Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/umZiORkStDdX-o9DnnT4OvBeIOE.roa
File: umZiORkStDdX-o9DnnT4OvBeIOE.roa (raw, json)
Hash identifier: Le853vZPtOeUlzPmDkRLXQM7/w7zBId+Eilqr9YxNG0=
Subject key identifier: BA:66:62:39:19:12:B4:37:57:FA:8F:43:9E:74:F8:3A:F0:5E:20:E1
Certificate issuer: /CN=696c67867e0e202248e7f5e3cbd574bd1a32fe3f
Certificate serial: 019427B546AD378B992970798BFA1759BA98
Authority key identifier: 69:6C:67:86:7E:0E:20:22:48:E7:F5:E3:CB:D5:74:BD:1A:32:FE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aWxnhn4OICJI5_Xjy9V0vRoy_j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/umZiORkStDdX-o9DnnT4OvBeIOE.roa
Signing time: Thu 02 Jan 2025 15:49:39 +0000
ROA not before: Thu 02 Jan 2025 15:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 163.119.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:46:ad:37:8b:99:29:70:79:8b:fa:17:59:ba:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=696c67867e0e202248e7f5e3cbd574bd1a32fe3f
Validity
Not Before: Jan 2 15:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6662391912b43757fa8f439e74f83af05e20e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:25:0f:ca:c1:cd:06:97:ac:1a:e2:02:89:
f8:85:f8:9c:a1:41:43:0a:0f:5c:d7:f5:18:73:19:
92:5e:c8:e0:69:70:9c:fe:29:9c:ec:cd:af:62:fe:
79:90:f5:22:ff:80:76:da:7f:66:fe:1f:d8:be:4d:
ac:92:4a:cd:41:cb:44:fc:a4:2c:bb:ab:17:c6:e6:
42:20:7f:ff:b9:cf:55:50:76:46:b1:7b:ec:a4:32:
80:eb:b8:3c:27:60:5d:7f:7d:19:54:b4:42:65:f9:
65:6a:eb:6f:bd:51:fb:be:23:59:b1:1e:9a:55:e0:
53:a3:63:c1:c4:ed:09:ec:f6:52:e2:de:8b:82:ff:
c8:91:6b:f6:28:cb:65:84:2d:a5:2e:8d:b4:80:ba:
42:25:89:5d:9b:1b:46:a1:25:63:b2:e5:6d:ed:d2:
4b:41:62:5f:05:00:a2:5f:36:67:ed:61:6f:ab:93:
1d:b2:5e:c3:b8:c9:08:b5:a4:c7:c3:d2:4c:9c:d3:
79:85:1b:f7:05:6c:9b:66:2e:84:c8:25:5c:88:78:
dc:d6:f5:a5:ab:c1:2e:bc:65:36:ab:bf:ff:ae:ed:
81:44:64:98:cc:ab:f5:88:a0:77:df:1a:bf:b5:be:
1b:fc:06:c5:d0:4b:82:a1:e2:be:d9:f7:a7:eb:72:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:66:62:39:19:12:B4:37:57:FA:8F:43:9E:74:F8:3A:F0:5E:20:E1
X509v3 Authority Key Identifier:
keyid:69:6C:67:86:7E:0E:20:22:48:E7:F5:E3:CB:D5:74:BD:1A:32:FE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWxnhn4OICJI5_Xjy9V0vRoy_j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/umZiORkStDdX-o9DnnT4OvBeIOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ec0453-7e8f-41b1-85d1-1cb1a8f80238/1/aWxnhn4OICJI5_Xjy9V0vRoy_j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.119.0.0/17
Signature Algorithm: sha256WithRSAEncryption
