Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/R43PaYUKZCLqgzcK-39C4LhJkYw.roa
File: R43PaYUKZCLqgzcK-39C4LhJkYw.roa (raw, json)
Hash identifier: RU4oVL2aN6ItjsLLYNF/Tqi8VXdquafeG/KUtVtAMgo=
Subject key identifier: 47:8D:CF:69:85:0A:64:22:EA:83:37:0A:FB:7F:42:E0:B8:49:91:8C
Certificate issuer: /CN=5ed99d49c4b0e46b2786842731e153485c8ac48b
Certificate serial: 01941F8C2657311BAF2566A89F87C5F1A1FC
Authority key identifier: 5E:D9:9D:49:C4:B0:E4:6B:27:86:84:27:31:E1:53:48:5C:8A:C4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XtmdScSw5GsnhoQnMeFTSFyKxIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/R43PaYUKZCLqgzcK-39C4LhJkYw.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1836
IP address blocks: 194.150.160.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:26:57:31:1b:af:25:66:a8:9f:87:c5:f1:a1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ed99d49c4b0e46b2786842731e153485c8ac48b
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=478dcf69850a6422ea83370afb7f42e0b849918c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4b:df:13:15:47:ec:2e:35:19:e1:b1:cf:4a:
bc:98:dc:3b:1d:5d:4a:9f:a4:4b:c9:7a:e0:a4:fa:
6d:fc:d1:cd:6d:bf:2c:2a:5d:eb:c4:f1:00:af:a5:
bf:8a:e6:43:05:e9:84:03:d1:54:bc:7f:0b:35:c4:
71:20:02:17:67:bc:2c:1a:1b:5a:d7:09:cc:61:e5:
81:de:bf:30:cd:7b:a7:58:d7:3f:27:14:0d:67:7c:
ef:23:13:cf:0e:c0:50:51:6d:39:43:dc:dd:56:87:
3b:cd:cb:3d:2a:67:09:e7:5d:04:13:4b:e7:49:9d:
44:43:c5:de:df:fd:45:a6:cc:f2:56:d7:bf:be:09:
03:ea:a7:1a:ad:83:55:d7:96:7c:dd:8a:80:a6:ab:
73:41:1e:1f:1c:8a:d8:26:01:33:0c:1e:b9:f7:35:
df:ed:a6:fc:a6:08:63:ae:0d:c5:30:81:46:6c:fb:
70:e1:aa:ba:31:1a:ca:6b:e0:bd:ca:0c:92:c0:44:
b8:69:ad:0c:88:ba:64:f6:bc:87:53:5f:10:71:6a:
69:26:c5:80:46:51:f3:80:e3:ea:30:b2:18:8f:42:
48:1e:d4:e5:c1:ff:64:9c:c5:d0:cb:04:f8:02:89:
0f:bc:dd:b8:08:f7:68:cd:c0:79:82:c7:4a:37:7d:
15:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:8D:CF:69:85:0A:64:22:EA:83:37:0A:FB:7F:42:E0:B8:49:91:8C
X509v3 Authority Key Identifier:
keyid:5E:D9:9D:49:C4:B0:E4:6B:27:86:84:27:31:E1:53:48:5C:8A:C4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtmdScSw5GsnhoQnMeFTSFyKxIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/R43PaYUKZCLqgzcK-39C4LhJkYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b893e-7b0c-41aa-a951-90c3afc7c947/1/XtmdScSw5GsnhoQnMeFTSFyKxIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.160.0/23
Signature Algorithm: sha256WithRSAEncryption
