Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/ouS3-Tp8R69SYmbjdxaE_8fo_Jw.roa
File: ouS3-Tp8R69SYmbjdxaE_8fo_Jw.roa (raw, json)
Hash identifier: Oq3oU58nJTPo3lr6xVjCSs8ejsfiIqFalkOdebyGfA4=
Subject key identifier: A2:E4:B7:F9:3A:7C:47:AF:52:62:66:E3:77:16:84:FF:C7:E8:FC:9C
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018CC3B741CC8E1B4D735C4187A9CE27BC6D
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/ouS3-Tp8R69SYmbjdxaE_8fo_Jw.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 193.53.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:41:cc:8e:1b:4d:73:5c:41:87:a9:ce:27:bc:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e4b7f93a7c47af526266e3771684ffc7e8fc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:81:8a:7f:bc:ba:39:35:fc:90:9c:a2:05:c6:
04:bd:6c:56:88:b1:59:a6:bb:ea:f1:17:68:37:39:
39:a7:60:c1:e4:53:11:da:2f:2d:51:cb:7d:29:a4:
8f:4f:14:2b:4f:b2:d2:08:31:d3:af:d6:f8:af:23:
94:fa:98:b6:e5:a1:11:9a:21:e1:e7:55:e0:ae:8d:
da:31:41:88:6a:b5:86:3e:35:de:9c:9d:3a:e6:ea:
d5:5a:9c:86:06:d7:ff:80:b9:fc:b9:67:c2:76:9f:
99:09:c7:99:8a:37:4a:9e:09:52:4f:ae:6c:77:01:
fb:2d:b9:da:ec:67:67:88:fb:78:4f:0b:70:00:d8:
78:ac:67:8a:f7:0a:86:59:93:e7:43:9d:13:24:cf:
6c:11:8c:d6:db:7e:ef:90:f8:b4:b8:e7:4c:dd:fd:
a1:52:2e:4a:68:67:ca:6b:b5:13:14:31:b7:09:6a:
a7:85:39:3e:e3:19:ad:81:bb:22:fe:64:30:dc:7f:
55:21:77:dc:c4:1d:2f:5f:f5:2f:1d:3d:d9:a9:04:
34:63:66:65:ef:ee:57:9e:db:a0:09:84:08:0d:a1:
6c:ce:93:73:4a:c4:b2:26:67:70:c0:37:92:41:9b:
17:df:39:2a:12:7e:63:79:8f:62:fd:17:0b:97:47:
b2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:B7:F9:3A:7C:47:AF:52:62:66:E3:77:16:84:FF:C7:E8:FC:9C
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/ouS3-Tp8R69SYmbjdxaE_8fo_Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f0:fd:b6:0b:78:53:57:9d:f0:ed:66:e5:11:7c:1d:f3:80:
ac:f8:50:70:74:c0:43:f1:97:d7:1e:b3:5c:9d:67:80:60:46:
d0:5a:71:f3:d2:3f:6b:cc:b0:a0:20:fc:16:7f:93:db:9f:b7:
c9:74:4f:56:1e:6d:0e:98:f0:ec:1f:a5:04:d2:54:0e:60:d2:
75:e0:b5:aa:c8:1c:ee:07:a9:44:64:08:5b:d6:70:9d:e2:a2:
81:2d:f3:38:61:75:06:4a:d7:a2:a7:c3:a5:00:bd:64:7b:72:
f1:21:48:83:cf:95:9c:92:a2:03:4d:c4:7b:60:6f:b9:bb:6c:
54:a3:2d:81:4e:9b:d1:d4:3a:5d:25:c9:e8:df:9b:cd:2b:2c:
8e:0d:66:f0:9d:bc:13:bb:9c:9d:1a:66:f0:57:9e:ec:a9:3b:
fc:d6:69:ba:9d:55:c1:de:02:cc:01:ae:44:76:e2:22:5b:ed:
4f:2c:0c:30:26:d0:5e:25:6e:20:7b:fb:76:14:b9:86:00:be:
b0:d2:be:0b:7c:84:4e:2b:c6:ea:8e:16:1a:4b:82:dd:39:eb:
e5:a3:bf:70:ec:32:d6:b5:ec:af:dc:57:43:f4:b9:12:0f:75:
dc:42:44:b3:9e:db:df:1f:e4:50:4e:21:5a:08:55:a0:aa:26:
a5:6a:0a:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0HMjhtNc1xBh6nOJ7xtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmU0YjdmOTNhN2M0N2FmNTI2MjY2ZTM3NzE2ODRmZmM3ZThmYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YGKf7y6OTX8kJyiBcYEvWxWiLFZ
prvq8RdoNzk5p2DB5FMR2i8tUct9KaSPTxQrT7LSCDHTr9b4ryOU+pi25aERmiHh
51Xgro3aMUGIarWGPjXenJ065urVWpyGBtf/gLn8uWfCdp+ZCceZijdKnglST65s
dwH7Lbna7GdniPt4TwtwANh4rGeK9wqGWZPnQ50TJM9sEYzW237vkPi0uOdM3f2h
Ui5KaGfKa7UTFDG3CWqnhTk+4xmtgbsi/mQw3H9VIXfcxB0vX/UvHT3ZqQQ0Y2Zl
7+5XntugCYQIDaFszpNzSsSyJmdwwDeSQZsX3zkqEn5jeY9i/RcLl0eyswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLkt/k6fEevUmJm43cWhP/H6PycMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvb3VTMy1UcDhSNjlTWW1iamR4YUVfOGZvX0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTUjMA0G
CSqGSIb3DQEBCwUAA4IBAQBG8P22C3hTV53w7WblEXwd84Cs+FBwdMBD8ZfXHrNc
nWeAYEbQWnHz0j9rzLCgIPwWf5Pbn7fJdE9WHm0OmPDsH6UE0lQOYNJ14LWqyBzu
B6lEZAhb1nCd4qKBLfM4YXUGSteip8OlAL1ke3LxIUiDz5WckqIDTcR7YG+5u2xU
oy2BTpvR1DpdJcno35vNKyyODWbwnbwTu5ydGmbwV57sqTv81mm6nVXB3gLMAa5E
duIiW+1PLAwwJtBeJW4ge/t2FLmGAL6w0r4LfIROK8bqjhYaS4LdOevlo79w7DLW
teyv3FdD9LkSD3XcQkSzntvfH+RQTiFaCFWgqialagof
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:52 2025 by rpki-client