79:64:7b:1f:f1:9a:cd:47:51:cc:81:15:92:7b:88:34:56:00:
ba:c2:c3:19:91:7d:56:28:66:29:6c:ff:6a:ad:b6:18:fa:3d:
d6:b9:e3:ba:39:57:dc:9b:32:53:68:4e:bf:1b:4d:f9:a9:d5:
69:47:a3:03:74:3a:5a:f7:fb:34:74:e7:62:29:be:90:9b:d7:
68:32:38:cb:2c:b2:d6:35:5b:61:77:d9:be:b9:ff:61:ba:f9:
dd:58:42:ca:c3:2f:87:2a:6a:02:1b:0a:e2:20:d5:95:cd:d2:
ee:0a:fe:25:3a:c6:36:0a:03:2a:e0:83:2b:b1:00:52:b7:a6:
85:ae:53:84:c2:aa:b7:ab:9f:6a:38:fa:a1:0c:c5:b4:a1:f4:
be:67:61:55:b8:7e:50:cd:bd:d2:a7:6d:be:68:93:8d:33:2e:
52:09:48:83:1d:db:f8:1a:95:4b:c0:ee:13:70:05:00:9b:71:
5c:f7:91:0e:43:ad:a3:51:7f:84:b1:78:9c:76:02:98:b0:cd:
56:68:73:2e:17:9a:b5:9e:e5:6f:6c:35:b6:ee:e0:22:c2:c6:
bd:cc:33:6f:3d:cb:d3:0c:f1:83:74:66:ef:8c:c5:7d:af:3a:
5a:5b:1b:9e:15:fa:34:b2:cd:ad:46:3e:11:61:ff:42:e5:0b:
31:a9:cf:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntUatN4uZKXB5i/oXWbqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NmM2Nzg2N2UwZTIwMjI0OGU3ZjVlM2NiZDU3NGJkMWEz
MmZlM2YwHhcNMjUwMTAyMTU0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTY2NjIzOTE5MTJiNDM3NTdmYThmNDM5ZTc0ZjgzYWYwNWUyMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv94lD8rBzQaXrBriAon4hficoUFD
Cg9c1/UYcxmSXsjgaXCc/imc7M2vYv55kPUi/4B22n9m/h/Yvk2skkrNQctE/KQs
u6sXxuZCIH//uc9VUHZGsXvspDKA67g8J2Bdf30ZVLRCZfllautvvVH7viNZsR6a
VeBTo2PBxO0J7PZS4t6Lgv/IkWv2KMtlhC2lLo20gLpCJYldmxtGoSVjsuVt7dJL
QWJfBQCiXzZn7WFvq5Mdsl7DuMkItaTHw9JMnNN5hRv3BWybZi6EyCVciHjc1vWl
q8EuvGU2q7//ru2BRGSYzKv1iKB33xq/tb4b/AbF0EuCoeK+2fen63KKwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpmYjkZErQ3V/qPQ550+DrwXiDhMB8GA1UdIwQY
MBaAFGlsZ4Z+DiAiSOf148vVdL0aMv4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVd4bmhuNE9JQ0pJNV9Yank5VjB2Um95X2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYzA0NTMtN2U4Zi00MWIxLTg1ZDEt
MWNiMWE4ZjgwMjM4LzEvdW1aaU9Sa1N0RGRYLW85RG5uVDRPdkJlSU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYzA0NTMtN2U4Zi00MWIxLTg1ZDEtMWNiMWE4ZjgwMjM4
LzEvYVd4bmhuNE9JQ0pJNV9Yank5VjB2Um95X2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHo3cAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5ZHsf8ZrNR1HMgRWSe4g0VgC6wsMZkX1WKGYpbP9q
rbYY+j3WueO6OVfcmzJTaE6/G035qdVpR6MDdDpa9/s0dOdiKb6Qm9doMjjLLLLW
NVthd9m+uf9huvndWELKwy+HKmoCGwriINWVzdLuCv4lOsY2CgMq4IMrsQBSt6aF
rlOEwqq3q59qOPqhDMW0ofS+Z2FVuH5Qzb3Sp22+aJONMy5SCUiDHdv4GpVLwO4T
cAUAm3Fc95EOQ62jUX+EsXicdgKYsM1WaHMuF5q1nuVvbDW27uAiwsa9zDNvPcvT
DPGDdGbvjMV9rzpaWxueFfo0ss2tRj4RYf9C5Qsxqc+6
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:37 2025 by rpki-client