Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/U6nb6DpUzJV_xi4UhiA5O3aKdZE.roa
File: U6nb6DpUzJV_xi4UhiA5O3aKdZE.roa (raw, json)
Hash identifier: at4iy2FPtAChzVS5IZxWuVWW9v3c10T2DEm7KMEtSwY=
Subject key identifier: 53:A9:DB:E8:3A:54:CC:95:7F:C6:2E:14:86:20:39:3B:76:8A:75:91
Certificate issuer: /CN=9bda3414137129fa38a6c61c496ab8b61409ce02
Certificate serial: 01942444933C5499A23506EC59800FB6C2F7
Authority key identifier: 9B:DA:34:14:13:71:29:FA:38:A6:C6:1C:49:6A:B8:B6:14:09:CE:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9o0FBNxKfo4psYcSWq4thQJzgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/U6nb6DpUzJV_xi4UhiA5O3aKdZE.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34108
IP address blocks: 95.128.88.0/21 maxlen: 24
178.250.144.0/21 maxlen: 24
2a02:928::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:93:3c:54:99:a2:35:06:ec:59:80:0f:b6:c2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bda3414137129fa38a6c61c496ab8b61409ce02
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a9dbe83a54cc957fc62e148620393b768a7591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c8:ec:d0:b1:f6:e2:79:e5:c2:06:78:13:bc:
cc:5e:95:23:14:2f:fd:b0:eb:3a:a7:d5:e2:7d:b8:
55:6c:b8:d2:44:c7:bc:4c:b7:6a:f1:65:c4:8f:cb:
5d:76:14:11:6c:37:f4:1b:51:7c:78:06:58:5c:34:
81:20:5d:c6:53:85:a9:26:5c:da:26:7b:d0:61:9b:
f1:31:68:14:97:fd:5e:ea:74:5e:a8:ad:34:b8:06:
ad:11:28:67:c1:0d:13:1a:8f:c6:9e:78:67:31:d7:
71:97:fe:17:35:70:7f:6b:63:88:f3:c1:66:3c:a7:
00:da:ef:4c:d5:eb:95:46:bf:24:05:fd:c0:73:1c:
00:68:9c:cf:4e:f7:ea:1d:79:c3:57:06:e4:44:1c:
52:1b:e2:e3:94:a5:7d:d6:58:5a:8e:cc:34:13:ba:
02:72:8a:d0:4f:5c:1f:b6:1b:56:63:5a:43:19:04:
8d:8a:ff:39:3f:2d:e6:b3:d9:a2:b9:24:01:3d:33:
c0:9b:1e:f4:a2:38:11:20:1e:5c:26:8c:97:60:a0:
23:50:cb:6b:25:40:3c:79:1c:32:f6:4f:1c:5f:ba:
a8:0a:3c:17:4f:f3:0c:7a:9c:67:c5:4d:fe:a5:cb:
b7:90:35:dd:39:63:83:b7:6e:c9:cf:b5:5b:5e:ae:
a6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A9:DB:E8:3A:54:CC:95:7F:C6:2E:14:86:20:39:3B:76:8A:75:91
X509v3 Authority Key Identifier:
keyid:9B:DA:34:14:13:71:29:FA:38:A6:C6:1C:49:6A:B8:B6:14:09:CE:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9o0FBNxKfo4psYcSWq4thQJzgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/U6nb6DpUzJV_xi4UhiA5O3aKdZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2995cd-465f-4b40-a455-16d3cd352f2e/1/m9o0FBNxKfo4psYcSWq4thQJzgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.88.0/21
178.250.144.0/21
IPv6:
2a02:928::/32
Signature Algorithm: sha256WithRSAEncryption
