Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UexI4Z2MHoKJX7UArvShMTnFH1s.roa
File: UexI4Z2MHoKJX7UArvShMTnFH1s.roa (raw, json)
Hash identifier: OG+DMZt/nQN7JQoIC3moczIdzt0YyA+sScQJwQ63uLM=
Subject key identifier: 51:EC:48:E1:9D:8C:1E:82:89:5F:B5:00:AE:F4:A1:31:39:C5:1F:5B
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194F11F31FEE06E9735AAC175FD2CED3E0C
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UexI4Z2MHoKJX7UArvShMTnFH1s.roa
Signing time: Mon 10 Feb 2025 18:29:00 +0000
ROA not before: Mon 10 Feb 2025 18:29:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24768
IP address blocks: 64.188.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:1f:31:fe:e0:6e:97:35:aa:c1:75:fd:2c:ed:3e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 10 18:29:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51ec48e19d8c1e82895fb500aef4a13139c51f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:bc:09:4f:da:1f:64:cd:77:3d:82:9b:20:
9b:7f:87:7f:0b:36:93:83:9e:5a:a9:03:c9:0f:18:
31:4e:73:fc:34:20:68:3f:cc:64:2a:6b:26:4b:8e:
99:8e:5f:09:e3:eb:5a:12:18:16:62:c1:22:a5:f6:
42:69:a8:15:5e:60:0b:a8:48:ff:7f:13:82:11:89:
d9:88:26:d3:2e:3e:df:d2:42:9d:9a:d3:07:c4:2e:
5d:10:25:52:f1:1b:9e:46:ff:5a:51:a1:9c:46:7a:
bf:e6:03:cb:31:f5:55:52:ee:96:69:e4:9c:36:ab:
56:61:7c:e3:47:26:13:2a:05:41:7e:10:9c:35:82:
93:6f:2b:53:7c:f9:ba:40:b7:90:af:1c:23:55:2a:
ce:51:a8:8a:c6:37:ef:0f:b3:77:32:23:27:cc:e2:
cb:a3:1d:d2:df:1b:7b:ac:a2:0b:61:a7:b1:80:a7:
7d:40:5c:31:d3:81:f5:14:7d:b3:e8:0d:e0:ab:eb:
88:c2:b3:74:15:b8:4b:fd:e9:aa:f4:89:95:3a:8e:
e7:84:77:f9:33:bd:69:cb:88:ca:f8:b8:fe:3a:1d:
c1:78:90:f1:d1:92:c0:bd:2c:d3:97:6c:ad:0e:8e:
8d:6e:3c:65:32:a9:10:dc:62:5c:99:75:c4:c3:81:
16:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:EC:48:E1:9D:8C:1E:82:89:5F:B5:00:AE:F4:A1:31:39:C5:1F:5B
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UexI4Z2MHoKJX7UArvShMTnFH1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.64.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:fe:32:4f:10:46:f7:c3:a3:b6:cf:86:8e:78:d2:70:1a:ed:
0f:aa:6d:4a:8a:01:e8:39:5b:26:32:e3:cb:9a:b8:9c:a6:6a:
89:74:bf:23:15:73:2b:af:11:6c:16:85:75:31:43:a9:86:71:
2a:12:9d:9d:ea:32:d8:43:83:6b:c2:35:9d:c1:e3:5b:37:6a:
ef:71:8b:9c:81:bb:1c:c6:ac:6a:b2:78:aa:26:e4:f9:f9:db:
ba:07:f5:56:c5:fe:f0:e4:b5:cb:cb:5d:30:77:f9:a4:19:98:
2c:b8:02:6b:b7:27:54:1f:ce:60:2b:fc:9b:7b:8e:2f:bb:f3:
88:4b:5f:09:e7:de:3b:f6:dd:2a:87:0d:d8:26:85:f6:d8:5f:
58:99:f5:5f:c1:7e:2e:ca:3d:7d:7e:55:93:0a:04:33:76:01:
fb:6d:4c:46:b3:ec:e1:09:50:bb:5a:4a:2d:2e:56:84:84:2c:
88:45:6d:10:59:e4:d9:05:cc:f0:52:0c:47:fe:8b:7b:f1:07:
1b:cf:fd:d5:4a:8c:e1:8c:c4:1c:a5:f3:14:a7:82:b9:4a:91:
14:b4:ea:24:a9:93:76:fe:97:35:05:28:1d:8d:76:ac:c3:93:
0d:3b:9c:ad:b1:97:61:6f:42:a4:6d:b9:cd:61:59:85:94:fd:
d3:06:2c:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTxHzH+4G6XNarBdf0s7T4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEwMTgyOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWVjNDhlMTlkOGMxZTgyODk1ZmI1MDBhZWY0YTEzMTM5YzUxZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAW8CU/aH2TNdz2CmyCbf4d/CzaT
g55aqQPJDxgxTnP8NCBoP8xkKmsmS46Zjl8J4+taEhgWYsEipfZCaagVXmALqEj/
fxOCEYnZiCbTLj7f0kKdmtMHxC5dECVS8RueRv9aUaGcRnq/5gPLMfVVUu6WaeSc
NqtWYXzjRyYTKgVBfhCcNYKTbytTfPm6QLeQrxwjVSrOUaiKxjfvD7N3MiMnzOLL
ox3S3xt7rKILYaexgKd9QFwx04H1FH2z6A3gq+uIwrN0FbhL/emq9ImVOo7nhHf5
M71py4jK+Lj+Oh3BeJDx0ZLAvSzTl2ytDo6NbjxlMqkQ3GJcmXXEw4EWewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHsSOGdjB6CiV+1AK70oTE5xR9bMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVWV4STRaMk1Ib0tKWDdVQXJ2U2hNVG5GSDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCQLxAMA0G
CSqGSIb3DQEBCwUAA4IBAQA6/jJPEEb3w6O2z4aOeNJwGu0Pqm1KigHoOVsmMuPL
mricpmqJdL8jFXMrrxFsFoV1MUOphnEqEp2d6jLYQ4NrwjWdweNbN2rvcYucgbsc
xqxqsniqJuT5+du6B/VWxf7w5LXLy10wd/mkGZgsuAJrtydUH85gK/ybe44vu/OI
S18J59479t0qhw3YJoX22F9YmfVfwX4uyj19flWTCgQzdgH7bUxGs+zhCVC7Wkot
LlaEhCyIRW0QWeTZBczwUgxH/ot78Qcbz/3VSozhjMQcpfMUp4K5SpEUtOokqZN2
/pc1BSgdjXasw5MNO5ytsZdhb0KkbbnNYVmFlP3TBiye
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:49 2025 by rpki-client