Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/U7x9NHrOtVwpLBD4RJMdKYPQ-Mo.roa
File: U7x9NHrOtVwpLBD4RJMdKYPQ-Mo.roa (raw, json)
Hash identifier: COXA0MHjLmP0wp5vDjDiQUXIbxhZE0gntg3Uospeavg=
Subject key identifier: 53:BC:7D:34:7A:CE:B5:5C:29:2C:10:F8:44:93:1D:29:83:D0:F8:CA
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 019425FDE6CDB89E7E2503E67A352F4E5C8C
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/U7x9NHrOtVwpLBD4RJMdKYPQ-Mo.roa
Signing time: Thu 02 Jan 2025 07:49:44 +0000
ROA not before: Thu 02 Jan 2025 07:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44398
IP address blocks: 192.66.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e6:cd:b8:9e:7e:25:03:e6:7a:35:2f:4e:5c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Jan 2 07:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53bc7d347aceb55c292c10f844931d2983d0f8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fc:88:fd:74:ac:3a:32:7f:a4:28:7f:fa:60:
8f:f6:4f:ba:c2:c8:fa:ae:b0:c2:07:d9:c0:e0:53:
5c:d2:b1:bf:ff:e3:8b:b2:97:95:f2:c9:cf:9c:ec:
65:40:3f:99:1d:7e:ad:49:26:4f:ae:bd:21:bc:6d:
ea:98:1d:7d:d4:73:79:0b:4c:99:71:57:ae:d5:3f:
76:b5:0f:cf:11:ce:a2:4d:b7:b6:8e:d1:ec:c8:ff:
7f:20:f8:45:93:9c:6c:04:d0:6f:92:e0:d9:37:11:
cf:87:98:f3:ee:7b:cf:a8:c9:d2:16:52:b7:c6:97:
b4:d3:d4:c7:1a:6f:d7:c3:8c:01:79:0d:59:43:7f:
f8:20:1f:8a:07:d3:c1:c9:c0:eb:65:4c:73:20:c2:
07:a4:0f:83:22:81:cb:d1:62:f5:9b:c5:b5:b7:01:
58:75:db:f3:de:0d:71:0c:ac:d4:d4:27:42:56:0d:
33:58:b0:96:44:ca:a8:dc:e4:83:99:55:54:2f:48:
db:70:de:4b:f2:d2:76:9c:eb:bb:9a:2c:dc:43:91:
9d:cd:ac:46:a4:8b:c7:31:82:d2:ea:27:c5:6b:4d:
8b:a0:cc:46:3d:6e:fd:94:75:c6:c5:dd:c4:f7:4e:
12:e4:09:a2:97:d9:77:ae:c7:ad:4d:63:71:f2:14:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BC:7D:34:7A:CE:B5:5C:29:2C:10:F8:44:93:1D:29:83:D0:F8:CA
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/U7x9NHrOtVwpLBD4RJMdKYPQ-Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.66.172.0/24
Signature Algorithm: sha256WithRSAEncryption
82:b5:53:4b:e6:a0:74:16:cc:88:80:ff:c0:c4:a0:b7:ce:60:
24:07:14:cb:75:29:4e:1f:31:76:bf:17:a8:23:e6:e9:f7:c9:
82:86:70:51:7f:71:46:8b:24:ed:98:92:4a:c4:94:7d:ef:5e:
ae:58:2d:00:e7:1e:8b:f1:9f:a4:46:21:8e:6f:e2:53:82:80:
dd:30:9f:72:3f:2b:a9:1f:c3:a5:8a:af:70:17:1d:6d:61:fa:
37:31:1f:2a:b5:77:bb:e8:5c:4d:5f:cb:d5:fe:8e:15:b0:1d:
6d:92:28:83:7d:81:c4:5e:69:ab:46:ac:11:5d:0a:38:75:0b:
30:ef:7c:53:f4:83:77:4b:92:72:e1:a2:1d:40:34:6b:12:26:
8a:34:a5:0b:37:6a:72:a0:7b:ab:36:f2:9d:72:d5:38:f5:73:
ae:ab:ab:ba:a0:8f:88:96:b4:af:2c:bc:f4:46:1a:bc:03:99:
6e:9c:93:37:e3:45:42:d5:dc:92:23:62:35:67:b7:2b:9a:68:
5b:68:27:e2:e2:b7:47:54:08:1e:d3:74:b9:8e:2b:18:fa:bf:
c4:a7:17:55:33:f2:66:85:6f:0a:41:02:ff:d7:c1:80:14:23:
88:14:7c:37:f0:1f:77:dd:d4:a4:ef:3c:db:a5:c7:63:21:2c:
5c:a3:03:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/ebNuJ5+JQPmejUvTlyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjUwMTAyMDc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JjN2QzNDdhY2ViNTVjMjkyYzEwZjg0NDkzMWQyOTgzZDBmOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPyI/XSsOjJ/pCh/+mCP9k+6wsj6
rrDCB9nA4FNc0rG//+OLspeV8snPnOxlQD+ZHX6tSSZPrr0hvG3qmB191HN5C0yZ
cVeu1T92tQ/PEc6iTbe2jtHsyP9/IPhFk5xsBNBvkuDZNxHPh5jz7nvPqMnSFlK3
xpe009THGm/Xw4wBeQ1ZQ3/4IB+KB9PBycDrZUxzIMIHpA+DIoHL0WL1m8W1twFY
ddvz3g1xDKzU1CdCVg0zWLCWRMqo3OSDmVVUL0jbcN5L8tJ2nOu7mizcQ5GdzaxG
pIvHMYLS6ifFa02LoMxGPW79lHXGxd3E904S5Amil9l3rsetTWNx8hTQdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFO8fTR6zrVcKSwQ+ESTHSmD0PjKMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvVTd4OU5Ick90VndwTEJENFJKTWRLWVBRLU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEKsMA0G
CSqGSIb3DQEBCwUAA4IBAQCCtVNL5qB0FsyIgP/AxKC3zmAkBxTLdSlOHzF2vxeo
I+bp98mChnBRf3FGiyTtmJJKxJR9716uWC0A5x6L8Z+kRiGOb+JTgoDdMJ9yPyup
H8Oliq9wFx1tYfo3MR8qtXe76FxNX8vV/o4VsB1tkiiDfYHEXmmrRqwRXQo4dQsw
73xT9IN3S5Jy4aIdQDRrEiaKNKULN2pyoHurNvKdctU49XOuq6u6oI+IlrSvLLz0
Rhq8A5lunJM340VC1dySI2I1Z7crmmhbaCfi4rdHVAge03S5jisY+r/EpxdVM/Jm
hW8KQQL/18GAFCOIFHw38B933dSk7zzbpcdjISxcowNq
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:48 2025 by rpki-client