Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/sURfUMkw8FDTmRE8J898y06UUp0.roa
File: sURfUMkw8FDTmRE8J898y06UUp0.roa (raw, json)
Hash identifier: EY37OvDyezKBeH0HWH0nWkPMHlQGu8l5ODW/Wu24fd0=
Subject key identifier: B1:44:5F:50:C9:30:F0:50:D3:99:11:3C:27:CF:7C:CB:4E:94:52:9D
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 018CC348BA4584841350F841B61914C1EE6F
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/sURfUMkw8FDTmRE8J898y06UUp0.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 195.244.28.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ba:45:84:84:13:50:f8:41:b6:19:14:c1:ee:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1445f50c930f050d399113c27cf7ccb4e94529d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:60:44:ea:9d:af:77:55:49:dc:94:ef:15:
db:98:f6:85:c0:bf:68:3c:89:f7:34:78:85:95:17:
13:9d:0f:e6:8a:ef:3e:1f:f0:f5:e8:44:04:0c:39:
f4:6d:f3:f5:af:79:17:25:8f:b4:46:33:25:4d:c6:
5d:e8:01:34:c6:c1:6e:f7:bd:fc:d5:8e:b8:ff:b2:
e0:b0:d4:0a:57:38:02:d5:37:59:66:da:2c:b2:72:
01:0a:24:c1:98:8d:43:3a:54:9e:5e:ee:bf:94:30:
93:b3:95:c8:85:1d:94:45:f8:24:52:f3:a2:8c:28:
b8:14:a1:3a:6c:01:be:5e:9c:85:eb:7a:bc:39:d4:
35:8a:65:5c:97:be:f3:c3:f2:38:e1:b4:9b:e4:39:
ab:38:af:f5:95:34:bc:6d:94:b9:26:d0:b3:c7:ae:
5f:f9:5e:67:72:09:bc:25:73:d1:fe:cf:f8:c8:75:
00:74:13:7e:86:f3:ce:b4:2b:06:6f:e8:05:48:46:
88:8b:87:3f:77:b3:67:8c:f8:cb:d3:1e:2e:32:13:
94:08:08:ba:b9:22:25:6e:00:98:d0:38:f6:e2:e6:
31:6a:58:40:69:fb:dc:9b:04:d9:57:e0:b1:49:51:
99:82:2f:d5:b8:23:19:a5:e4:33:49:53:cb:47:81:
2a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:44:5F:50:C9:30:F0:50:D3:99:11:3C:27:CF:7C:CB:4E:94:52:9D
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/sURfUMkw8FDTmRE8J898y06UUp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.28.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:51:69:89:28:1a:77:9a:24:8e:62:c0:96:67:89:66:88:4c:
91:a7:23:6a:b5:f4:05:65:1d:71:19:7b:ce:88:ba:fc:91:5a:
8d:78:07:d9:d1:6e:3a:52:25:49:28:55:e5:82:83:f1:68:30:
8e:78:06:44:8c:bc:a1:11:c1:e8:0f:18:78:f5:08:63:7f:f7:
c3:46:a7:da:67:79:e6:16:50:3d:f9:ec:2d:15:3e:ed:ad:65:
2a:9d:5e:25:30:a7:98:86:57:e7:e2:80:aa:02:f7:a4:e0:a2:
df:a8:ed:6e:c0:70:db:49:0c:45:b7:d0:cf:97:a0:f6:89:a5:
b5:71:ce:12:eb:42:fa:f0:40:0c:02:54:f7:a7:5b:3e:33:02:
df:69:d5:8f:d8:1c:71:23:52:0b:dc:fb:27:ef:74:ca:19:e1:
d4:f5:60:e3:c1:8c:1e:60:cd:73:6e:ed:95:24:54:bc:57:17:
19:7c:64:c0:b1:31:46:7b:d5:3b:d0:79:5a:21:e1:8d:e8:da:
54:93:a9:a6:88:98:73:49:86:e9:b0:37:5c:f2:03:b0:2a:5d:
67:92:02:f1:07:d7:b6:37:53:c1:8c:74:9b:af:0a:ed:99:c6:
60:82:2a:db:76:ed:62:13:e7:b5:15:84:0e:7f:80:eb:de:b9:
12:1b:53:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLpFhIQTUPhBthkUwe5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ0NWY1MGM5MzBmMDUwZDM5OTExM2MyN2NmN2NjYjRlOTQ1MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcVgROqdr3dVSdyU7xXbmPaFwL9o
PIn3NHiFlRcTnQ/miu8+H/D16EQEDDn0bfP1r3kXJY+0RjMlTcZd6AE0xsFu9738
1Y64/7LgsNQKVzgC1TdZZtossnIBCiTBmI1DOlSeXu6/lDCTs5XIhR2URfgkUvOi
jCi4FKE6bAG+XpyF63q8OdQ1imVcl77zw/I44bSb5DmrOK/1lTS8bZS5JtCzx65f
+V5ncgm8JXPR/s/4yHUAdBN+hvPOtCsGb+gFSEaIi4c/d7NnjPjL0x4uMhOUCAi6
uSIlbgCY0Dj24uYxalhAafvcmwTZV+CxSVGZgi/VuCMZpeQzSVPLR4EqxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFEX1DJMPBQ05kRPCfPfMtOlFKdMB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvc1VSZlVNa3c4RkRUbVJFOEo4OTh5MDZVVXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/QcMA0G
CSqGSIb3DQEBCwUAA4IBAQBcUWmJKBp3miSOYsCWZ4lmiEyRpyNqtfQFZR1xGXvO
iLr8kVqNeAfZ0W46UiVJKFXlgoPxaDCOeAZEjLyhEcHoDxh49Qhjf/fDRqfaZ3nm
FlA9+ewtFT7trWUqnV4lMKeYhlfn4oCqAvek4KLfqO1uwHDbSQxFt9DPl6D2iaW1
cc4S60L68EAMAlT3p1s+MwLfadWP2BxxI1IL3Psn73TKGeHU9WDjwYweYM1zbu2V
JFS8VxcZfGTAsTFGe9U70HlaIeGN6NpUk6mmiJhzSYbpsDdc8gOwKl1nkgLxB9e2
N1PBjHSbrwrtmcZggirbdu1iE+e1FYQOf4Dr3rkSG1Nu
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:37:56 2025 by rpki-client