Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/usjdy-KG5bMmf1sWfSC6KzIDZ5E.roa
File: usjdy-KG5bMmf1sWfSC6KzIDZ5E.roa (raw, json)
Hash identifier: Q4EUQoO9/Klc0LitSYSMj91ALl5VfJcX1UEx8isqh50=
Subject key identifier: BA:C8:DD:CB:E2:86:E5:B3:26:7F:5B:16:7D:20:BA:2B:32:03:67:91
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183EA018780095A9D0C15ADC3531679FA97
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/usjdy-KG5bMmf1sWfSC6KzIDZ5E.roa
Signing time: Tue 18 Oct 2022 07:31:52 +0000
ROA not before: Tue 18 Oct 2022 07:31:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.203.164.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
176.46.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:01:87:80:09:5a:9d:0c:15:ad:c3:53:16:79:fa:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 18 07:31:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac8ddcbe286e5b3267f5b167d20ba2b32036791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5e:53:eb:8d:bc:11:96:ed:b7:cd:7b:5a:61:
45:3c:97:9a:1e:e9:0f:6e:60:8e:61:9e:b5:5f:f0:
8c:b2:b5:41:90:e4:9e:5d:58:d4:1d:ac:aa:57:59:
9d:7a:55:1d:4a:b3:d9:76:52:bc:d0:7e:3d:be:2a:
9b:05:f1:ac:d5:31:28:33:02:ab:3c:35:83:8d:0e:
dd:9f:ac:ee:03:6a:62:75:e0:61:1a:81:c5:f1:3e:
85:ba:c1:20:a8:8b:d6:6d:ba:64:ad:dc:6d:81:36:
d8:63:04:7f:e5:ad:21:c6:8c:fe:d4:4b:46:6c:1b:
a8:c3:cf:84:3b:c9:c1:eb:81:d7:80:8e:66:e4:c7:
08:14:a6:66:89:f9:09:93:7d:85:80:d7:a2:42:93:
75:d7:7a:58:ad:ef:fe:09:49:e5:94:53:e6:17:f4:
ad:91:23:32:c6:59:f4:1c:3d:c4:1c:42:1f:d0:21:
f2:d4:30:0f:b6:f1:51:17:82:96:90:1d:b1:58:ed:
cc:c1:29:f0:26:6d:ea:2f:d4:c6:29:27:27:fa:5d:
76:fa:35:bc:f7:69:e3:3b:89:41:7c:b7:c6:1a:42:
be:fa:c3:53:af:ff:60:24:3a:32:ae:d7:77:b2:96:
fc:fe:02:ff:d0:0d:9a:a4:42:d6:4b:25:fa:3b:fc:
bc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C8:DD:CB:E2:86:E5:B3:26:7F:5B:16:7D:20:BA:2B:32:03:67:91
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/usjdy-KG5bMmf1sWfSC6KzIDZ5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/22
109.203.164.0/22
176.46.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:59:c6:88:75:73:07:84:2d:bf:65:79:2d:54:07:54:e1:45:
ec:73:e0:fe:7b:15:42:8d:bc:d5:bf:0a:f0:26:ed:ba:5d:fd:
69:06:5a:e8:ed:ae:a3:1d:10:ae:51:ab:4b:ec:25:e2:09:a4:
b7:79:a8:9d:78:8a:45:05:bb:60:24:f3:dc:9e:4b:06:c7:7f:
5b:3e:c9:92:94:cb:ef:6a:65:d7:6b:ab:57:b8:64:be:03:2f:
a6:c0:a9:fe:50:a0:96:e7:8c:45:23:dd:f4:eb:f3:4c:44:96:
a2:c6:de:c5:0e:2b:05:d9:57:0f:9d:66:3b:7e:8b:68:e5:59:
4c:0b:b6:bd:04:b7:09:6b:d6:c7:c0:60:63:b6:5a:0c:70:8e:
60:38:0a:84:10:4e:78:84:39:b3:d3:5a:f4:f1:4c:c7:05:90:
70:72:ab:51:ff:8a:df:e2:fd:ab:54:93:8a:27:9a:38:3b:ae:
77:fc:e3:a1:4e:cc:e0:cc:2e:c1:e0:a9:ac:70:8d:3e:11:f2:
a3:a1:90:5b:a5:4b:9a:2d:6a:ae:7b:e0:53:ce:71:24:b2:e7:
48:b5:93:32:b7:81:a7:a0:bd:0c:aa:4f:9f:7b:52:5a:5d:46:
bb:34:fd:10:22:d4:c7:5b:75:5d:d1:03:83:20:2b:c6:0d:37:
5b:2f:b4:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPqAYeACVqdDBWtw1MWefqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDE4MDczMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM4ZGRjYmUyODZlNWIzMjY3ZjViMTY3ZDIwYmEyYjMyMDM2NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV5T6428EZbtt817WmFFPJeaHukP
bmCOYZ61X/CMsrVBkOSeXVjUHayqV1mdelUdSrPZdlK80H49viqbBfGs1TEoMwKr
PDWDjQ7dn6zuA2pideBhGoHF8T6FusEgqIvWbbpkrdxtgTbYYwR/5a0hxoz+1EtG
bBuow8+EO8nB64HXgI5m5McIFKZmifkJk32FgNeiQpN113pYre/+CUnllFPmF/St
kSMyxln0HD3EHEIf0CHy1DAPtvFRF4KWkB2xWO3MwSnwJm3qL9TGKScn+l12+jW8
92njO4lBfLfGGkK++sNTr/9gJDoyrtd3spb8/gL/0A2apELWSyX6O/y8sQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrI3cvihuWzJn9bFn0guisyA2eRMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvdXNqZHktS0c1Yk1tZjFzV2ZTQzZLeklEWjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJTGUAwQC
bcukAwQFsC6AMA0GCSqGSIb3DQEBCwUAA4IBAQCLWcaIdXMHhC2/ZXktVAdU4UXs
c+D+exVCjbzVvwrwJu26Xf1pBlro7a6jHRCuUatL7CXiCaS3eaideIpFBbtgJPPc
nksGx39bPsmSlMvvamXXa6tXuGS+Ay+mwKn+UKCW54xFI9306/NMRJaixt7FDisF
2VcPnWY7foto5VlMC7a9BLcJa9bHwGBjtloMcI5gOAqEEE54hDmz01r08UzHBZBw
cqtR/4rf4v2rVJOKJ5o4O653/OOhTszgzC7B4KmscI0+EfKjoZBbpUuaLWque+BT
znEksudItZMyt4GnoL0Mqk+fe1JaXUa7NP0QItTHW3Vd0QODICvGDTdbL7RJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:45 2025 by rpki-client