Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Us-fTmHu2UzOu9xCScPlehafLYc.roa
File: Us-fTmHu2UzOu9xCScPlehafLYc.roa (raw, json)
Hash identifier: zlOJjP6Q52iXp+zZtKm1rsRrRdbprRmA+U6Velms8XY=
Subject key identifier: 52:CF:9F:4E:61:EE:D9:4C:CE:BB:DC:42:49:C3:E5:7A:16:9F:2D:87
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D707137CFC96BC69F81BA96A48D8F7
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Us-fTmHu2UzOu9xCScPlehafLYc.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21030
IP address blocks: 194.67.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:07:13:7c:fc:96:bc:69:f8:1b:a9:6a:48:d8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52cf9f4e61eed94ccebbdc4249c3e57a169f2d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9c:ff:3a:88:90:e0:ab:bf:40:b4:4a:e4:ae:
d8:c3:9f:e9:23:7f:8d:f0:1c:0b:a5:b5:07:47:47:
a1:5b:26:28:d4:4f:b9:c4:07:f0:b7:c9:24:b6:b6:
d5:53:1b:aa:5c:fa:67:7e:5a:b7:83:cf:b1:fe:43:
1c:61:5e:a6:4c:05:36:c5:6a:46:be:a4:73:1d:1d:
1d:ba:9c:8a:81:3d:4e:99:6b:54:06:bf:8d:b7:1c:
84:50:6a:d9:d9:5d:60:40:d3:64:68:15:53:88:18:
4f:05:40:67:62:1a:3a:f4:ff:04:44:94:ce:17:17:
d6:cc:cc:06:61:1e:15:a3:c3:45:b0:ea:82:2f:49:
7c:1f:a8:65:64:20:a2:ae:a0:87:54:aa:23:66:3d:
1c:c9:2a:c4:61:85:91:d7:d3:47:7b:b1:77:3d:89:
8b:88:db:c3:f3:1b:a0:0c:12:07:97:ff:d8:48:a7:
f0:79:bb:0c:3e:c8:3a:2c:a6:05:69:d8:e9:32:b8:
a1:9f:a4:37:14:23:c0:c6:db:1f:e1:86:59:b8:bd:
7c:1f:ba:92:0d:d0:58:8a:7f:00:47:6c:8f:ac:19:
4a:f3:16:63:26:d9:e4:de:d0:43:bd:b1:a8:35:35:
48:7d:46:ea:69:22:01:ae:19:86:fa:f3:a5:f1:fb:
33:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CF:9F:4E:61:EE:D9:4C:CE:BB:DC:42:49:C3:E5:7A:16:9F:2D:87
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Us-fTmHu2UzOu9xCScPlehafLYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.67.192.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:2b:95:93:54:3e:02:b4:fb:8c:03:b5:ae:88:9b:90:b9:37:
44:aa:33:c4:db:11:cd:18:03:4d:99:a9:64:9b:5c:92:8d:df:
9d:4f:cb:fe:8f:2f:85:18:29:e9:fb:56:28:ad:d6:41:4d:9f:
45:5e:11:59:53:00:0f:04:04:b4:0c:f5:71:6f:d1:22:58:15:
b8:72:c8:37:5e:a3:a0:af:ab:43:6a:e6:74:a9:de:00:55:ed:
a2:04:8e:7c:9c:ff:f3:2f:3a:f0:d1:c9:46:58:42:41:a9:55:
02:f2:99:79:93:9b:35:c7:de:ba:8c:b0:0f:2b:e6:ea:60:a0:
77:53:30:ac:b6:b6:1d:2c:1f:c3:2e:3c:53:3f:c9:a2:d8:06:
75:ed:a9:3a:43:cb:6f:92:43:33:d7:09:26:78:40:8b:73:d6:
78:88:0d:d1:23:2e:11:06:d4:a7:3f:98:f6:70:7d:ff:ff:99:
c3:b5:37:16:64:4f:93:04:92:df:fe:13:2a:02:28:2b:89:9a:
5f:74:ec:6b:ce:cc:d1:e9:dd:0c:cf:58:dc:01:b5:26:ff:86:
08:3c:e1:00:49:11:e1:2c:39:65:7e:c9:4b:62:b6:9c:8f:65:
a4:40:83:87:7c:72:89:15:49:cc:0e:80:9b:5e:10:4d:44:47:
42:0e:98:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1wcTfPyWvGn4G6lqSNj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNmOWY0ZTYxZWVkOTRjY2ViYmRjNDI0OWMzZTU3YTE2OWYyZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15z/OoiQ4Ku/QLRK5K7Yw5/pI3+N
8BwLpbUHR0ehWyYo1E+5xAfwt8kktrbVUxuqXPpnflq3g8+x/kMcYV6mTAU2xWpG
vqRzHR0dupyKgT1OmWtUBr+NtxyEUGrZ2V1gQNNkaBVTiBhPBUBnYho69P8ERJTO
FxfWzMwGYR4Vo8NFsOqCL0l8H6hlZCCirqCHVKojZj0cySrEYYWR19NHe7F3PYmL
iNvD8xugDBIHl//YSKfwebsMPsg6LKYFadjpMrihn6Q3FCPAxtsf4YZZuL18H7qS
DdBYin8AR2yPrBlK8xZjJtnk3tBDvbGoNTVIfUbqaSIBrhmG+vOl8fsz5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFLPn05h7tlMzrvcQknD5XoWny2HMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVXMtZlRtSHUyVXpPdTl4Q1NjUGxlaGFmTFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAfK5WTVD4CtPuMA7WuiJuQuTdEqjPE2xHNGANNmalk
m1ySjd+dT8v+jy+FGCnp+1YordZBTZ9FXhFZUwAPBAS0DPVxb9EiWBW4csg3XqOg
r6tDauZ0qd4AVe2iBI58nP/zLzrw0clGWEJBqVUC8pl5k5s1x966jLAPK+bqYKB3
UzCstrYdLB/DLjxTP8mi2AZ17ak6Q8tvkkMz1wkmeECLc9Z4iA3RIy4RBtSnP5j2
cH3//5nDtTcWZE+TBJLf/hMqAigriZpfdOxrzszR6d0Mz1jcAbUm/4YIPOEASRHh
LDllfslLYracj2WkQIOHfHKJFUnMDoCbXhBNREdCDpjv
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:42:52 2025 by rpki-client