Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/5f172f-65d2-4591-88f4-9f8657190f55/1/VgDS8psnl4HduWET4rgBi0G9kmc.roa
File: VgDS8psnl4HduWET4rgBi0G9kmc.roa (raw, json)
Hash identifier: pbEepqoHs8OnaBlrTUpCaumIlAlFqgo7nM59cmBO6xY=
Subject key identifier: 56:00:D2:F2:9B:27:97:81:DD:B9:61:13:E2:B8:01:8B:41:BD:92:67
Certificate issuer: /CN=943955a6e8c546ce3ed919f38ea0630d840a17ed
Certificate serial: 018CC5DC3278B918BF6944A8CCF02F17867B
Authority key identifier: 94:39:55:A6:E8:C5:46:CE:3E:D9:19:F3:8E:A0:63:0D:84:0A:17:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lDlVpujFRs4-2RnzjqBjDYQKF-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/5f172f-65d2-4591-88f4-9f8657190f55/1/VgDS8psnl4HduWET4rgBi0G9kmc.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49051
IP address blocks: 94.143.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:32:78:b9:18:bf:69:44:a8:cc:f0:2f:17:86:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943955a6e8c546ce3ed919f38ea0630d840a17ed
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5600d2f29b279781ddb96113e2b8018b41bd9267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:2c:a7:94:39:33:99:c6:52:61:89:98:22:
97:57:6c:36:33:09:72:e1:d4:37:1d:0c:29:5b:a7:
c4:4e:32:77:91:0c:2c:60:89:94:f9:f9:51:7c:46:
dc:a9:91:a1:55:cc:fe:c2:43:b7:43:f4:03:7f:66:
3a:9f:a4:b6:f4:f1:16:98:40:47:de:ce:70:d0:3c:
3e:b0:cf:b5:b1:db:7e:5b:2c:bc:c6:a8:5a:04:bc:
20:c6:4b:a5:c6:47:6c:6d:bc:bf:d5:82:9a:bf:0b:
d6:eb:43:cd:1a:2b:39:80:8f:cc:0c:8c:af:93:5f:
dd:d5:82:ac:0d:2e:76:9d:89:52:de:7d:96:92:5c:
bd:35:c8:a1:71:be:e0:a7:81:60:28:c7:22:e8:8a:
13:14:13:4c:2a:34:9f:5c:62:75:89:60:a4:13:77:
09:97:57:b1:34:21:b7:2a:5a:b7:87:7a:23:28:5e:
b4:9a:d1:46:29:3f:9b:f1:b9:53:75:d9:62:31:2c:
40:40:70:cd:c5:1e:ec:de:3d:88:70:12:f7:9e:47:
6a:2a:15:41:53:9c:23:92:13:a0:6e:a8:63:1e:f2:
dc:14:5c:c6:e4:43:4b:6a:57:88:e9:9d:a1:71:ab:
94:ae:06:8e:a3:73:00:5e:93:95:b8:a5:e5:84:1a:
c8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:00:D2:F2:9B:27:97:81:DD:B9:61:13:E2:B8:01:8B:41:BD:92:67
X509v3 Authority Key Identifier:
keyid:94:39:55:A6:E8:C5:46:CE:3E:D9:19:F3:8E:A0:63:0D:84:0A:17:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lDlVpujFRs4-2RnzjqBjDYQKF-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/5f172f-65d2-4591-88f4-9f8657190f55/1/VgDS8psnl4HduWET4rgBi0G9kmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/5f172f-65d2-4591-88f4-9f8657190f55/1/lDlVpujFRs4-2RnzjqBjDYQKF-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.229.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e1:5d:49:b7:82:6b:d2:60:07:68:cc:8e:51:09:e4:e4:e1:
