Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/USqQ8XG89Yqk9IuDLJjFaDlmqeE.roa
File: USqQ8XG89Yqk9IuDLJjFaDlmqeE.roa (raw, json)
Hash identifier: 9/sNUGETLhHg/aUAG68KMe04hW4qzB2MdqeEagvAE5s=
Subject key identifier: 51:2A:90:F1:71:BC:F5:8A:A4:F4:8B:83:2C:98:C5:68:39:66:A9:E1
Certificate issuer: /CN=de7e14321f86a46d88f11771ab7818c6bba8c881
Certificate serial: 018CC3B6B28B204C64C9FFE0DA1C5C7B1F48
Authority key identifier: DE:7E:14:32:1F:86:A4:6D:88:F1:17:71:AB:78:18:C6:BB:A8:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3n4UMh-GpG2I8Rdxq3gYxruoyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/USqQ8XG89Yqk9IuDLJjFaDlmqeE.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57373
IP address blocks: 94.143.228.0/24 maxlen: 24
2a12:a580::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b2:8b:20:4c:64:c9:ff:e0:da:1c:5c:7b:1f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7e14321f86a46d88f11771ab7818c6bba8c881
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=512a90f171bcf58aa4f48b832c98c5683966a9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1d:ab:d6:3b:3c:2d:35:e1:d1:6b:73:3c:a3:
3a:3b:e0:c2:85:0f:db:64:6a:07:2c:7f:83:8a:bd:
9f:4c:3d:3e:d1:88:9a:00:cd:c8:ba:08:d0:8f:a7:
c7:d2:e5:26:a5:a4:81:68:b3:1d:1c:5c:66:99:06:
87:1c:95:b2:5c:9e:83:97:7c:0f:55:2f:82:66:55:
36:97:23:e3:f0:fc:3f:f9:3f:62:73:e1:4b:51:30:
f2:5d:ec:f1:93:c8:57:ab:63:09:d7:df:4f:cf:f8:
2b:99:f8:51:ba:11:7e:c5:b4:be:79:08:b1:1d:85:
96:24:16:15:88:75:60:d5:aa:4b:50:37:b1:09:82:
f7:be:cc:7b:98:63:ff:59:69:4a:bf:26:b6:d0:f7:
ba:b6:ec:1c:15:1b:53:a5:0c:8c:6c:dc:76:7d:73:
2d:d8:51:6e:6f:8f:82:28:8c:6e:43:65:21:d5:e2:
2e:76:20:71:7d:38:d0:79:4b:8a:71:5f:3c:5a:45:
b0:15:d9:89:3f:7d:3e:1c:fa:fb:e5:19:13:92:4a:
f2:8c:52:7f:99:ad:ea:4d:20:3d:33:65:98:35:d4:
7e:96:49:57:e3:57:aa:1e:49:67:39:e3:5a:86:90:
84:66:96:f6:e1:54:c8:86:4c:50:5b:ed:81:c9:94:
7a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2A:90:F1:71:BC:F5:8A:A4:F4:8B:83:2C:98:C5:68:39:66:A9:E1
X509v3 Authority Key Identifier:
keyid:DE:7E:14:32:1F:86:A4:6D:88:F1:17:71:AB:78:18:C6:BB:A8:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3n4UMh-GpG2I8Rdxq3gYxruoyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/USqQ8XG89Yqk9IuDLJjFaDlmqeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/c5a19b-1221-4aed-a026-60434a2fbe04/1/3n4UMh-GpG2I8Rdxq3gYxruoyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.228.0/24
IPv6:
2a12:a580::/29
Signature Algorithm: sha256WithRSAEncryption
