Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/U2cPz4HagwOsjC3EKbxfO-n45xM.roa
File: U2cPz4HagwOsjC3EKbxfO-n45xM.roa (raw, json)
Hash identifier: dQxCQCa4uBAozEsAVVNURBo8eoyW6UwOtHlGvSiTYH8=
Subject key identifier: 53:67:0F:CF:81:DA:83:03:AC:8C:2D:C4:29:BC:5F:3B:E9:F8:E7:13
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 0186632420921EEDF9D4FF7659C8A4E7ECA2
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/U2cPz4HagwOsjC3EKbxfO-n45xM.roa
Signing time: Sat 18 Feb 2023 06:09:17 +0000
ROA not before: Sat 18 Feb 2023 06:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 185.21.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:63:24:20:92:1e:ed:f9:d4:ff:76:59:c8:a4:e7:ec:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Feb 18 06:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53670fcf81da8303ac8c2dc429bc5f3be9f8e713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0b:d0:fa:a2:86:58:40:83:a9:fb:ac:b7:62:
e7:24:99:c0:57:9a:53:da:4e:52:2b:c6:20:b9:ff:
f4:a0:b1:1b:7d:e1:a1:44:0e:82:92:f4:0c:f1:5b:
92:97:45:3d:de:9c:23:9f:38:fa:69:90:a9:c4:31:
1c:dc:ce:aa:58:a1:16:42:c3:f1:08:88:e7:85:47:
e0:fa:c0:b8:a6:16:42:25:c7:6a:c0:bd:05:78:5b:
74:15:0c:03:0e:96:4f:02:89:c9:09:cd:1a:6c:3b:
03:c9:69:b9:c5:6f:9e:a0:7a:0e:47:ed:9a:d4:db:
92:65:ce:db:b8:13:17:5d:b1:cf:90:18:3c:b3:18:
f7:45:22:a2:30:e7:34:0d:8c:00:e0:b5:af:8a:37:
cf:b4:a5:c7:5c:33:95:ea:33:2d:b6:18:69:5c:3a:
4e:0e:a6:64:94:4d:70:3c:39:3d:aa:8a:84:61:83:
71:85:a7:ba:e9:26:42:d2:34:6a:48:2b:59:e3:ec:
ce:de:2f:11:5b:58:ad:6e:39:85:a6:f2:95:6e:d5:
07:74:5b:e9:0a:0f:fd:df:44:83:96:9f:53:a1:e4:
e5:8b:db:ad:37:37:00:f3:93:0f:43:80:38:c2:0d:
10:bb:20:62:c9:c5:45:ea:ec:ab:54:00:69:e5:31:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:67:0F:CF:81:DA:83:03:AC:8C:2D:C4:29:BC:5F:3B:E9:F8:E7:13
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/U2cPz4HagwOsjC3EKbxfO-n45xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.131.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:48:38:e8:ad:09:d2:0f:fe:bd:49:10:a5:c9:4d:a2:15:92:
01:2c:75:de:8f:87:b9:ad:14:93:d6:ee:17:dc:bc:5d:8d:35:
82:49:06:ff:c1:f3:1a:ff:a6:00:92:cf:db:d8:f1:f6:11:80:
77:f6:5a:bd:1b:6a:99:b2:7c:91:fb:1e:c7:49:2f:ee:af:99:
e1:8b:79:e4:bf:4b:a7:d0:d8:47:82:de:4c:28:bc:81:e3:3a:
3d:f7:0f:0d:56:79:09:ab:01:4f:5b:9d:88:6a:a5:b9:68:f4:
f5:a6:24:49:d1:f4:48:7f:20:d7:10:3a:af:3c:02:86:cc:aa:
aa:6b:4c:f3:b7:5c:b3:7f:8b:77:7b:cf:81:b0:ae:2f:90:03:
f1:44:a3:7b:28:ba:56:a8:6f:72:a4:81:26:c8:aa:de:81:fd:
fa:c1:ed:e8:52:1e:79:e5:3c:3c:21:af:7e:62:8f:0d:dd:fd:
8c:4c:6e:24:12:7d:71:b6:3a:11:ad:72:16:5f:36:8a:b5:26:
3f:6f:22:b5:e8:12:eb:e6:36:8b:ff:78:33:31:82:f1:b6:d2:
fd:a3:b7:55:0f:d2:27:5b:30:8a:b1:a3:e3:5b:a2:59:96:83:
35:e2:e1:e0:63:50:ef:06:d0:17:da:4e:bb:20:c1:69:32:af:
44:64:7f:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZjJCCSHu351P92Wcik5+yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMwMjE4MDYwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY3MGZjZjgxZGE4MzAzYWM4YzJkYzQyOWJjNWYzYmU5ZjhlNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswvQ+qKGWECDqfust2LnJJnAV5pT
2k5SK8Yguf/0oLEbfeGhRA6CkvQM8VuSl0U93pwjnzj6aZCpxDEc3M6qWKEWQsPx
CIjnhUfg+sC4phZCJcdqwL0FeFt0FQwDDpZPAonJCc0abDsDyWm5xW+eoHoOR+2a
1NuSZc7buBMXXbHPkBg8sxj3RSKiMOc0DYwA4LWvijfPtKXHXDOV6jMtthhpXDpO
DqZklE1wPDk9qoqEYYNxhae66SZC0jRqSCtZ4+zO3i8RW1itbjmFpvKVbtUHdFvp
Cg/930SDlp9ToeTli9utNzcA85MPQ4A4wg0QuyBiycVF6uyrVABp5TEkJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNnD8+B2oMDrIwtxCm8Xzvp+OcTMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvVTJjUHo0SGFnd09zakMzRUtieGZPLW40NXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRWDMA0G
CSqGSIb3DQEBCwUAA4IBAQCbSDjorQnSD/69SRClyU2iFZIBLHXej4e5rRST1u4X
3LxdjTWCSQb/wfMa/6YAks/b2PH2EYB39lq9G2qZsnyR+x7HSS/ur5nhi3nkv0un
0NhHgt5MKLyB4zo99w8NVnkJqwFPW52IaqW5aPT1piRJ0fRIfyDXEDqvPAKGzKqq
a0zzt1yzf4t3e8+BsK4vkAPxRKN7KLpWqG9ypIEmyKregf36we3oUh555Tw8Ia9+
Yo8N3f2MTG4kEn1xtjoRrXIWXzaKtSY/byK16BLr5jaL/3gzMYLxttL9o7dVD9In
WzCKsaPjW6JZloM14uHgY1DvBtAX2k67IMFpMq9EZH/A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:49 2025 by rpki-client