ad:a0:2e:af:c3:72:10:a9:c9:ae:ee:0c:80:22:12:81:06:7e:
ee:b1:44:68:8d:6c:a2:82:a0:60:ec:d6:de:4d:83:28:e7:ed:
70:71:7f:5f:c3:4f:dd:27:8c:51:0c:79:30:50:1e:b4:77:67:
f3:f2:a6:31:d0:f8:30:6c:c5:ce:5e:fe:4b:61:0b:0f:31:5b:
20:f5:5c:25:23:a4:67:33:6d:38:31:9d:51:67:50:73:8f:88:
b7:a4:79:d4:10:2a:30:6e:0d:af:10:c5:93:be:a5:59:e9:ea:
f7:4f:72:1f:ae:e8:a2:8a:54:53:39:19:9a:04:fa:05:4d:81:
3b:d7:24:01:23:a5:36:d7:7d:fb:19:fa:25:e9:12:f2:09:4c:
1e:ee:8c:15:ab:53:e7:1a:86:72:5c:c2:a2:be:5f:71:5e:3f:
00:d0:3f:7e:32:21:2e:eb:de:cc:3e:d1:0b:a3:b3:bc:47:60:
8a:80:3c:6c:2a:3c:49:a8:c0:68:d8:ba:bf:1b:b1:ac:64:fb:
57:e1:11:17:fb:4a:06:36:e0:ff:2a:21:e3:db:ae:50:b1:c4:
f6:0f:84:e3:1a:06:f6:57:de:ad:7c:05:55:a4:0c:fc:a8:3f:
37:82:f9:f6:60:98:81:93:09:37:c0:42:c1:74:1b:49:54:e3:
75:7e:84:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRJM8VJmiNQbsWYAPtsL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZGEzNDE0MTM3MTI5ZmEzOGE2YzYxYzQ5NmFiOGI2MTQw
OWNlMDIwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E5ZGJlODNhNTRjYzk1N2ZjNjJlMTQ4NjIwMzkzYjc2OGE3NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8js0LH24nnlwgZ4E7zMXpUjFC/9
sOs6p9XifbhVbLjSRMe8TLdq8WXEj8tddhQRbDf0G1F8eAZYXDSBIF3GU4WpJlza
JnvQYZvxMWgUl/1e6nReqK00uAatEShnwQ0TGo/GnnhnMddxl/4XNXB/a2OI88Fm
PKcA2u9M1euVRr8kBf3AcxwAaJzPTvfqHXnDVwbkRBxSG+LjlKV91lhajsw0E7oC
corQT1wfthtWY1pDGQSNiv85Py3ms9miuSQBPTPAmx70ojgRIB5cJoyXYKAjUMtr
JUA8eRwy9k8cX7qoCjwXT/MMepxnxU3+pcu3kDXdOWODt27Jz7VbXq6mAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFOp2+g6VMyVf8YuFIYgOTt2inWRMB8GA1UdIwQY
MBaAFJvaNBQTcSn6OKbGHElquLYUCc4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTlvMEZCTnhLZm80cHNZY1NXcTR0aFFKemdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yOTk1Y2QtNDY1Zi00YjQwLWE0NTUt
MTZkM2NkMzUyZjJlLzEvVTZuYjZEcFV6SlZfeGk0VWhpQTVPM2FLZFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yOTk1Y2QtNDY1Zi00YjQwLWE0NTUtMTZkM2NkMzUyZjJl
LzEvbTlvMEZCTnhLZm80cHNZY1NXcTR0aFFKemdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4BYAwQD
svqQMA0EAgACMAcDBQAqAgkoMA0GCSqGSIb3DQEBCwUAA4IBAQCtoC6vw3IQqcmu
7gyAIhKBBn7usURojWyigqBg7NbeTYMo5+1wcX9fw0/dJ4xRDHkwUB60d2fz8qYx
0PgwbMXOXv5LYQsPMVsg9VwlI6RnM204MZ1RZ1Bzj4i3pHnUECowbg2vEMWTvqVZ
6er3T3IfruiiilRTORmaBPoFTYE71yQBI6U21337Gfol6RLyCUwe7owVq1PnGoZy
XMKivl9xXj8A0D9+MiEu697MPtELo7O8R2CKgDxsKjxJqMBo2Lq/G7GsZPtX4REX
+0oGNuD/KiHj265QscT2D4TjGgb2V96tfAVVpAz8qD83gvn2YJiBkwk3wELBdBtJ
VON1foTp
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:44 2025 by rpki-client