Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/U7TTU1pXYyj4uAdbeqb--SA7sUQ.roa
File: U7TTU1pXYyj4uAdbeqb--SA7sUQ.roa (raw, json)
Hash identifier: Y5HyhYWG2ZxSeCaVQ9oa32CAQ+Ff7ivYQUgXSJInj7w=
Subject key identifier: 53:B4:D3:53:5A:57:63:28:F8:B8:07:5B:7A:A6:FE:F9:20:3B:B1:44
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348DF9DA3B457FBB86C4BAB24E7A3CB
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/U7TTU1pXYyj4uAdbeqb--SA7sUQ.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200815
IP address blocks: 212.243.60.0/24 maxlen: 24
212.243.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:df:9d:a3:b4:57:fb:b8:6c:4b:ab:24:e7:a3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53b4d3535a576328f8b8075b7aa6fef9203bb144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:b4:8d:94:4b:b5:f2:42:3b:18:78:eb:6a:
fa:c5:21:a3:22:7c:ef:b6:39:92:15:61:ba:53:c5:
7b:e6:fc:a4:1d:c0:11:25:ac:03:48:59:b1:94:d0:
86:c6:25:42:b4:00:60:39:06:1d:81:81:29:04:b3:
66:ce:3b:25:08:cb:78:9e:08:3d:2f:42:ee:48:9b:
8a:ed:ba:95:1a:b7:37:59:9c:16:01:76:e3:f8:ce:
a9:f6:04:09:6c:d7:1a:a1:eb:36:43:39:3d:66:ab:
ea:99:7f:c1:5d:00:2c:9f:26:20:d0:94:07:68:75:
10:12:0d:98:08:44:df:5d:bc:6e:5c:79:b6:23:d6:
2b:3e:31:00:41:ca:cc:15:7d:fb:7b:72:25:66:07:
10:02:fe:68:98:76:0a:9e:0b:7e:0d:65:4f:a8:da:
7e:32:ac:6b:de:d5:97:d4:64:c2:c2:fd:8f:15:50:
f2:60:31:68:13:96:aa:a7:3c:47:fb:50:33:a1:dc:
ce:85:74:27:9e:d7:0d:b1:2b:d8:47:fe:59:d8:65:
d9:7e:33:28:df:b5:d6:3d:12:49:ea:98:f4:cd:48:
41:8d:99:85:a6:4e:c6:21:b0:04:c3:80:bf:a9:31:
87:05:3a:ac:73:b8:ac:02:b7:c5:ca:ee:fa:8b:de:
8c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B4:D3:53:5A:57:63:28:F8:B8:07:5B:7A:A6:FE:F9:20:3B:B1:44
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/U7TTU1pXYyj4uAdbeqb--SA7sUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.60.0/24
212.243.66.0/24
Signature Algorithm: sha256WithRSAEncryption
84:e9:28:7b:09:2c:4b:45:77:5c:64:18:2a:be:38:ad:65:f5:
7a:47:72:a1:74:dc:39:3f:55:a2:12:9c:45:e2:55:cb:d7:5f:
7a:fb:76:0b:75:e3:c2:2a:08:16:27:36:8f:e6:42:dd:48:25:
4c:52:1b:05:73:38:45:fe:c6:e5:6e:fc:87:7a:43:33:33:97:
f4:74:39:ac:bc:97:35:4b:26:a1:30:2c:eb:c8:c5:99:6e:0b:
90:e5:33:8a:d0:dd:1c:1a:80:ca:92:a3:89:a9:84:fe:f4:64:
26:54:f6:ff:53:09:ce:06:34:ee:55:4c:c0:b6:73:0d:6f:d2:
5c:df:1a:a4:62:29:ea:7d:69:e3:3c:7a:1a:69:57:ed:cd:9d:
ad:a8:5b:a2:7e:2f:8a:e3:59:3c:ba:c8:22:92:83:44:72:99:
b0:19:ea:57:88:cc:91:d5:54:80:ec:ff:b5:19:33:0f:dc:2c:
1b:d1:43:08:2f:01:33:84:17:11:ac:fc:ee:35:3d:fc:69:4a:
a3:81:57:73:3d:29:f5:1b:76:87:db:15:20:fd:5b:b8:16:a3:
f8:ae:9e:29:f2:21:94:57:02:57:21:d2:87:73:db:9b:5d:a5:
04:03:e7:f0:bc:91:19:b9:db:51:30:b2:13:d6:ac:d9:ae:a6:
48:43:79:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSN+do7RX+7hsS6sk56PLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I0ZDM1MzVhNTc2MzI4ZjhiODA3NWI3YWE2ZmVmOTIwM2JiMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUq0jZRLtfJCOxh462r6xSGjInzv
tjmSFWG6U8V75vykHcARJawDSFmxlNCGxiVCtABgOQYdgYEpBLNmzjslCMt4ngg9
L0LuSJuK7bqVGrc3WZwWAXbj+M6p9gQJbNcaoes2Qzk9ZqvqmX/BXQAsnyYg0JQH
aHUQEg2YCETfXbxuXHm2I9YrPjEAQcrMFX37e3IlZgcQAv5omHYKngt+DWVPqNp+
Mqxr3tWX1GTCwv2PFVDyYDFoE5aqpzxH+1AzodzOhXQnntcNsSvYR/5Z2GXZfjMo
37XWPRJJ6pj0zUhBjZmFpk7GIbAEw4C/qTGHBTqsc7isArfFyu76i96MZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFO001NaV2Mo+LgHW3qm/vkgO7FEMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvVTdUVFUxcFhZeWo0dUFkYmVxYi0tU0E3c1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1PM8AwQA
1PNCMA0GCSqGSIb3DQEBCwUAA4IBAQCE6Sh7CSxLRXdcZBgqvjitZfV6R3KhdNw5
P1WiEpxF4lXL1196+3YLdePCKggWJzaP5kLdSCVMUhsFczhF/sblbvyHekMzM5f0
dDmsvJc1SyahMCzryMWZbguQ5TOK0N0cGoDKkqOJqYT+9GQmVPb/UwnOBjTuVUzA
tnMNb9Jc3xqkYinqfWnjPHoaaVftzZ2tqFuifi+K41k8usgikoNEcpmwGepXiMyR
1VSA7P+1GTMP3Cwb0UMILwEzhBcRrPzuNT38aUqjgVdzPSn1G3aH2xUg/Vu4FqP4
rp4p8iGUVwJXIdKHc9ubXaUEA+fwvJEZudtRMLIT1qzZrqZIQ3kN
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:41:53 2025 by rpki-client