Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/ugCHO46pUQzd5zqdNawWJEPystY.roa
File: ugCHO46pUQzd5zqdNawWJEPystY.roa (raw, json)
Hash identifier: BahKiNdd/pZ/56ATzb3cvkxPGvUYcM+QZnAs5IV/tZc=
Subject key identifier: BA:00:87:3B:8E:A9:51:0C:DD:E7:3A:9D:35:AC:16:24:43:F2:B2:D6
Certificate issuer: /CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
Certificate serial: 019428256E55D6B3ED319F114B058884A446
Authority key identifier: D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/ugCHO46pUQzd5zqdNawWJEPystY.roa
Signing time: Thu 02 Jan 2025 17:52:09 +0000
ROA not before: Thu 02 Jan 2025 17:52:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34379
IP address blocks: 193.111.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:6e:55:d6:b3:ed:31:9f:11:4b:05:88:84:a4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
Validity
Not Before: Jan 2 17:52:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba00873b8ea9510cdde73a9d35ac162443f2b2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:ec:49:cd:80:78:75:ed:c6:5d:78:6a:f1:
92:d4:c9:08:5e:70:a0:84:b5:b9:31:c9:1c:80:ae:
f8:aa:5f:44:29:73:dc:17:91:92:a3:0d:d2:c1:38:
1e:24:55:63:6f:1a:c5:8b:0b:95:ee:6a:a3:9f:47:
d5:33:d0:2d:37:4d:19:9f:17:d1:67:d2:5e:f7:5c:
d9:1e:2f:6f:60:26:e3:4b:6d:d0:2f:ee:e7:86:f9:
2c:e9:c0:b4:0e:89:9b:10:4f:c9:32:29:2b:b2:a7:
49:c4:ba:4f:9b:60:c2:1a:f9:ba:69:67:e8:58:e6:
b4:1f:86:cc:c6:7c:ca:07:ff:07:df:45:0f:5e:60:
a3:d1:eb:4a:f3:2e:49:25:62:d5:19:f6:cd:63:de:
41:26:a9:4b:78:5b:dc:be:bb:9e:e8:58:f8:db:bf:
50:0c:cb:47:71:fd:81:93:69:88:35:cb:04:df:81:
4a:21:e3:09:a7:87:e6:22:82:28:c1:e1:9b:3c:35:
73:b1:70:35:fc:7b:69:91:8d:9a:b9:63:4a:d6:60:
fe:68:64:2e:92:5b:d0:a4:41:5e:7a:9d:fa:8d:bc:
89:48:d5:db:23:8f:07:11:6e:88:be:cd:8c:13:bc:
65:33:df:6f:8a:38:1d:b8:79:5f:5e:6e:5b:7a:aa:
88:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:00:87:3B:8E:A9:51:0C:DD:E7:3A:9D:35:AC:16:24:43:F2:B2:D6
X509v3 Authority Key Identifier:
keyid:D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/ugCHO46pUQzd5zqdNawWJEPystY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/1dkCoH_H1I4Nspv_vjqxBUP8FGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:8b:cf:0c:ee:77:4a:e0:ae:23:5e:83:4f:37:f3:c3:e5:d2:
a1:8c:cf:ea:16:e5:ad:5f:e1:81:f1:0f:61:71:b0:b4:be:f6:
71:ad:2f:6e:44:6d:4c:20:15:2a:c9:12:52:70:40:73:40:8c:
75:1b:89:70:ea:c1:e3:fb:75:64:6a:47:05:49:5b:f8:76:db:
a3:02:cb:e0:c7:94:c4:69:e1:b2:cd:71:09:9d:7c:32:e4:47:
cc:f9:ec:95:92:55:54:70:60:20:75:70:95:a6:00:20:f4:fd:
e8:86:c9:27:02:21:19:2c:4e:2d:20:a3:6f:e1:ed:2e:75:84:
c7:2f:42:8c:ef:bf:6f:5e:42:23:96:3c:86:bf:7a:a3:b7:1b:
90:14:22:b1:3c:44:7b:72:48:b3:e0:0c:a0:b4:04:43:a2:d6:
86:48:88:8d:bb:69:ad:1f:b5:5a:d4:04:a8:69:3f:68:31:30:
6a:8b:4e:af:db:1b:02:b2:71:dc:73:e3:6f:7d:48:67:ac:82:
91:f2:af:ae:38:2c:33:db:b1:17:53:41:71:e1:78:e0:22:59:
0d:fa:75:fa:9d:ca:2e:00:63:1c:76:bb:f3:86:9a:38:9e:e9:
8a:41:74:7b:be:aa:85:c3:cc:c6:d7:d6:73:76:47:ad:e7:f9:
96:27:d8:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJW5V1rPtMZ8RSwWIhKRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDkwMmEwN2ZjN2Q0OGUwZGIyOWJmZmJlM2FiMTA1NDNm
YzE0NjUwHhcNMjUwMTAyMTc1MjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTAwODczYjhlYTk1MTBjZGRlNzNhOWQzNWFjMTYyNDQzZjJiMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqHsSc2AeHXtxl14avGS1MkIXnCg
hLW5MckcgK74ql9EKXPcF5GSow3SwTgeJFVjbxrFiwuV7mqjn0fVM9AtN00ZnxfR
Z9Je91zZHi9vYCbjS23QL+7nhvks6cC0DombEE/JMikrsqdJxLpPm2DCGvm6aWfo
WOa0H4bMxnzKB/8H30UPXmCj0etK8y5JJWLVGfbNY95BJqlLeFvcvrue6Fj4279Q
DMtHcf2Bk2mINcsE34FKIeMJp4fmIoIoweGbPDVzsXA1/HtpkY2auWNK1mD+aGQu
klvQpEFeep36jbyJSNXbI48HEW6Ivs2ME7xlM99vijgduHlfXm5beqqIzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoAhzuOqVEM3ec6nTWsFiRD8rLWMB8GA1UdIwQY
MBaAFNXZAqB/x9SODbKb/746sQVD/BRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEt
YTZjZWMyNWI4MDA2LzEvdWdDSE80NnBVUXpkNXpxZE5hd1dKRVB5c3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEtYTZjZWMyNWI4MDA2
LzEvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW/vMA0G
CSqGSIb3DQEBCwUAA4IBAQCNi88M7ndK4K4jXoNPN/PD5dKhjM/qFuWtX+GB8Q9h
cbC0vvZxrS9uRG1MIBUqyRJScEBzQIx1G4lw6sHj+3VkakcFSVv4dtujAsvgx5TE
aeGyzXEJnXwy5EfM+eyVklVUcGAgdXCVpgAg9P3ohsknAiEZLE4tIKNv4e0udYTH
L0KM779vXkIjljyGv3qjtxuQFCKxPER7ckiz4AygtARDotaGSIiNu2mtH7Va1ASo
aT9oMTBqi06v2xsCsnHcc+NvfUhnrIKR8q+uOCwz27EXU0Fx4XjgIlkN+nX6ncou
AGMcdrvzhpo4numKQXR7vqqFw8zG19Zzdket5/mWJ9j7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:26 2025 by rpki-client