Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/UlnGgc7rXEKFqMAk-tpfI5Lh-5M.roa
File: UlnGgc7rXEKFqMAk-tpfI5Lh-5M.roa (raw, json)
Hash identifier: kL24P4dJTOA7fjF9rfyupJlTpfoO2ukoYQYPjhNNEaw=
Subject key identifier: 52:59:C6:81:CE:EB:5C:42:85:A8:C0:24:FA:DA:5F:23:92:E1:FB:93
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 0187760E000161109BED11CC392E58C4055E
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/UlnGgc7rXEKFqMAk-tpfI5Lh-5M.roa
Signing time: Wed 12 Apr 2023 15:20:41 +0000
ROA not before: Wed 12 Apr 2023 15:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.143.11.0/24 maxlen: 24
45.143.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:0e:00:01:61:10:9b:ed:11:cc:39:2e:58:c4:05:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Apr 12 15:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5259c681ceeb5c4285a8c024fada5f2392e1fb93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:20:c5:eb:cb:35:4e:8a:90:44:0c:56:30:3f:
c0:81:b2:fa:1e:00:ea:06:0e:6e:31:58:23:09:db:
99:35:31:d0:c2:12:51:12:46:f3:9f:94:c8:7c:e6:
db:7c:90:0f:ab:dc:5e:82:d6:20:14:46:4c:06:f7:
69:90:8a:7d:04:05:f9:3d:3a:c2:f9:c4:d2:49:e6:
ab:b1:d1:e2:1c:c6:8b:75:21:ca:e5:5c:92:d1:9f:
f3:e8:c8:da:b0:58:81:e7:a6:e7:dc:2b:fb:59:c3:
fd:3f:3d:3a:2a:55:32:01:9a:7a:11:18:ab:92:68:
7e:5d:80:41:88:8c:8c:5e:fb:f6:e4:54:83:85:54:
a0:46:3e:64:bc:01:97:ee:46:87:14:cf:f6:d0:81:
92:84:65:6b:21:f8:22:81:12:ed:38:61:85:ea:04:
ee:fc:af:dc:ab:38:fb:71:4b:7e:b7:d3:f3:74:3b:
03:6a:76:4f:a0:25:5a:fb:66:ad:a1:da:41:1c:d4:
af:d9:45:2d:9c:04:a9:f1:9a:c4:98:fc:bf:fd:9f:
72:8a:ff:8d:62:d0:3a:cc:d5:f2:05:9c:a4:64:94:
82:8e:99:7c:01:c2:d2:d0:3f:9a:5e:67:cb:43:11:
2c:87:5a:40:59:79:35:61:b9:55:bb:81:96:db:dc:
6c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:59:C6:81:CE:EB:5C:42:85:A8:C0:24:FA:DA:5F:23:92:E1:FB:93
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/UlnGgc7rXEKFqMAk-tpfI5Lh-5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.9.0/24
45.143.11.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ac:58:03:41:5b:a7:f4:59:84:e3:03:db:fd:39:9c:ef:2f:
71:5c:4f:6d:e1:ae:c1:25:66:0c:09:c7:5a:86:71:7f:30:ba:
4c:75:af:75:fe:9f:40:2b:e1:63:21:30:b5:5e:3c:d7:b9:23:
f1:2f:83:32:3f:71:2b:88:b4:b7:f0:3f:fe:5d:b3:92:58:a3:
ad:ec:81:4f:17:84:6b:04:ed:d6:04:3c:d4:04:ca:08:14:98:
d6:e5:31:f9:2e:97:05:82:9d:30:16:49:56:33:55:56:07:d7:
77:cb:11:35:f8:a0:eb:56:ca:18:b1:5e:2c:5b:6d:32:66:eb:
26:f6:78:f8:7d:6d:ba:c6:00:95:42:87:f1:f2:4d:22:a9:2b:
b3:d2:23:33:f8:0f:8c:04:4b:e4:83:29:f2:80:bd:09:64:ef:
de:7a:e9:60:f5:94:f7:f0:d4:ff:5b:42:68:41:aa:9c:2c:b8:
fa:6b:a5:f8:04:f5:15:ec:fb:5e:9e:cc:e3:21:c0:da:c4:96:
c2:e3:a6:6b:ac:72:11:e3:9a:a7:97:a6:29:ed:9f:4b:38:33:
68:43:f0:7a:5e:5c:b7:66:fd:2d:aa:31:6e:de:cb:57:c8:d5:
4f:a4:44:84:9e:6d:74:ad:59:2c:c7:8e:5b:eb:97:c2:a1:5a:
be:08:32:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd2DgABYRCb7RHMOS5YxAVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwNDEyMTUyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU5YzY4MWNlZWI1YzQyODVhOGMwMjRmYWRhNWYyMzkyZTFmYjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCDF68s1ToqQRAxWMD/AgbL6HgDq
Bg5uMVgjCduZNTHQwhJREkbzn5TIfObbfJAPq9xegtYgFEZMBvdpkIp9BAX5PTrC
+cTSSearsdHiHMaLdSHK5VyS0Z/z6MjasFiB56bn3Cv7WcP9Pz06KlUyAZp6ERir
kmh+XYBBiIyMXvv25FSDhVSgRj5kvAGX7kaHFM/20IGShGVrIfgigRLtOGGF6gTu
/K/cqzj7cUt+t9PzdDsDanZPoCVa+2atodpBHNSv2UUtnASp8ZrEmPy//Z9yiv+N
YtA6zNXyBZykZJSCjpl8AcLS0D+aXmfLQxEsh1pAWXk1YblVu4GW29xsQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJZxoHO61xChajAJPraXyOS4fuTMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvVWxuR2djN3JYRUtGcU1Bay10cGZJNUxoLTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY8JAwQA
LY8LMA0GCSqGSIb3DQEBCwUAA4IBAQBmrFgDQVun9FmE4wPb/Tmc7y9xXE9t4a7B
JWYMCcdahnF/MLpMda91/p9AK+FjITC1XjzXuSPxL4MyP3EriLS38D/+XbOSWKOt
7IFPF4RrBO3WBDzUBMoIFJjW5TH5LpcFgp0wFklWM1VWB9d3yxE1+KDrVsoYsV4s
W20yZusm9nj4fW26xgCVQofx8k0iqSuz0iMz+A+MBEvkgynygL0JZO/eeulg9ZT3
8NT/W0JoQaqcLLj6a6X4BPUV7PtenszjIcDaxJbC46ZrrHIR45qnl6Yp7Z9LODNo
Q/B6Xly3Zv0tqjFu3stXyNVPpESEnm10rVksx45b65fCoVq+CDKp
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:09 2025 by rpki-client