:31:dd:c5:14:c5:98:80:42:
12:3c:1e:85:b1:c8:2b:8d:35:c2:28:5e:e3:5a:01:f5:26:72:
d8:c7:21:97:15:30:00:24:0d:af:0f:bf:ff:65:5d:8e:d2:3b:
43:66:5e:94:ea:2f:84:fc:aa:dd:64:86:31:a5:0c:96:19:bb:
72:cd:8f:51:d4:09:ab:c5:e5:76:7e:90:e3:d9:ce:b1:74:7f:
df:25:ce:e4:82:74:dd:50:3d:85:75:e3:4a:9c:e4:57:25:f6:
e2:55:68:af:1a:0c:3b:ad:e8:53:51:d7:d5:f9:d3:f0:06:96:
9b:ad:c8:84:2c:a1:e9:50:e0:fd:06:fe:a3:94:90:65:4e:39:
d8:0d:af:ba:e3:a6:50:05:a3:1f:13:83:43:00:76:fb:5b:b3:
6c:f8:12:04:38:21:92:95:30:aa:95:03:b1:ff:7e:a2:aa:b9:
1f:64:15:ba:f5:1a:39:c3:05:d5:30:b9:27:78:3d:14:78:e7:
2a:e0:d0:16:29:78:0f:40:e9:ae:6a:bb:2b:e7:95:d6:e0:4a:
5d:df:fb:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmhto2i2lrHkmx5BUVM7KgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjUwMTAyMTAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFmNzMyYzliNWRlM2ZhN2QzNTVkMGM3YmY1YmMzZDVjYjNlMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraLlNPegxZ6k/R5UzF/34DPRAQq/
kHrzomcyD7r7I3FPPsX3Lqwtzskw31dMZ6uRjN9MXG11P+j4/NMJ63DtvQw2qMmC
SsSXLSEEhPpW0AORJLV/0mBZ13xgbsXi2J3IyLnBen6rdRsyVbmdWXzBaz1X7d76
XgyKmtZEKHSzXgiZsWiv4avvgLGwH6Py1zvaMx5nMfD9v0hGbHB9IRrcu5TFGrQ/
RpLR8AyKLP+TV57KZMs6LI/o5F8WKxqIl3ivrf46IunXgE9EdOozJy2Uvpvx/1zL
4OII7JrNCE9PNSYv0j7442lYiSFsd3G96/pf+hsVuiGahJy7yj4vNnZJmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFMfcyybXeP6fTVdDHv1vD1cs+NyMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvVXg5ekxKdGQ0X3A5TlYwTWVfVzhQVnl6NDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBcb4AwQD
jYrQAwQCuQ0oMA0GCSqGSIb3DQEBCwUAA4IBAQAeQMpRUjt1uEPECpQNC/8KP8i+
Kp5CqwHPrI/mjlrVwr220RqtwFOOkddzXk6jMd3FFMWYgEISPB6FscgrjTXCKF7j
WgH1JnLYxyGXFTAAJA2vD7//ZV2O0jtDZl6U6i+E/KrdZIYxpQyWGbtyzY9R1Amr
xeV2fpDj2c6xdH/fJc7kgnTdUD2FdeNKnORXJfbiVWivGgw7rehTUdfV+dPwBpab
rciELKHpUOD9Bv6jlJBlTjnYDa+646ZQBaMfE4NDAHb7W7Ns+BIEOCGSlTCqlQOx
/36iqrkfZBW69Ro5wwXVMLkneD0UeOcq4NAWKXgPQOmuarsr55XW4Epd3/vR
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:30 2025 by rpki-client