Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/OrKuFz27FK0P6O2bv_b1bL5Co9k.roa
File: OrKuFz27FK0P6O2bv_b1bL5Co9k.roa (raw, json)
Hash identifier: 8cEi5rfuQFGn6/7XwnoqTW0z0qfPYwGTHgFoatR1/Hk=
Subject key identifier: 3A:B2:AE:17:3D:BB:14:AD:0F:E8:ED:9B:BF:F6:F5:6C:BE:42:A3:D9
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 019420D66139953DDB60AB18FC08438AC675
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/OrKuFz27FK0P6O2bv_b1bL5Co9k.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25682
IP address blocks: 193.57.173.0/24 maxlen: 24
2a0f:8640::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:61:39:95:3d:db:60:ab:18:fc:08:43:8a:c6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab2ae173dbb14ad0fe8ed9bbff6f56cbe42a3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:db:b1:e2:ed:10:c2:cc:cc:4b:bf:89:be:
fa:7a:04:58:cb:9a:17:23:bf:c3:9c:38:2e:bd:3d:
ac:c3:79:24:dc:c1:f0:84:44:96:a3:67:12:3b:f4:
be:53:7f:8b:45:c8:da:6d:ed:3c:ac:60:5a:e0:47:
8b:fb:38:7f:b1:a5:2c:4e:fe:e6:3b:08:13:07:0f:
41:d5:16:c8:68:cf:be:5b:c7:28:ef:f6:0e:78:b7:
62:b0:90:0a:29:6e:ca:7e:4f:dc:b8:cc:4d:7a:10:
63:70:e0:36:c9:16:74:d6:2d:9f:d9:ca:de:31:79:
73:31:2c:be:2a:f6:ec:d3:28:39:1b:57:58:ee:fc:
e3:6c:c6:e0:f0:d2:31:81:cf:34:2b:8f:89:18:3f:
67:f3:87:b4:cb:fa:60:c9:20:ec:6d:fd:3e:be:87:
45:7b:12:46:d3:36:c4:0f:a6:4c:20:fa:41:a3:39:
9d:8c:2e:c0:2b:a9:b6:3c:69:70:4c:92:68:7b:a7:
10:1e:b9:f7:c8:e0:24:52:e8:fe:36:e6:a3:98:58:
07:39:be:c6:8a:0b:16:45:f9:b1:53:63:6a:98:4b:
75:81:ec:f2:9f:ae:94:88:6f:cb:a9:a7:04:07:27:
60:02:58:9c:5d:11:e7:81:c4:6a:d5:e8:f6:a4:5a:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B2:AE:17:3D:BB:14:AD:0F:E8:ED:9B:BF:F6:F5:6C:BE:42:A3:D9
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/OrKuFz27FK0P6O2bv_b1bL5Co9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.173.0/24
IPv6:
2a0f:8640::/29
Signature Algorithm: sha256WithRSAEncryption
4b:62:76:b1:e6:60:4a:1f:92:88:ca:f0:7f:24:96:84:fa:7d:
64:c2:b4:f1:3b:a6:5f:f9:0f:cb:39:bc:0b:84:8d:d1:ef:ab:
cf:44:eb:57:1c:50:7f:9c:32:ed:9b:a6:e3:68:49:c0:6e:85:
e6:bf:76:1c:e1:fe:58:d6:d2:19:6a:37:cb:76:90:bc:0a:44:
a1:35:ce:25:5f:32:79:d4:e9:81:a6:d1:b8:df:a7:e4:39:d7:
75:6e:9f:e0:16:47:ba:bd:10:3f:75:4c:9a:92:42:b5:a7:53:
63:c9:80:96:0f:9f:b1:19:df:e1:0a:51:0d:98:03:10:5a:62:
b3:b5:1f:d1:c9:f1:78:db:28:d9:86:60:d9:2c:49:5d:26:b0:
eb:5a:cd:9f:1c:0a:09:9a:2a:37:de:91:02:6e:d3:d8:8e:38:
fd:70:6f:59:a2:32:eb:7c:b4:a8:b8:27:3c:c2:f0:df:58:94:
0b:7d:41:e5:4b:10:7f:2d:75:9b:69:d1:a8:31:77:d2:1e:85:
1e:02:5e:80:61:1d:b6:db:3e:3e:b1:6e:28:dd:06:99:5b:7d:
e8:83:c2:26:e9:48:5b:a5:2d:8f:7e:60:f6:bf:32:c2:e1:fb:
54:e1:33:0d:95:2e:b6:f3:7d:48:50:44:4b:f7:d7:e8:6d:d9:
56:ae:2c:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1mE5lT3bYKsY/AhDisZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWIyYWUxNzNkYmIxNGFkMGZlOGVkOWJiZmY2ZjU2Y2JlNDJhM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz3bseLtEMLMzEu/ib76egRYy5oX
I7/DnDguvT2sw3kk3MHwhESWo2cSO/S+U3+LRcjabe08rGBa4EeL+zh/saUsTv7m
OwgTBw9B1RbIaM++W8co7/YOeLdisJAKKW7Kfk/cuMxNehBjcOA2yRZ01i2f2cre
MXlzMSy+Kvbs0yg5G1dY7vzjbMbg8NIxgc80K4+JGD9n84e0y/pgySDsbf0+vodF
exJG0zbED6ZMIPpBozmdjC7AK6m2PGlwTJJoe6cQHrn3yOAkUuj+NuajmFgHOb7G
igsWRfmxU2NqmEt1gezyn66UiG/LqacEBydgAlicXRHngcRq1ej2pFpx9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDqyrhc9uxStD+jtm7/29Wy+QqPZMB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvT3JLdUZ6MjdGSzBQNk8yYnZfYjFiTDVDbzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTmtMA0E
AgACMAcDBQMqD4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBLYnax5mBKH5KIyvB/JJaE
+n1kwrTxO6Zf+Q/LObwLhI3R76vPROtXHFB/nDLtm6bjaEnAboXmv3Yc4f5Y1tIZ
ajfLdpC8CkShNc4lXzJ51OmBptG436fkOdd1bp/gFke6vRA/dUyakkK1p1NjyYCW
D5+xGd/hClENmAMQWmKztR/RyfF42yjZhmDZLEldJrDrWs2fHAoJmio33pECbtPY
jjj9cG9ZojLrfLSouCc8wvDfWJQLfUHlSxB/LXWbadGoMXfSHoUeAl6AYR222z4+
sW4o3QaZW33og8Im6UhbpS2PfmD2vzLC4ftU4TMNlS62831IUERL99fobdlWriwM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:03 2025 by rpki-client