Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uHPtlU3qdVrOCAD4M6mdiGrDzqE.roa
File: uHPtlU3qdVrOCAD4M6mdiGrDzqE.roa (raw, json)
Hash identifier: AeMGCTul+AJixElOuUQNIP59RKHExeTwQIkWiWRzSzs=
Subject key identifier: B8:73:ED:95:4D:EA:75:5A:CE:08:00:F8:33:A9:9D:88:6A:C3:CE:A1
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 01942444C30EABAE95AA9B004DC2DEF4691A
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uHPtlU3qdVrOCAD4M6mdiGrDzqE.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34659
IP address blocks: 87.89.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c3:0e:ab:ae:95:aa:9b:00:4d:c2:de:f4:69:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b873ed954dea755ace0800f833a99d886ac3cea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:3f:f6:8b:16:20:ef:68:fe:00:a3:e6:f9:
cd:b2:d4:44:56:49:e6:c6:f0:3d:9d:0e:da:e5:d5:
21:5d:e8:78:da:de:ce:9e:76:60:1b:83:68:ce:2c:
fc:42:de:43:f4:4a:c8:b6:84:35:47:d7:68:c5:98:
24:30:94:59:40:0b:8f:b7:b8:86:d7:46:d4:d5:83:
e0:e5:b2:f5:57:c4:d6:b0:ad:ac:4a:dd:d9:1a:bd:
5d:b3:cb:6f:1d:a2:6c:ca:6c:27:46:43:3d:8c:d9:
01:57:3c:d4:5d:17:88:c7:1e:fe:c5:65:75:f4:ca:
6a:07:56:3c:e2:a2:13:22:9f:15:81:d3:0b:69:e7:
8b:3c:e4:76:68:23:e0:0d:51:05:0b:36:a0:c2:89:
cb:a1:ee:fa:95:e3:b5:ce:9e:b6:b5:89:4c:ba:8e:
7d:45:76:b0:6c:7e:b3:9d:c7:fa:81:f0:41:ca:58:
49:7f:ff:f7:0c:69:0e:46:6f:8c:65:d4:92:cf:a2:
d7:a8:d0:78:8c:a6:a0:13:62:51:e8:d2:f5:21:ea:
bf:1b:1f:65:de:08:67:cf:04:e5:a0:e3:db:e7:74:
bb:81:b2:78:cf:87:a1:57:89:2f:ae:3f:b0:f0:17:
7a:50:99:18:e9:9c:bd:a1:d7:2a:8b:f6:70:2b:b7:
80:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:73:ED:95:4D:EA:75:5A:CE:08:00:F8:33:A9:9D:88:6A:C3:CE:A1
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/uHPtlU3qdVrOCAD4M6mdiGrDzqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.89.96.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:32:cf:cb:72:52:0d:7b:d1:dc:71:e6:03:04:67:ae:0e:d1:
c4:88:3c:3f:8c:26:e6:34:a7:07:16:78:c1:84:66:09:f4:e8:
3d:cf:67:85:08:89:40:6b:5a:f5:48:8e:b7:67:24:69:52:cd:
95:bb:8a:f4:e8:e1:7d:4f:e3:47:ec:4d:ec:c1:09:e5:09:7e:
37:c6:29:9b:99:23:7a:2e:70:f4:f6:2b:fe:93:f3:eb:f6:8b:
76:a8:78:d8:cb:51:25:27:b0:ef:98:fd:fc:b3:2d:de:25:93:
9c:5a:33:c5:24:3a:72:31:67:e7:15:83:06:6a:bf:9f:78:ab:
07:1a:dc:d4:2f:9d:88:ab:7b:e4:4d:c4:0a:19:d4:87:78:34:
07:bc:88:28:7c:4e:86:ab:6c:43:9a:06:8b:7b:c3:d5:34:f9:
1d:0d:2c:c1:02:6e:fa:88:1d:81:8c:d7:ee:09:7b:af:48:4d:
26:56:45:51:d7:66:7e:dd:da:c0:71:28:f2:84:bd:7f:1c:3c:
43:40:86:78:42:1e:ea:e6:1f:49:fb:4b:9b:a8:69:a8:51:31:
fe:35:78:6d:1d:5b:64:3e:f6:7f:25:7d:d9:20:d1:6f:85:a5:
37:f4:e1:1c:1d:04:2d:0c:02:78:a5:c5:73:22:a3:00:ec:d5:
c4:a3:35:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRMMOq66VqpsATcLe9GkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODczZWQ5NTRkZWE3NTVhY2UwODAwZjgzM2E5OWQ4ODZhYzNjZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKU/9osWIO9o/gCj5vnNstREVknm
xvA9nQ7a5dUhXeh42t7OnnZgG4Noziz8Qt5D9ErItoQ1R9doxZgkMJRZQAuPt7iG
10bU1YPg5bL1V8TWsK2sSt3ZGr1ds8tvHaJsymwnRkM9jNkBVzzUXReIxx7+xWV1
9MpqB1Y84qITIp8VgdMLaeeLPOR2aCPgDVEFCzagwonLoe76leO1zp62tYlMuo59
RXawbH6zncf6gfBBylhJf//3DGkORm+MZdSSz6LXqNB4jKagE2JR6NL1Ieq/Gx9l
3ghnzwTloOPb53S7gbJ4z4ehV4kvrj+w8Bd6UJkY6Zy9odcqi/ZwK7eA4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhz7ZVN6nVazggA+DOpnYhqw86hMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvdUhQdGxVM3FkVnJPQ0FENE02bWRpR3JEenFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEV1lgMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Ms/LclINe9HcceYDBGeuDtHEiDw/jCbmNKcHFnjB
hGYJ9Og9z2eFCIlAa1r1SI63ZyRpUs2Vu4r06OF9T+NH7E3swQnlCX43ximbmSN6
LnD09iv+k/Pr9ot2qHjYy1ElJ7DvmP38sy3eJZOcWjPFJDpyMWfnFYMGar+feKsH
GtzUL52Iq3vkTcQKGdSHeDQHvIgofE6Gq2xDmgaLe8PVNPkdDSzBAm76iB2BjNfu
CXuvSE0mVkVR12Z+3drAcSjyhL1/HDxDQIZ4Qh7q5h9J+0ubqGmoUTH+NXhtHVtk
PvZ/JX3ZINFvhaU39OEcHQQtDAJ4pcVzIqMA7NXEozVb
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:55:12 2025 by rpki-client