Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/Un_j670e2Y0lbuGjPdNB7YlzoEs.roa
File: Un_j670e2Y0lbuGjPdNB7YlzoEs.roa (raw, json)
Hash identifier: Kkt1rkdV+wmOo3OkuzGReL/fWrc8cmIIpuTVmD5n03s=
Subject key identifier: 52:7F:E3:EB:BD:1E:D9:8D:25:6E:E1:A3:3D:D3:41:ED:89:73:A0:4B
Certificate issuer: /CN=951c8b406e8299a7294dd7224570fc32b629dc6b
Certificate serial: 018CC5006B6F71EEE79B1E0B46BD577C293E
Authority key identifier: 95:1C:8B:40:6E:82:99:A7:29:4D:D7:22:45:70:FC:32:B6:29:DC:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRyLQG6CmacpTdciRXD8MrYp3Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/Un_j670e2Y0lbuGjPdNB7YlzoEs.roa
Signing time: Mon 01 Jan 2024 12:29:48 +0000
ROA not before: Mon 01 Jan 2024 12:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 193.56.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:6b:6f:71:ee:e7:9b:1e:0b:46:bd:57:7c:29:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951c8b406e8299a7294dd7224570fc32b629dc6b
Validity
Not Before: Jan 1 12:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=527fe3ebbd1ed98d256ee1a33dd341ed8973a04b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5c:55:7c:3e:b0:2b:f1:80:f2:7c:5c:f2:c8:
a0:f5:cd:15:92:46:cf:c0:2a:e2:ed:9f:6d:17:80:
e9:59:83:55:42:f5:c3:d2:62:36:b7:e3:dd:ba:27:
83:f8:fb:8a:70:c6:ba:4d:b8:02:b7:85:b9:a5:d3:
85:7b:ae:d3:eb:d7:88:7e:6d:4c:69:8b:a3:b8:0a:
da:85:80:23:72:7e:bd:f2:fe:4b:82:7c:46:6a:cd:
1f:89:b8:da:2b:72:fb:fc:7c:c4:5b:31:eb:51:59:
f2:33:d6:39:ee:c2:99:09:7e:1d:57:e0:94:a9:9d:
e1:a1:ca:3c:88:a4:84:0f:4d:94:cb:91:0d:28:c2:
b1:64:b6:e9:58:70:37:3f:a3:10:70:7d:da:a3:f9:
bb:c1:ad:ab:47:2c:7c:0c:9a:b9:53:1c:74:f1:8c:
f4:80:97:ec:e0:30:89:7d:4f:69:d8:0f:ff:fe:36:
70:09:9c:a2:7a:97:cc:92:dc:72:65:50:b7:f7:fc:
f8:9c:79:59:21:d2:12:88:b6:c7:b1:bf:06:0a:d9:
d4:e0:e5:a5:98:d7:ec:ec:56:e4:9e:73:57:23:db:
46:f0:cf:38:6e:1d:db:4a:cf:73:bc:5a:81:4c:d8:
4a:ec:c9:7b:2c:e8:ef:1e:9e:aa:a3:e8:09:8f:c5:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7F:E3:EB:BD:1E:D9:8D:25:6E:E1:A3:3D:D3:41:ED:89:73:A0:4B
X509v3 Authority Key Identifier:
keyid:95:1C:8B:40:6E:82:99:A7:29:4D:D7:22:45:70:FC:32:B6:29:DC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRyLQG6CmacpTdciRXD8MrYp3Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/Un_j670e2Y0lbuGjPdNB7YlzoEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/lRyLQG6CmacpTdciRXD8MrYp3Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.113.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:49:72:24:e8:a8:ed:12:5a:29:a7:3a:8c:3e:c6:22:e1:7e:
ff:ea:2a:b7:14:68:3e:d5:b4:1f:23:72:0d:0a:ca:a2:fd:0d:
36:73:23:83:a9:a1:43:f8:08:33:7e:06:6f:a3:66:8e:04:50:
f6:ce:08:ba:5b:d2:5e:cd:8d:be:ed:4a:ee:72:09:d6:2f:f2:
19:96:ab:20:61:96:86:45:49:df:b1:ae:3a:1f:ba:4f:90:12:
e3:6e:93:bf:2a:68:ff:fe:c5:bd:6f:5b:30:ec:15:a9:28:d0:
64:47:df:bf:8e:d0:63:a8:5a:08:2b:59:27:e6:21:31:8a:64:
22:52:b6:54:19:2f:44:ad:16:3e:58:d2:64:a6:ba:69:18:12:
9d:57:08:a3:27:a9:9f:b1:55:2c:de:91:a5:fe:78:0e:9d:3d:
68:df:8e:2d:a3:07:ed:70:b5:cd:53:21:e8:50:fb:d1:d6:f0:
08:14:f8:87:4d:44:d5:ce:66:b3:a3:32:f7:d6:a7:da:43:ad:
48:76:59:de:8e:24:86:20:9b:74:d4:b9:9f:d0:bf:ee:5b:ae:
b3:e2:fc:f4:5f:b5:d6:61:2a:d8:70:9c:18:93:df:fd:79:8e:
46:97:83:d3:86:99:c4:0e:13:33:6f:6b:9b:3e:3e:6d:c8:9b:
46:7b:93:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAGtvce7nmx4LRr1XfCk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWM4YjQwNmU4Mjk5YTcyOTRkZDcyMjQ1NzBmYzMyYjYy
OWRjNmIwHhcNMjQwMTAxMTIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjdmZTNlYmJkMWVkOThkMjU2ZWUxYTMzZGQzNDFlZDg5NzNhMDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFxVfD6wK/GA8nxc8sig9c0VkkbP
wCri7Z9tF4DpWYNVQvXD0mI2t+PduieD+PuKcMa6TbgCt4W5pdOFe67T69eIfm1M
aYujuArahYAjcn698v5LgnxGas0fibjaK3L7/HzEWzHrUVnyM9Y57sKZCX4dV+CU
qZ3hoco8iKSED02Uy5ENKMKxZLbpWHA3P6MQcH3ao/m7wa2rRyx8DJq5Uxx08Yz0
gJfs4DCJfU9p2A///jZwCZyiepfMktxyZVC39/z4nHlZIdISiLbHsb8GCtnU4OWl
mNfs7FbknnNXI9tG8M84bh3bSs9zvFqBTNhK7Ml7LOjvHp6qo+gJj8Vz2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJ/4+u9HtmNJW7hoz3TQe2Jc6BLMB8GA1UdIwQY
MBaAFJUci0BugpmnKU3XIkVw/DK2KdxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJ5TFFHNkNtYWNwVGRjaVJYRDhNcllwM0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kMjI2YmItNzIxMC00YzkyLTkzMTIt
MzNiMzYyMjRkNmQ3LzEvVW5fajY3MGUyWTBsYnVHalBkTkI3WWx6b0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kMjI2YmItNzIxMC00YzkyLTkzMTItMzNiMzYyMjRkNmQ3
LzEvbFJ5TFFHNkNtYWNwVGRjaVJYRDhNcllwM0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwThxMA0G
CSqGSIb3DQEBCwUAA4IBAQCpSXIk6KjtEloppzqMPsYi4X7/6iq3FGg+1bQfI3IN
Csqi/Q02cyODqaFD+AgzfgZvo2aOBFD2zgi6W9JezY2+7UrucgnWL/IZlqsgYZaG
RUnfsa46H7pPkBLjbpO/Kmj//sW9b1sw7BWpKNBkR9+/jtBjqFoIK1kn5iEximQi
UrZUGS9ErRY+WNJkprppGBKdVwijJ6mfsVUs3pGl/ngOnT1o344towftcLXNUyHo
UPvR1vAIFPiHTUTVzmazozL31qfaQ61IdlnejiSGIJt01Lmf0L/uW66z4vz0X7XW
YSrYcJwYk9/9eY5Gl4PThpnEDhMzb2ubPj5tyJtGe5NA
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:01:48 2025 by rpki-client