Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/spUsiWUlK-X75Lj6xpWlSLW6WwY.roa
File: spUsiWUlK-X75Lj6xpWlSLW6WwY.roa (raw, json)
Hash identifier: lt90B64HJxEMrRdRxUXlG8OH9nYjUxRs9ywJwtpFnDo=
Subject key identifier: B2:95:2C:89:65:25:2B:E5:FB:E4:B8:FA:C6:95:A5:48:B5:BA:5B:06
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E35323EAB4D1E2C5D1015CEDCF803
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/spUsiWUlK-X75Lj6xpWlSLW6WwY.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43698
IP address blocks: 78.159.0.0/19 maxlen: 19
82.151.0.0/19 maxlen: 19
95.168.0.0/19 maxlen: 19
2a00:8d80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:35:32:3e:ab:4d:1e:2c:5d:10:15:ce:dc:f8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2952c8965252be5fbe4b8fac695a548b5ba5b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:e1:6d:45:d6:1c:70:a6:31:71:c9:23:c9:
a4:3e:43:d3:47:57:09:10:a9:32:51:37:70:45:3e:
07:ff:4d:f5:80:13:e8:0b:a5:ea:67:02:c5:0e:aa:
11:74:cf:21:11:81:87:0e:f6:d2:d5:75:57:7c:e2:
3a:4b:4a:9a:d3:af:d0:c0:08:bf:8f:93:4a:1c:df:
99:7d:cf:d9:c8:d0:5d:2c:c4:d5:2d:e8:8d:b2:f8:
bb:ab:d2:ba:88:84:c6:4f:6b:7e:27:f2:56:9d:4e:
93:e1:f7:45:de:00:6e:fb:24:6b:2f:e0:56:cc:34:
b8:67:c5:c2:9e:ec:82:23:fd:c0:44:a4:1e:3a:26:
db:97:d7:36:94:ce:ae:f3:c1:4a:a2:4c:cb:de:3d:
a8:d3:6a:0d:09:dc:66:05:bb:48:fd:20:e0:61:05:
35:d6:97:8e:ac:2b:3b:15:c9:1b:bb:5a:cf:10:95:
cd:19:c5:da:87:53:98:54:5a:9f:14:14:6a:f6:f6:
33:09:bc:d7:94:05:07:30:af:0a:bc:a9:32:c5:a6:
75:a3:9e:a2:fc:4b:3b:e0:29:87:c5:5d:71:03:09:
e8:b6:4d:48:a4:68:9a:90:0f:f5:79:2a:88:ad:4c:
aa:68:b2:36:d7:ac:8e:9f:af:92:31:3b:71:82:48:
be:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:95:2C:89:65:25:2B:E5:FB:E4:B8:FA:C6:95:A5:48:B5:BA:5B:06
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/spUsiWUlK-X75Lj6xpWlSLW6WwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.0.0/19
82.151.0.0/19
95.168.0.0/19
IPv6:
2a00:8d80::/32
Signature Algorithm: sha256WithRSAEncryption
58:21:48:b1:6e:a3:08:32:9d:92:1d:10:21:ad:dd:bb:e7:59:
2b:7f:82:45:c9:c8:5a:ef:0b:22:eb:b8:aa:4b:81:64:87:29:
67:46:43:f0:dd:d3:5f:42:7a:d8:b1:c2:42:bd:89:a4:c4:47:
4b:0b:5c:a4:97:39:90:91:37:b2:f8:b6:15:f8:2c:29:15:ce:
94:c2:79:48:9d:6d:14:9b:42:4e:99:c7:3d:22:67:63:55:e4:
7d:82:d7:76:f0:22:26:81:39:26:2f:dd:13:00:93:50:e8:28:
84:ad:82:35:f4:50:2a:3e:34:e1:c2:8c:5b:1a:33:8c:2a:0e:
c2:ba:3c:d1:3e:66:ef:5e:e8:02:c3:e6:32:26:ba:ab:29:d9:
a7:42:99:7a:19:59:9a:f7:3b:0f:ca:dc:ab:89:69:de:50:7b:
60:4a:68:21:2d:9c:c1:4f:ce:0f:bb:25:15:26:bc:d0:18:6d:
33:da:79:d9:2d:bf:22:4a:c2:36:96:0d:f9:eb:1d:1c:54:45:
c5:48:cc:73:7d:c6:34:41:42:89:f4:38:d1:bd:4a:8b:3b:c2:
06:fd:bb:93:cf:fd:ef:3a:ef:eb:f4:d1:c1:97:a6:6c:08:da:
81:29:9b:8d:26:c3:dc:f7:72:3f:5d:12:f3:22:8a:c2:40:5d:
33:6f:22:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJTjUyPqtNHixdEBXO3PgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk1MmM4OTY1MjUyYmU1ZmJlNGI4ZmFjNjk1YTU0OGI1YmE1YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsPhbUXWHHCmMXHJI8mkPkPTR1cJ
EKkyUTdwRT4H/031gBPoC6XqZwLFDqoRdM8hEYGHDvbS1XVXfOI6S0qa06/QwAi/
j5NKHN+Zfc/ZyNBdLMTVLeiNsvi7q9K6iITGT2t+J/JWnU6T4fdF3gBu+yRrL+BW
zDS4Z8XCnuyCI/3ARKQeOibbl9c2lM6u88FKokzL3j2o02oNCdxmBbtI/SDgYQU1
1peOrCs7Fckbu1rPEJXNGcXah1OYVFqfFBRq9vYzCbzXlAUHMK8KvKkyxaZ1o56i
/Es74CmHxV1xAwnotk1IpGiakA/1eSqIrUyqaLI216yOn6+SMTtxgki+JQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLKVLIllJSvl++S4+saVpUi1ulsGMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvc3BVc2lXVWxLLVg3NUxqNnhwV2xTTFc2V3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFTp8AAwQF
UpcAAwQFX6gAMA0EAgACMAcDBQAqAI2AMA0GCSqGSIb3DQEBCwUAA4IBAQBYIUix
bqMIMp2SHRAhrd2751krf4JFycha7wsi67iqS4FkhylnRkPw3dNfQnrYscJCvYmk
xEdLC1yklzmQkTey+LYV+CwpFc6UwnlInW0Um0JOmcc9ImdjVeR9gtd28CImgTkm
L90TAJNQ6CiErYI19FAqPjThwoxbGjOMKg7CujzRPmbvXugCw+YyJrqrKdmnQpl6
GVma9zsPytyriWneUHtgSmghLZzBT84PuyUVJrzQGG0z2nnZLb8iSsI2lg356x0c
VEXFSMxzfcY0QUKJ9DjRvUqLO8IG/buTz/3vOu/r9NHBl6ZsCNqBKZuNJsPc93I/
XRLzIorCQF0zbyKj
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:05:14 2025 by rpki-client