Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/U3ZZ0MP6-WvC7DCbTK7IROY_N18.roa
File: U3ZZ0MP6-WvC7DCbTK7IROY_N18.roa (raw, json)
Hash identifier: /zW6qkrMBvzd3apM3F2o24ZiFtjP8bAURrhlU84Fgj4=
Subject key identifier: 53:76:59:D0:C3:FA:F9:6B:C2:EC:30:9B:4C:AE:C8:44:E6:3F:37:5F
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 019427B63773C6DCDCBBB2DB6D54CE1472E0
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/U3ZZ0MP6-WvC7DCbTK7IROY_N18.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 194.32.144.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:37:73:c6:dc:dc:bb:b2:db:6d:54:ce:14:72:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=537659d0c3faf96bc2ec309b4caec844e63f375f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:03:66:f6:b0:b5:86:96:a4:81:85:e5:7f:73:
5e:a7:13:90:d3:ee:dc:68:a1:9c:02:2a:4b:9b:20:
7c:a9:bf:95:1b:c6:79:e0:48:88:fa:dd:47:40:78:
0e:65:51:7c:de:55:73:48:00:a5:af:2d:8d:7d:15:
70:4c:d0:30:23:46:f8:ab:33:f8:b2:1d:df:9e:76:
fa:b7:89:08:96:41:6f:d2:62:b8:46:79:e8:ee:95:
0e:38:53:b2:72:1a:dd:eb:06:28:93:75:56:e6:16:
a2:35:1c:f2:0a:08:50:48:96:39:56:25:25:32:e6:
46:40:5c:d6:b3:94:eb:f8:96:31:62:89:9d:2a:20:
21:0d:25:62:e8:b7:ce:79:79:a6:a5:7e:55:d9:09:
d3:44:2b:94:45:16:82:83:8c:05:5c:36:6d:71:60:
c9:d2:a6:98:94:3e:9c:a4:26:d8:a5:9f:f6:b3:1b:
30:33:35:d2:c8:8c:0d:5a:94:d3:00:24:60:7e:0f:
29:cb:10:a4:1d:eb:b2:7a:a0:1e:e4:a9:93:d5:7a:
9a:78:4e:e2:55:00:53:97:55:99:bc:5c:3d:4c:5f:
e5:66:3d:ae:7e:77:bc:68:67:be:79:33:38:e3:f5:
f0:7a:ea:e9:18:44:c1:44:17:ee:a0:28:bf:7b:d0:
7d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:76:59:D0:C3:FA:F9:6B:C2:EC:30:9B:4C:AE:C8:44:E6:3F:37:5F
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/U3ZZ0MP6-WvC7DCbTK7IROY_N18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
75:ea:43:b9:96:e2:30:4a:26:2f:49:8f:43:ad:51:1d:a9:e4:
ab:74:7e:aa:58:d1:74:78:03:64:14:16:55:87:2f:23:8f:21:
86:1c:ae:df:d3:6f:0b:e3:fd:4e:8f:2c:c6:10:a8:d1:c4:ef:
3f:48:62:81:73:37:a1:b3:16:5d:0f:28:e7:2c:a2:dd:f8:90:
79:bd:7f:87:cd:7c:30:29:03:0f:c5:fa:af:7a:77:0d:d9:7c:
67:c8:1c:93:d8:9b:c3:9a:f2:bf:5a:e5:50:db:3c:8d:1e:ab:
5d:82:a3:c6:28:c4:7a:03:5e:ac:30:04:b9:da:43:48:4d:0d:
cc:e2:fb:b0:29:04:2a:3a:62:8a:e8:d8:de:6b:24:46:41:7a:
78:60:f8:9f:8b:20:62:9d:6d:62:e9:fc:a4:c0:c4:c6:d7:ee:
4c:23:6d:a1:3b:53:3c:c8:01:b4:99:06:87:96:ac:99:d4:0e:
b0:63:d7:b2:6a:5d:bd:7f:14:5e:c4:f7:85:45:24:22:92:40:
eb:e0:6b:2f:24:59:00:2b:74:1a:98:eb:23:ec:18:16:5f:0e:
21:ea:29:08:b8:d9:e4:a2:0f:4c:36:fc:5c:64:f2:40:ed:cf:
ef:d0:bd:64:7c:8b:5e:50:f4:98:09:8f:67:04:d9:7a:0d:ce:
2d:7f:0c:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntjdzxtzcu7LbbVTOFHLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc2NTlkMGMzZmFmOTZiYzJlYzMwOWI0Y2FlYzg0NGU2M2YzNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQNm9rC1hpakgYXlf3NepxOQ0+7c
aKGcAipLmyB8qb+VG8Z54EiI+t1HQHgOZVF83lVzSAClry2NfRVwTNAwI0b4qzP4
sh3fnnb6t4kIlkFv0mK4Rnno7pUOOFOychrd6wYok3VW5haiNRzyCghQSJY5ViUl
MuZGQFzWs5Tr+JYxYomdKiAhDSVi6LfOeXmmpX5V2QnTRCuURRaCg4wFXDZtcWDJ
0qaYlD6cpCbYpZ/2sxswMzXSyIwNWpTTACRgfg8pyxCkHeuyeqAe5KmT1XqaeE7i
VQBTl1WZvFw9TF/lZj2ufne8aGe+eTM44/XweurpGETBRBfuoCi/e9B91wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN2WdDD+vlrwuwwm0yuyETmPzdfMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvVTNaWjBNUDYtV3ZDN0RDYlRLN0lST1lfTjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQB16kO5luIwSiYvSY9DrVEdqeSrdH6qWNF0eANkFBZV
hy8jjyGGHK7f028L4/1OjyzGEKjRxO8/SGKBczehsxZdDyjnLKLd+JB5vX+HzXww
KQMPxfqvencN2XxnyByT2JvDmvK/WuVQ2zyNHqtdgqPGKMR6A16sMAS52kNITQ3M
4vuwKQQqOmKK6NjeayRGQXp4YPifiyBinW1i6fykwMTG1+5MI22hO1M8yAG0mQaH
lqyZ1A6wY9eyal29fxRexPeFRSQikkDr4GsvJFkAK3QamOsj7BgWXw4h6ikIuNnk
og9MNvxcZPJA7c/v0L1kfIteUPSYCY9nBNl6Dc4tfwxw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:34 2025 by rpki-client