Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ufd9I1sTMu_-cmgS_4wyO_C2LOU.roa
File: ufd9I1sTMu_-cmgS_4wyO_C2LOU.roa (raw, json)
Hash identifier: t8YD8zi5UguFlovOm8R2XRjIBtMUKaWMQ8CNRGn6mYU=
Subject key identifier: B9:F7:7D:23:5B:13:32:EF:FE:72:68:12:FF:8C:32:3B:F0:B6:2C:E5
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 019420D6672CFDBC3410D48855FAB0147CDA
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ufd9I1sTMu_-cmgS_4wyO_C2LOU.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 195.244.28.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:67:2c:fd:bc:34:10:d4:88:55:fa:b0:14:7c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9f77d235b1332effe726812ff8c323bf0b62ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d9:3b:0e:ac:c1:2b:0b:0b:89:1e:0a:95:43:
3f:60:b6:27:15:4d:1c:b9:0e:7f:da:75:b6:ae:1d:
17:46:8b:a0:3e:6b:a6:16:4a:69:76:52:96:cb:eb:
e1:a2:8c:b2:fe:42:8b:6f:43:a4:fd:8d:5d:3a:b0:
08:36:21:14:2d:8f:b9:15:2b:15:31:c6:93:4a:1f:
1f:7e:db:00:5e:89:37:2a:1b:fc:c1:c2:60:a2:46:
e3:bc:45:b9:25:06:c4:c2:a8:86:36:81:81:02:98:
8a:27:4e:81:65:00:96:9a:7a:8b:c5:4f:d7:62:6c:
60:fd:5b:6a:7a:0f:ed:9d:61:58:42:d1:5d:54:51:
c2:66:2f:ad:bf:96:8a:5f:20:31:02:13:74:5c:8a:
81:91:c7:b3:1e:b7:7e:05:df:99:ea:46:a7:f6:39:
39:bb:af:7e:cc:a1:89:6e:69:37:5f:34:8c:75:4d:
59:ca:c5:37:3f:78:6e:48:e2:ee:4b:88:8e:81:81:
91:94:54:5f:58:73:d2:48:32:8d:bf:ca:3a:4b:2f:
48:db:23:4b:2e:70:eb:0b:e2:90:e1:df:a3:2e:1b:
40:df:01:50:e2:a2:4b:a2:91:3d:15:5a:ad:cb:2e:
5b:bf:7a:be:8d:e1:8e:d7:66:b9:26:25:98:9b:c6:
5f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F7:7D:23:5B:13:32:EF:FE:72:68:12:FF:8C:32:3B:F0:B6:2C:E5
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ufd9I1sTMu_-cmgS_4wyO_C2LOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.28.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:e9:35:52:e9:db:6a:34:69:7a:51:2b:74:fb:df:a4:1b:2b:
a7:ff:b6:f9:ab:50:65:30:1f:cc:42:04:a8:ef:2a:d7:38:e1:
44:09:9a:b8:8c:e6:8b:3f:4a:35:23:1b:6a:5a:ee:f6:be:d9:
18:0f:c6:ed:a4:6d:f1:8d:e2:ea:01:4a:08:56:ec:90:b5:df:
9d:30:36:92:13:35:1f:19:e5:4d:dc:b1:38:03:64:52:10:95:
84:0a:fb:01:2a:5d:b9:96:29:e1:5a:9f:b3:2c:24:83:78:6f:
05:a6:22:a1:ee:aa:e2:ff:64:24:5d:36:39:22:c3:55:d7:af:
a4:24:8b:36:46:d8:7a:61:01:28:43:5b:cf:bc:0d:1d:48:c4:
94:24:6b:bd:6f:92:fe:3e:66:36:e9:99:d1:0f:a9:85:47:52:
05:2a:cf:46:63:77:a1:3c:96:0e:fb:b7:fe:ea:34:51:99:3c:
34:ef:0a:26:e9:60:26:ba:10:7f:fb:c1:81:d3:e4:06:a5:24:
89:18:07:11:7e:fe:6f:8b:de:bd:14:16:1f:b2:2a:d2:ec:95:
09:ec:13:1f:6a:b8:fb:15:b7:83:ae:20:5e:54:1c:e8:33:59:
a7:b2:1c:f0:d6:62:a4:a0:67:6b:9b:22:21:11:e6:cd:92:55:
91:86:d1:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mcs/bw0ENSIVfqwFHzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY3N2QyMzViMTMzMmVmZmU3MjY4MTJmZjhjMzIzYmYwYjYyY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydk7DqzBKwsLiR4KlUM/YLYnFU0c
uQ5/2nW2rh0XRougPmumFkppdlKWy+vhooyy/kKLb0Ok/Y1dOrAINiEULY+5FSsV
McaTSh8fftsAXok3Khv8wcJgokbjvEW5JQbEwqiGNoGBApiKJ06BZQCWmnqLxU/X
Ymxg/Vtqeg/tnWFYQtFdVFHCZi+tv5aKXyAxAhN0XIqBkcezHrd+Bd+Z6kan9jk5
u69+zKGJbmk3XzSMdU1ZysU3P3huSOLuS4iOgYGRlFRfWHPSSDKNv8o6Sy9I2yNL
LnDrC+KQ4d+jLhtA3wFQ4qJLopE9FVqtyy5bv3q+jeGO12a5JiWYm8ZfxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn3fSNbEzLv/nJoEv+MMjvwtizlMB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvdWZkOUkxc1RNdV8tY21nU180d3lPX0MyTE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/QcMA0G
CSqGSIb3DQEBCwUAA4IBAQAa6TVS6dtqNGl6USt0+9+kGyun/7b5q1BlMB/MQgSo
7yrXOOFECZq4jOaLP0o1IxtqWu72vtkYD8btpG3xjeLqAUoIVuyQtd+dMDaSEzUf
GeVN3LE4A2RSEJWECvsBKl25linhWp+zLCSDeG8FpiKh7qri/2QkXTY5IsNV16+k
JIs2Rth6YQEoQ1vPvA0dSMSUJGu9b5L+PmY26ZnRD6mFR1IFKs9GY3ehPJYO+7f+
6jRRmTw07wom6WAmuhB/+8GB0+QGpSSJGAcRfv5vi969FBYfsirS7JUJ7BMfarj7
FbeDriBeVBzoM1mnshzw1mKkoGdrmyIhEebNklWRhtGT
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:34 2025 by rpki-client