14:35:8b:b9:ad:b1:95:20:2e:b7:27:b0:57:ce:bd:0a:bb:61:
1d:b0:24:43:06:12:e8:57:40:e1:c3:2d:c7:b7:af:e7:f6:80:
40:d2:38:d5:95:3c:69:d8:c7:af:74:f4:1f:9f:e0:ff:e4:57:
b3:57:b9:6b:27:7f:4b:8f:30:c3:aa:11:fa:1a:1c:b9:8d:31:
88:77:65:44:e0:2d:80:ec:08:6f:3a:3e:8e:2f:21:61:14:c4:
17:74:c0:50:7e:9c:2f:6c:7e:77:84:63:2e:3e:99:cc:40:9a:
7d:9d:c3:c7:72:fb:30:04:ee:9a:d1:a7:a9:be:e0:bc:84:f9:
85:59:0e:98:81:6c:38:8b:3c:6c:de:fd:e1:88:b2:bc:b3:db:
c1:a9:b8:2c:56:c9:98:26:54:56:02:c5:01:ae:b0:42:9b:0a:
44:66:e0:b7:5f:34:3a:e8:3e:69:d6:de:1c:1b:3d:33:ae:78:
8d:69:0a:08:f7:0e:b9:36:e2:9c:03:f4:e5:63:2c:b6:c5:1f:
2e:1b:25:27:e8:b9:28:e9:a5:1d:04:0f:78:7c:74:11:a0:7c:
03:9e:6d:67:75:f2:98:4e:be:70:96:d3:db:d2:d5:51:07:9e:
98:37:7d:c4:7e:fb:cc:45:2d:71:cf:ae:1a:86:57:12:e3:f1:
84:02:df:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCZXMRuvJWaon4fF8aH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDk5ZDQ5YzRiMGU0NmIyNzg2ODQyNzMxZTE1MzQ4NWM4
YWM0OGIwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzhkY2Y2OTg1MGE2NDIyZWE4MzM3MGFmYjdmNDJlMGI4NDk5MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EvfExVH7C41GeGxz0q8mNw7HV1K
n6RLyXrgpPpt/NHNbb8sKl3rxPEAr6W/iuZDBemEA9FUvH8LNcRxIAIXZ7wsGhta
1wnMYeWB3r8wzXunWNc/JxQNZ3zvIxPPDsBQUW05Q9zdVoc7zcs9KmcJ510EE0vn
SZ1EQ8Xe3/1FpszyVte/vgkD6qcarYNV15Z83YqApqtzQR4fHIrYJgEzDB659zXf
7ab8pghjrg3FMIFGbPtw4aq6MRrKa+C9ygySwES4aa0MiLpk9ryHU18QcWppJsWA
RlHzgOPqMLIYj0JIHtTlwf9knMXQywT4AokPvN24CPdozcB5gsdKN30VVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeNz2mFCmQi6oM3Cvt/QuC4SZGMMB8GA1UdIwQY
MBaAFF7ZnUnEsORrJ4aEJzHhU0hcisSLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRtZFNjU3c1R3NuaG9Rbk1lRlRTRnlLeElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85Yjg5M2UtN2IwYy00MWFhLWE5NTEt
OTBjM2FmYzdjOTQ3LzEvUjQzUGFZVUtaQ0xxZ3pjSy0zOUM0TGhKa1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85Yjg5M2UtN2IwYy00MWFhLWE5NTEtOTBjM2FmYzdjOTQ3
LzEvWHRtZFNjU3c1R3NuaG9Rbk1lRlRTRnlLeElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpagMA0G
CSqGSIb3DQEBCwUAA4IBAQAUNYu5rbGVIC63J7BXzr0Ku2EdsCRDBhLoV0Dhwy3H
t6/n9oBA0jjVlTxp2MevdPQfn+D/5FezV7lrJ39LjzDDqhH6Ghy5jTGId2VE4C2A
7AhvOj6OLyFhFMQXdMBQfpwvbH53hGMuPpnMQJp9ncPHcvswBO6a0aepvuC8hPmF
WQ6YgWw4izxs3v3hiLK8s9vBqbgsVsmYJlRWAsUBrrBCmwpEZuC3XzQ66D5p1t4c
Gz0zrniNaQoI9w65NuKcA/TlYyy2xR8uGyUn6Lko6aUdBA94fHQRoHwDnm1ndfKY
Tr5wltPb0tVRB56YN33EfvvMRS1xz64ahlcS4/GEAt9h
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:03 2025 by rpki-client