Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Up1r-HrHJpOp6OxN_dfCbpGqrIg.roa
File: Up1r-HrHJpOp6OxN_dfCbpGqrIg.roa (raw, json)
Hash identifier: udYEx3lnpQ2UqA+p2Y+IESTr/U22GUxNkI9a7/S5sXw=
Subject key identifier: 52:9D:6B:F8:7A:C7:26:93:A9:E8:EC:4D:FD:D7:C2:6E:91:AA:AC:88
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD531017C4B7791E69E762BCFA2768A
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Up1r-HrHJpOp6OxN_dfCbpGqrIg.roa
Signing time: Mon 02 Jan 2023 00:15:20 +0000
ROA not before: Mon 02 Jan 2023 00:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56417
IP address blocks: 128.0.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:31:01:7c:4b:77:91:e6:9e:76:2b:cf:a2:76:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=529d6bf87ac72693a9e8ec4dfdd7c26e91aaac88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:13:26:1b:50:40:ff:b5:bd:c2:ad:bc:11:ba:
95:7a:b1:37:d9:f1:5e:62:9f:0e:43:ec:a0:9c:a4:
ab:3d:22:91:67:b2:b7:fb:0d:03:79:80:4d:79:b3:
da:d4:ee:b8:71:4b:a5:97:0a:c2:ae:81:c9:b0:63:
d8:18:4c:8e:8a:4d:b7:61:66:df:0f:6c:d4:c8:09:
6c:fe:cf:de:f6:ad:cf:9b:d7:c6:4e:f4:06:ca:9f:
da:4d:64:88:52:e6:0a:fc:1c:3c:79:21:6a:b2:e7:
9b:ac:d5:6c:b9:19:e2:29:c0:4c:cb:43:ee:2d:83:
fc:5c:97:df:e1:b1:3f:e0:ac:b5:49:5c:21:a6:a8:
ee:c6:53:ba:ac:17:d4:f9:ef:d4:64:97:9f:3d:d7:
93:4f:7f:57:f3:dd:38:a4:7d:69:94:9c:f1:86:70:
9d:35:f6:61:99:32:0d:8e:86:39:c0:99:0d:8a:78:
e6:d1:a4:4b:2d:27:ef:f7:03:ad:c4:2b:a7:13:c0:
24:e8:6b:21:4f:a1:cf:5b:75:6f:fc:02:52:f3:c0:
4c:6f:91:8f:55:0b:25:9f:cc:0f:2f:84:6e:56:b5:
39:1a:31:cf:42:8f:71:77:16:9e:46:f6:30:69:ac:
ff:e4:7d:68:47:9c:6e:15:ef:3c:39:92:f1:24:02:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9D:6B:F8:7A:C7:26:93:A9:E8:EC:4D:FD:D7:C2:6E:91:AA:AC:88
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Up1r-HrHJpOp6OxN_dfCbpGqrIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.2.0/24
Signature Algorithm: sha256WithRSAEncryption
eb:6f:52:ef:a0:f5:36:21:09:4e:04:a1:6f:da:39:39:9b:74:
b0:70:46:87:46:ec:f7:3a:35:72:0f:2b:ee:88:76:14:75:fc:
82:fa:91:8f:7b:3a:ba:0f:a4:df:2a:29:a4:70:b4:b3:f9:ad:
01:dc:50:09:55:6d:d2:7b:f3:f0:4b:a5:b3:56:d9:a3:67:19:
bf:ed:fe:7c:4a:da:f7:01:31:4c:64:2c:45:9d:42:25:a3:8d:
84:4d:3e:f5:4c:07:74:13:f5:56:59:a9:41:b8:95:94:58:15:
95:e8:e3:60:7d:83:08:cd:5f:17:c8:6d:72:d2:6e:d2:a8:b9:
0b:73:ac:e1:39:3d:37:d5:70:07:35:38:7c:3b:c5:a0:f8:12:
a7:ef:5c:31:f3:fc:29:1b:dd:34:49:dd:aa:ed:b5:1a:cb:3d:
e5:40:d1:3c:f6:6a:69:97:7f:ac:69:55:92:7a:da:62:0f:2f:
c0:51:9f:a2:8e:d0:d3:f7:fc:3b:9f:a3:88:44:a8:25:df:ae:
42:88:c2:7f:1c:fa:79:77:95:ff:fc:78:11:6f:4b:01:1b:f4:
51:b6:c1:07:52:20:ab:0d:14:18:84:6b:fb:87:db:7e:1c:16:
4d:bb:9d:9a:7b:4b:43:08:5c:25:c8:1a:ac:84:ae:0c:e3:a9:
77:90:85:1d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1TEBfEt3keaedivPonaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlkNmJmODdhYzcyNjkzYTllOGVjNGRmZGQ3YzI2ZTkxYWFhYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxMmG1BA/7W9wq28EbqVerE32fFe
Yp8OQ+ygnKSrPSKRZ7K3+w0DeYBNebPa1O64cUullwrCroHJsGPYGEyOik23YWbf
D2zUyAls/s/e9q3Pm9fGTvQGyp/aTWSIUuYK/Bw8eSFqsuebrNVsuRniKcBMy0Pu
LYP8XJff4bE/4Ky1SVwhpqjuxlO6rBfU+e/UZJefPdeTT39X8904pH1plJzxhnCd
NfZhmTINjoY5wJkNinjm0aRLLSfv9wOtxCunE8Ak6GshT6HPW3Vv/AJS88BMb5GP
VQsln8wPL4RuVrU5GjHPQo9xdxaeRvYwaaz/5H1oR5xuFe88OZLxJALZ+wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFKda/h6xyaTqejsTf3Xwm6RqqyIMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1VwMXItSHJISnBPcDZPeE5fZGZDYnBHcXJJZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACAAAIw
DQYJKoZIhvcNAQELBQADggEBAOtvUu+g9TYhCU4EoW/aOTmbdLBwRodG7Pc6NXIP
K+6IdhR1/IL6kY97OroPpN8qKaRwtLP5rQHcUAlVbdJ78/BLpbNW2aNnGb/t/nxK
2vcBMUxkLEWdQiWjjYRNPvVMB3QT9VZZqUG4lZRYFZXo42B9gwjNXxfIbXLSbtKo
uQtzrOE5PTfVcAc1OHw7xaD4EqfvXDHz/Ckb3TRJ3arttRrLPeVA0Tz2ammXf6xp
VZJ62mIPL8BRn6KO0NP3/Dufo4hEqCXfrkKIwn8c+nl3lf/8eBFvSwEb9FG2wQdS
IKsNFBiEa/uH234cFk27nZp7S0MIXCXIGqyErgzjqXeQhR0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:36 2025 by rpki-client