6b:52:98:e1:4a:d6:f1:1d:dc:dc:67:2f:30:d9:f3:48:b1:5d:
41:25:2a:37:01:1b:f6:56:ef:58:b5:f5:69:e9:43:9e:60:60:
4f:d6:0d:e1:cc:f3:6f:2e:60:02:97:41:45:a1:d5:6d:94:ac:
ae:de:43:d3:54:66:1b:5c:e9:cc:d4:17:32:56:ee:fd:7e:21:
82:fa:18:8f:27:f0:cd:de:96:8b:2c:7a:30:6f:c1:f1:ed:08:
14:a2:df:2a:1a:80:aa:0d:df:48:9a:ea:10:20:24:61:f3:c6:
8f:ee:69:9d:67:a5:3f:a6:31:06:10:15:e7:04:b8:20:01:93:
bb:e7:b4:81:85:b7:cb:47:50:09:bc:e5:2b:3a:7b:91:ca:ba:
7b:b9:75:0c:d5:0e:fe:c1:86:8c:d4:bf:eb:44:0c:93:1e:b4:
df:53:e0:38:81:00:e2:6c:df:4a:4a:6b:b3:57:17:2e:a4:41:
24:2a:9a:eb:61:74:ec:8b:6e:cf:76:82:fa:ab:85:28:2d:f8:
d2:02:51:cc:05:dd:94:5a:a1:17:20:5f:28:6b:65:3b:0a:44:
8b:02:5d:d6:2d:8e:e7:59:01:72:66:d7:0d:78:5c:0c:f9:55:
b4:61:5f:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DJ4uRi/aUSozPAvF4Z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Mzk1NWE2ZThjNTQ2Y2UzZWQ5MTlmMzhlYTA2MzBkODQw
YTE3ZWQwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjAwZDJmMjliMjc5NzgxZGRiOTYxMTNlMmI4MDE4YjQxYmQ5MjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlswsp5Q5M5nGUmGJmCKXV2w2Mwly
4dQ3HQwpW6fETjJ3kQwsYImU+flRfEbcqZGhVcz+wkO3Q/QDf2Y6n6S29PEWmEBH
3s5w0Dw+sM+1sdt+Wyy8xqhaBLwgxkulxkdsbby/1YKavwvW60PNGis5gI/MDIyv
k1/d1YKsDS52nYlS3n2Wkly9Ncihcb7gp4FgKMci6IoTFBNMKjSfXGJ1iWCkE3cJ
l1exNCG3Klq3h3ojKF60mtFGKT+b8blTddliMSxAQHDNxR7s3j2IcBL3nkdqKhVB
U5wjkhOgbqhjHvLcFFzG5ENLaleI6Z2hcauUrgaOo3MAXpOVuKXlhBrIOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYA0vKbJ5eB3blhE+K4AYtBvZJnMB8GA1UdIwQY
MBaAFJQ5VaboxUbOPtkZ846gYw2EChftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbERsVnB1akZSczQtMlJuempxQmpEWVFLRi0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81ZjE3MmYtNjVkMi00NTkxLTg4ZjQt
OWY4NjU3MTkwZjU1LzEvVmdEUzhwc25sNEhkdVdFVDRyZ0JpMEc5a21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81ZjE3MmYtNjVkMi00NTkxLTg4ZjQtOWY4NjU3MTkwZjU1
LzEvbERsVnB1akZSczQtMlJuempxQmpEWVFLRi0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo/lMA0G
CSqGSIb3DQEBCwUAA4IBAQBF4V1Jt4Jr0mAHaMyOUQnk5OFrUpjhStbxHdzcZy8w
2fNIsV1BJSo3ARv2Vu9YtfVp6UOeYGBP1g3hzPNvLmACl0FFodVtlKyu3kPTVGYb
XOnM1BcyVu79fiGC+hiPJ/DN3paLLHowb8Hx7QgUot8qGoCqDd9ImuoQICRh88aP
7mmdZ6U/pjEGEBXnBLggAZO757SBhbfLR1AJvOUrOnuRyrp7uXUM1Q7+wYaM1L/r
RAyTHrTfU+A4gQDibN9KSmuzVxcupEEkKprrYXTsi27PdoL6q4UoLfjSAlHMBd2U
WqEXIF8oa2U7CkSLAl3WLY7nWQFyZtcNeFwM+VW0YV8l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:47 2025 by rpki-client