Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/U-wPyuWSIfTLUXrUBcu1iwzkkkE.roa
File: U-wPyuWSIfTLUXrUBcu1iwzkkkE.roa (raw, json)
Hash identifier: wwnHMZV0chZwvrZt+ctdV2jhf0hICd/ujFR1sP+2Xt4=
Subject key identifier: 53:EC:0F:CA:E5:92:21:F4:CB:51:7A:D4:05:CB:B5:8B:0C:E4:92:41
Certificate issuer: /CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Certificate serial: 01856FF975500DD9FA6D978162F85DB855E6
Authority key identifier: 4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/U-wPyuWSIfTLUXrUBcu1iwzkkkE.roa
Signing time: Mon 02 Jan 2023 00:54:57 +0000
ROA not before: Mon 02 Jan 2023 00:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213098
IP address blocks: 188.72.42.0/24 maxlen: 24
188.72.43.0/24 maxlen: 24
2a0c:9c0:1::/48 maxlen: 48
2a0c:9c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:75:50:0d:d9:fa:6d:97:81:62:f8:5d:b8:55:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee0b21c89a302be9dc03870c098f23280304b0f
Validity
Not Before: Jan 2 00:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53ec0fcae59221f4cb517ad405cbb58b0ce49241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:92:f7:1a:5c:ad:65:90:0d:fa:fa:a0:e9:35:
78:92:0a:c5:3e:3a:e9:38:76:5e:e8:6d:7e:91:4b:
d0:2d:c7:5f:ed:6c:c2:c8:84:97:2d:45:35:8c:fe:
23:6d:8c:f1:c6:43:5d:85:90:7f:86:de:f1:66:11:
74:04:19:18:04:2f:ce:20:e9:cd:b2:15:11:44:2d:
17:4d:1d:c9:99:5c:09:17:da:60:85:54:33:3f:e6:
5e:b7:a6:79:df:99:9a:2e:41:56:d4:99:71:ef:9e:
6a:2e:fe:c6:f7:bd:ca:30:7b:55:3b:0c:c6:b6:8a:
25:e0:4e:ce:c0:3f:a4:4c:81:45:e1:c0:59:c7:64:
65:5a:97:5c:40:4f:ee:ed:8e:ee:d9:50:e2:bd:de:
13:dd:ba:93:cd:12:4e:aa:c4:8f:67:e7:55:c4:fb:
f8:c5:04:b9:d6:f4:09:3a:37:5e:c6:c0:cf:07:5d:
c3:c3:96:fe:1c:48:cd:d0:dc:5b:79:0e:62:44:49:
d1:00:cb:15:ae:9d:be:84:9b:d3:21:86:01:b9:92:
32:98:5c:92:c8:19:4c:18:f2:06:30:60:64:58:b0:
a4:05:b3:67:6b:7d:4a:d3:a6:9e:27:fb:93:f7:17:
f7:ac:a0:c4:b6:1d:68:e4:62:1d:53:34:3b:80:2a:
12:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:0F:CA:E5:92:21:F4:CB:51:7A:D4:05:CB:B5:8B:0C:E4:92:41
X509v3 Authority Key Identifier:
keyid:4E:E0:B2:1C:89:A3:02:BE:9D:C0:38:70:C0:98:F2:32:80:30:4B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuCyHImjAr6dwDhwwJjyMoAwSw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/U-wPyuWSIfTLUXrUBcu1iwzkkkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fa278b-1246-48e3-9a05-509611b59c4a/1/TuCyHImjAr6dwDhwwJjyMoAwSw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.42.0/23