5d:44:aa:b1:c4:99:08:c1:6b:36:cb:37:f3:cb:3c:5b:06:34:
b8:a6:9c:3a:ff:94:2c:84:ab:42:90:9f:26:f4:e2:8e:a2:ec:
fa:90:57:ea:55:f8:5f:0a:a6:0f:6d:0b:f0:55:1d:a4:95:fc:
9d:9d:96:ea:8b:e7:2c:51:a9:45:29:63:ed:9b:67:18:bb:d4:
dc:08:0a:06:97:66:c0:d5:f7:2d:a5:4b:5c:f6:6f:2f:c3:b4:
48:21:16:d3:03:6e:db:8b:53:a2:37:b3:8b:52:24:a2:bf:c8:
0e:34:e2:ff:14:69:21:a5:1f:8f:92:49:b8:dc:56:cb:b9:a7:
d2:e6:33:b4:f6:26:f1:32:98:00:91:29:6f:81:f6:de:d4:66:
0d:91:1c:a0:2f:66:d2:7a:06:ba:fe:a9:3a:a7:ed:6e:e5:a2:
40:12:91:89:bc:f0:8f:56:18:61:03:7f:a4:fe:03:87:ca:d0:
e3:ee:a8:49:84:a5:36:1c:d1:72:d6:7c:f5:41:19:f2:ad:5f:
a2:1a:a9:89:a1:4d:0b:e1:7b:6c:1d:23:49:b2:86:2e:46:b1:
f3:40:61:f0:26:b4:bd:10:c0:52:6b:df:53:b3:5e:8a:de:19:
22:67:dd:af:4b:09:ab:c7:59:93:10:30:43:3e:d5:ab:cd:61:
7e:72:7f:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtrKLIExkyf/g2hxcex9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2UxNDMyMWY4NmE0NmQ4OGYxMTc3MWFiNzgxOGM2YmJh
OGM4ODEwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJhOTBmMTcxYmNmNThhYTRmNDhiODMyYzk4YzU2ODM5NjZhOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR2r1js8LTXh0WtzPKM6O+DChQ/b
ZGoHLH+Dir2fTD0+0YiaAM3IugjQj6fH0uUmpaSBaLMdHFxmmQaHHJWyXJ6Dl3wP
VS+CZlU2lyPj8Pw/+T9ic+FLUTDyXezxk8hXq2MJ199Pz/grmfhRuhF+xbS+eQix
HYWWJBYViHVg1apLUDexCYL3vsx7mGP/WWlKvya20Pe6tuwcFRtTpQyMbNx2fXMt
2FFub4+CKIxuQ2Uh1eIudiBxfTjQeUuKcV88WkWwFdmJP30+HPr75RkTkkryjFJ/
ma3qTSA9M2WYNdR+lklX41eqHklnOeNahpCEZpb24VTIhkxQW+2ByZR6GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFEqkPFxvPWKpPSLgyyYxWg5ZqnhMB8GA1UdIwQY
MBaAFN5+FDIfhqRtiPEXcat4GMa7qMiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM240VU1oLUdwRzJJOFJkeHEzZ1l4cnVveUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9jNWExOWItMTIyMS00YWVkLWEwMjYt
NjA0MzRhMmZiZTA0LzEvVVNxUThYRzg5WXFrOUl1RExKakZhRGxtcWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9jNWExOWItMTIyMS00YWVkLWEwMjYtNjA0MzRhMmZiZTA0
LzEvM240VU1oLUdwRzJJOFJkeHEzZ1l4cnVveUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXo/kMA0E
AgACMAcDBQMqEqWAMA0GCSqGSIb3DQEBCwUAA4IBAQBdRKqxxJkIwWs2yzfzyzxb
BjS4ppw6/5QshKtCkJ8m9OKOouz6kFfqVfhfCqYPbQvwVR2klfydnZbqi+csUalF
KWPtm2cYu9TcCAoGl2bA1fctpUtc9m8vw7RIIRbTA27bi1OiN7OLUiSiv8gONOL/
FGkhpR+Pkkm43FbLuafS5jO09ibxMpgAkSlvgfbe1GYNkRygL2bSega6/qk6p+1u
5aJAEpGJvPCPVhhhA3+k/gOHytDj7qhJhKU2HNFy1nz1QRnyrV+iGqmJoU0L4Xts
HSNJsoYuRrHzQGHwJrS9EMBSa99Ts16K3hkiZ92vSwmrx1mTEDBDPtWrzWF+cn/D
-----END CERTIFICATE-----
Generated at Tue Apr 30 15:11:56 2024 by rpki-client on console-fra.rpki-client.org