Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/uYRmq9riIpnSj-dt063FdDttSMY.roa
File: uYRmq9riIpnSj-dt063FdDttSMY.roa (raw, json)
Hash identifier: eVkY1lCFSypqnoFYGs3dDTWcHF3+cepLJEQKRr/0kno=
Subject key identifier: B9:84:66:AB:DA:E2:22:99:D2:8F:E7:6D:D3:AD:C5:74:3B:6D:48:C6
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 0194221F976B29796D5B3E5F90AF56666B59
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/uYRmq9riIpnSj-dt063FdDttSMY.roa
Signing time: Wed 01 Jan 2025 13:48:03 +0000
ROA not before: Wed 01 Jan 2025 13:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210037
IP address blocks: 193.37.192.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:97:6b:29:79:6d:5b:3e:5f:90:af:56:66:6b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Jan 1 13:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b98466abdae22299d28fe76dd3adc5743b6d48c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:0b:12:26:4d:c6:5d:47:65:70:6a:e3:f1:
2e:51:74:44:1b:f3:49:6b:82:0d:d1:83:a7:1a:5a:
81:44:66:07:8d:32:cd:a8:3a:c9:66:19:ad:90:57:
ae:a3:39:64:04:f9:a6:a9:4e:02:05:33:3a:21:4d:
d8:6e:6e:0e:f0:26:b9:bf:73:91:49:84:11:71:f7:
f3:d6:c4:9d:84:d2:2f:ff:bf:46:ba:7f:bd:02:39:
fa:89:a4:3b:3d:08:20:b9:11:09:7e:f0:b2:d3:9a:
3c:66:a5:15:f2:f4:fd:42:5a:43:c7:cf:e0:69:f2:
29:e6:29:34:eb:7a:2d:5f:36:7f:eb:9e:78:0a:b6:
e2:e4:ac:0f:2b:5d:a9:25:a0:41:02:93:1d:12:69:
de:bb:24:ee:ca:60:89:80:7f:26:4a:b5:ac:e0:ec:
a4:a8:09:21:76:f8:f8:7f:16:52:0e:f7:37:aa:a8:
4e:31:79:72:84:52:d0:77:32:72:ab:98:47:86:9c:
30:df:cc:c7:f6:02:09:1b:d7:2d:e0:0c:f4:19:60:
d8:0b:74:7f:35:77:22:3c:29:e6:f7:65:14:f5:f8:
9b:d6:03:e3:46:40:b4:7b:30:21:17:99:26:2d:13:
d5:04:62:de:4d:cc:ea:64:cc:18:80:d0:3e:8e:4d:
82:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:84:66:AB:DA:E2:22:99:D2:8F:E7:6D:D3:AD:C5:74:3B:6D:48:C6
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/uYRmq9riIpnSj-dt063FdDttSMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.192.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:28:5e:22:c4:6e:06:7d:3c:79:79:51:ca:24:4f:46:17:d2:
d4:7a:b9:be:65:a7:2b:43:16:70:c5:fe:06:de:49:ca:53:95:
2a:23:70:8d:49:53:ee:5d:90:96:79:61:a9:a3:5d:fb:a7:15:
39:36:1f:8d:e0:75:38:82:d5:72:62:32:61:a9:81:a4:ab:d1:
ee:ba:0b:0a:70:e4:0d:53:4f:b7:3f:8a:86:e7:3a:c1:24:9a:
fe:bc:e1:76:7e:98:72:85:9e:98:cf:21:9a:ac:03:f8:1d:5f:
95:10:6b:3e:a1:e0:7f:68:32:6d:ae:10:65:8d:62:08:3f:cd:
ab:2d:07:60:97:1e:88:4c:4d:b2:ba:53:18:55:cb:cc:4b:d9:
c0:5f:69:09:01:c6:f4:38:9c:82:11:25:99:83:1e:0b:8f:9f:
05:65:c6:c8:a1:e5:7d:61:db:d7:38:18:ee:ef:12:ea:3f:21:
dc:6f:65:f5:24:19:aa:fe:76:40:e6:73:94:2d:6f:93:31:68:
9a:cf:71:53:9e:00:32:9a:91:67:cf:90:1c:91:86:70:0a:86:
bf:21:ae:18:cc:4d:b5:e0:78:a5:39:32:08:d9:7d:32:da:f9:
e3:bc:e3:e9:16:b2:8e:78:7b:6a:9d:fd:ec:8a:5b:2f:6b:70:
15:16:53:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH5drKXltWz5fkK9WZmtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjUwMTAxMTM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg0NjZhYmRhZTIyMjk5ZDI4ZmU3NmRkM2FkYzU3NDNiNmQ0OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluYLEiZNxl1HZXBq4/EuUXREG/NJ
a4IN0YOnGlqBRGYHjTLNqDrJZhmtkFeuozlkBPmmqU4CBTM6IU3Ybm4O8Ca5v3OR
SYQRcffz1sSdhNIv/79Gun+9Ajn6iaQ7PQgguREJfvCy05o8ZqUV8vT9QlpDx8/g
afIp5ik063otXzZ/6554Crbi5KwPK12pJaBBApMdEmneuyTuymCJgH8mSrWs4Oyk
qAkhdvj4fxZSDvc3qqhOMXlyhFLQdzJyq5hHhpww38zH9gIJG9ct4Az0GWDYC3R/
NXciPCnm92UU9fib1gPjRkC0ezAhF5kmLRPVBGLeTczqZMwYgNA+jk2C0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmEZqva4iKZ0o/nbdOtxXQ7bUjGMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvdVlSbXE5cmlJcG5Tai1kdDA2M0ZkRHR0U01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSXAMA0G
CSqGSIb3DQEBCwUAA4IBAQDJKF4ixG4GfTx5eVHKJE9GF9LUerm+ZacrQxZwxf4G
3knKU5UqI3CNSVPuXZCWeWGpo137pxU5Nh+N4HU4gtVyYjJhqYGkq9HuugsKcOQN
U0+3P4qG5zrBJJr+vOF2fphyhZ6YzyGarAP4HV+VEGs+oeB/aDJtrhBljWIIP82r
LQdglx6ITE2yulMYVcvMS9nAX2kJAcb0OJyCESWZgx4Lj58FZcbIoeV9YdvXOBju
7xLqPyHcb2X1JBmq/nZA5nOULW+TMWiaz3FTngAympFnz5AckYZwCoa/Ia4YzE21
4HilOTII2X0y2vnjvOPpFrKOeHtqnf3silsva3AVFlOX
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:45 2025 by rpki-client