IPv6:
2a0c:9c0::/47
Signature Algorithm: sha256WithRSAEncryption
8d:20:6d:2b:b5:40:4c:7d:64:b7:02:d8:34:ae:fc:45:f6:2f:
49:1c:67:82:e0:06:64:f0:8c:e7:6d:05:aa:f9:4e:af:88:2f:
e4:55:fd:f2:79:ee:14:d2:17:65:d8:35:08:86:ec:0f:21:29:
0a:5a:a2:40:fd:82:a8:26:0b:1e:7f:0d:fd:56:f7:53:f7:a5:
ea:37:36:3f:90:49:da:1b:03:42:a5:3d:c8:bf:28:3b:8b:36:
0e:33:1a:9e:16:0e:0b:08:86:80:18:25:58:9c:30:7c:95:ff:
85:71:52:cb:45:87:7d:9f:eb:89:8f:90:07:36:40:c1:b2:4c:
36:12:7a:4c:9a:26:5a:78:b1:60:9f:53:14:13:7c:40:a1:e2:
63:01:43:26:d8:e5:0c:23:36:67:c2:80:54:a2:4c:3d:86:f1:
43:8b:79:d5:6e:82:25:8c:2d:c9:89:b2:dc:b1:b8:c6:66:b2:
a6:7d:b6:f5:4c:ee:d0:63:56:b6:fa:82:0d:a5:f0:34:00:01:
32:65:22:80:e8:92:d2:e7:30:a7:d2:1f:5a:a3:05:5d:cd:c7:
7e:11:07:18:a3:81:7f:ec:bf:cd:23:36:34:bc:fa:83:ca:a4:
a5:fa:5b:36:cf:63:f1:50:ab:aa:38:0b:cd:ca:d6:f8:36:24:
28:13:0c:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv+XVQDdn6bZeBYvhduFXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTBiMjFjODlhMzAyYmU5ZGMwMzg3MGMwOThmMjMyODAz
MDRiMGYwHhcNMjMwMTAyMDA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VjMGZjYWU1OTIyMWY0Y2I1MTdhZDQwNWNiYjU4YjBjZTQ5MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJL3GlytZZAN+vqg6TV4kgrFPjrp
OHZe6G1+kUvQLcdf7WzCyISXLUU1jP4jbYzxxkNdhZB/ht7xZhF0BBkYBC/OIOnN
shURRC0XTR3JmVwJF9pghVQzP+Zet6Z535maLkFW1Jlx755qLv7G973KMHtVOwzG
tool4E7OwD+kTIFF4cBZx2RlWpdcQE/u7Y7u2VDivd4T3bqTzRJOqsSPZ+dVxPv4
xQS51vQJOjdexsDPB13Dw5b+HEjN0NxbeQ5iREnRAMsVrp2+hJvTIYYBuZIymFyS
yBlMGPIGMGBkWLCkBbNna31K06aeJ/uT9xf3rKDEth1o5GIdUzQ7gCoSjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPsD8rlkiH0y1F61AXLtYsM5JJBMB8GA1UdIwQY
MBaAFE7gshyJowK+ncA4cMCY8jKAMEsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUt
NTA5NjExYjU5YzRhLzEvVS13UHl1V1NJZlRMVVhyVUJjdTFpd3pra2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYTI3OGItMTI0Ni00OGUzLTlhMDUtNTA5NjExYjU5YzRh
LzEvVHVDeUhJbWpBcjZkd0Rod3dKanlNb0F3U3c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBvEgqMA8E
AgACMAkDBwEqDAnAAAAwDQYJKoZIhvcNAQELBQADggEBAI0gbSu1QEx9ZLcC2DSu
/EX2L0kcZ4LgBmTwjOdtBar5Tq+IL+RV/fJ57hTSF2XYNQiG7A8hKQpaokD9gqgm
Cx5/Df1W91P3peo3Nj+QSdobA0KlPci/KDuLNg4zGp4WDgsIhoAYJVicMHyV/4Vx
UstFh32f64mPkAc2QMGyTDYSekyaJlp4sWCfUxQTfECh4mMBQybY5QwjNmfCgFSi
TD2G8UOLedVugiWMLcmJstyxuMZmsqZ9tvVM7tBjVrb6gg2l8DQAATJlIoDoktLn
MKfSH1qjBV3Nx34RBxijgX/sv80jNjS8+oPKpKX6WzbPY/FQq6o4C83K1vg2JCgT
DOs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:40 2025 by rpki-client