Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/8UsKru4GUtgw_0xxwGnuNk4X6qU.roa
File: 8UsKru4GUtgw_0xxwGnuNk4X6qU.roa (raw, json)
Hash identifier: 2YCBBlNmLi4im2DB+LyilkCTZU+WJA6eTvB2YkNF6lw=
Subject key identifier: F1:4B:0A:AE:EE:06:52:D8:30:FF:4C:71:C0:69:EE:36:4E:17:EA:A5
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 01856BAEA209D78C20839E00C27DFDF83BEC
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/8UsKru4GUtgw_0xxwGnuNk4X6qU.roa
Signing time: Sun 01 Jan 2023 04:54:44 +0000
ROA not before: Sun 01 Jan 2023 04:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 31.6.45.0/24 maxlen: 24
178.208.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:a2:09:d7:8c:20:83:9e:00:c2:7d:fd:f8:3b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Jan 1 04:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f14b0aaeee0652d830ff4c71c069ee364e17eaa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:a3:32:c5:ad:6e:3c:a4:5e:8c:0b:6b:9c:
62:9b:e2:4a:52:a5:b7:8c:31:f7:af:7f:fc:82:b8:
81:6a:e0:16:0c:3d:a7:cf:6a:38:0c:a2:ee:90:29:
2b:0c:67:91:d5:f3:ca:07:ce:a6:63:2b:e7:23:aa:
a8:07:f8:a1:3e:2b:46:95:0f:97:9a:96:4c:7c:0b:
ec:86:2f:5a:bf:ee:d6:13:52:e9:81:d7:a0:71:88:
1d:64:43:c1:14:b6:b2:90:b0:c8:f1:80:93:13:a9:
cf:54:b8:92:bf:88:ca:b6:09:a5:bb:6a:c7:2b:43:
2f:e0:9c:ad:7d:04:77:14:e9:2b:a5:3e:fb:e7:24:
78:0e:7d:b9:25:08:ed:25:bd:b6:c3:fd:a2:58:d4:
36:62:d2:4a:4a:b5:40:a8:61:cd:0e:58:a2:27:33:
f8:08:d0:e9:9a:51:e5:95:4b:87:e7:70:6d:e2:8b:
c6:7f:79:bb:51:e6:74:d9:cd:00:c4:14:fd:e8:5c:
dc:23:54:35:a7:a3:89:8f:eb:ca:4e:db:ec:42:38:
cd:3b:c5:d6:0b:3b:94:1f:c0:92:c9:e0:f9:03:62:
a3:af:de:dd:65:f2:a3:a4:bd:7f:78:4a:50:cb:f0:
a0:07:16:14:d0:1a:29:4d:0e:68:40:34:78:73:c2:
dc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4B:0A:AE:EE:06:52:D8:30:FF:4C:71:C0:69:EE:36:4E:17:EA:A5
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/8UsKru4GUtgw_0xxwGnuNk4X6qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.45.0/24
178.208.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:fe:0f:27:b1:07:2c:50:18:27:64:f4:dc:9b:30:fd:58:10:
17:28:54:24:e2:3c:d6:74:35:16:49:2c:bb:0b:c8:3e:79:77:
f5:65:ad:17:29:f6:79:7d:8b:57:66:4d:23:b4:7a:7f:b6:33:
1a:61:b9:5e:73:bb:28:18:3c:40:49:41:aa:70:04:76:d3:e3:
71:57:61:77:0f:ba:78:bc:4a:7b:7d:36:8f:a2:95:f0:36:da:
00:a1:38:e7:4e:d1:ea:97:94:c6:c0:ba:85:f8:16:45:09:78:
5f:f9:82:54:6d:63:d5:8a:ed:12:dd:bb:93:22:e5:8a:dd:60:
ce:0f:45:a5:a1:50:53:83:3e:db:07:ea:5d:3a:fb:17:ee:fc:
30:61:b3:7c:ae:ec:3e:dd:04:c3:a7:36:49:92:10:31:f8:bc:
4f:e2:d3:23:fc:48:96:23:18:07:18:1c:a8:98:7f:0f:0c:ca:
03:fa:c8:f2:e4:e7:47:17:4c:a0:5f:fa:b3:a4:4b:f5:93:79:
2b:2d:6c:61:29:8d:de:41:b6:d2:67:af:ad:9b:73:fd:dd:2b:
bf:48:59:af:31:22:f0:60:18:86:09:66:20:4a:a4:d3:5c:01:
96:ec:90:5b:10:04:d2:53:70:35:66:4c:ff:b3:30:f2:5f:e6:
56:f1:7d:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrrqIJ14wgg54Awn39+DvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjMwMTAxMDQ1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTRiMGFhZWVlMDY1MmQ4MzBmZjRjNzFjMDY5ZWUzNjRlMTdlYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcajMsWtbjykXowLa5xim+JKUqW3
jDH3r3/8griBauAWDD2nz2o4DKLukCkrDGeR1fPKB86mYyvnI6qoB/ihPitGlQ+X
mpZMfAvshi9av+7WE1LpgdegcYgdZEPBFLaykLDI8YCTE6nPVLiSv4jKtgmlu2rH
K0Mv4JytfQR3FOkrpT775yR4Dn25JQjtJb22w/2iWNQ2YtJKSrVAqGHNDliiJzP4
CNDpmlHllUuH53Bt4ovGf3m7UeZ02c0AxBT96FzcI1Q1p6OJj+vKTtvsQjjNO8XW
CzuUH8CSyeD5A2Kjr97dZfKjpL1/eEpQy/CgBxYU0BopTQ5oQDR4c8LcowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPFLCq7uBlLYMP9MccBp7jZOF+qlMB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEvOFVzS3J1NEdVdGd3XzB4eHdHbnVOazRYNnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHwYtAwQC
stC0MA0GCSqGSIb3DQEBCwUAA4IBAQAO/g8nsQcsUBgnZPTcmzD9WBAXKFQk4jzW
dDUWSSy7C8g+eXf1Za0XKfZ5fYtXZk0jtHp/tjMaYblec7soGDxASUGqcAR20+Nx
V2F3D7p4vEp7fTaPopXwNtoAoTjnTtHql5TGwLqF+BZFCXhf+YJUbWPViu0S3buT
IuWK3WDOD0WloVBTgz7bB+pdOvsX7vwwYbN8ruw+3QTDpzZJkhAx+LxP4tMj/EiW
IxgHGByomH8PDMoD+sjy5OdHF0ygX/qzpEv1k3krLWxhKY3eQbbSZ6+tm3P93Su/
SFmvMSLwYBiGCWYgSqTTXAGW7JBbEATSU3A1Zkz/szDyX+ZW8X0F
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:14:59 2025 by rpki-client