Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/1dced4-c45c-4515-a8ad-eb89c5c4d384/1/uH2O-bh8vRpzChjDXX0U5wk8FCE.roa
File: uH2O-bh8vRpzChjDXX0U5wk8FCE.roa (raw, json)
Hash identifier: 9xE2MB9lD5bNV5oUz9yfVqDaKpfqVsrchQN0y1LPkIg=
Subject key identifier: B8:7D:8E:F9:B8:7C:BD:1A:73:0A:18:C3:5D:7D:14:E7:09:3C:14:21
Certificate issuer: /CN=9b5182aa966af4b9b3cc3ce3eced53fceb0e915f
Certificate serial: 018CC6B8A98EF8ECAA5E1C81503537B63727
Authority key identifier: 9B:51:82:AA:96:6A:F4:B9:B3:CC:3C:E3:EC:ED:53:FC:EB:0E:91:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1GCqpZq9LmzzDzj7O1T_OsOkV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/1dced4-c45c-4515-a8ad-eb89c5c4d384/1/uH2O-bh8vRpzChjDXX0U5wk8FCE.roa
Signing time: Mon 01 Jan 2024 20:30:39 +0000
ROA not before: Mon 01 Jan 2024 20:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57749
IP address blocks: 91.234.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a9:8e:f8:ec:aa:5e:1c:81:50:35:37:b6:37:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5182aa966af4b9b3cc3ce3eced53fceb0e915f
Validity
Not Before: Jan 1 20:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b87d8ef9b87cbd1a730a18c35d7d14e7093c1421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bc:47:cf:e4:a1:78:fe:6b:d5:54:d2:44:98:
bb:c2:21:5b:2e:74:36:00:ae:17:60:5b:fc:54:75:
14:7d:9c:b7:e4:a7:95:59:3e:8a:a0:c0:3c:a2:62:
ef:23:20:41:4e:cd:66:f7:a0:3f:7c:2c:5c:8a:8d:
62:42:7f:88:02:f5:3f:de:c0:bc:ca:2e:fc:8e:54:
34:96:52:df:4f:88:68:fe:25:b4:b8:03:32:19:19:
ad:f7:fe:c3:c0:04:db:1b:96:91:dd:ed:f9:cd:30:
9c:43:63:fb:eb:a7:20:23:cc:8e:a4:f9:66:90:a5:
ac:30:7f:d0:a8:eb:20:c8:84:01:01:1f:51:76:b4:
54:1a:5e:54:c8:42:12:7f:c4:3a:28:93:95:0d:e0:
48:cf:3a:a6:db:62:6c:bd:e1:98:2b:90:0c:9b:fc:
a6:24:2d:21:8d:00:d4:c0:56:37:ff:ca:fc:84:be:
21:2a:9f:f4:83:ef:14:bd:56:d4:e2:a3:79:4b:53:
e9:b9:cc:e0:b9:a7:85:44:cc:c1:b7:f2:24:d6:3a:
f6:60:94:5a:d6:f3:a7:3e:d8:d8:f2:0b:87:33:8d:
5e:76:0f:cc:91:89:e6:41:e3:ba:d2:53:08:7f:47:
e2:31:ec:3b:38:aa:e8:d2:ed:b8:98:90:4a:dd:c7:
e9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7D:8E:F9:B8:7C:BD:1A:73:0A:18:C3:5D:7D:14:E7:09:3C:14:21
X509v3 Authority Key Identifier:
keyid:9B:51:82:AA:96:6A:F4:B9:B3:CC:3C:E3:EC:ED:53:FC:EB:0E:91:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1GCqpZq9LmzzDzj7O1T_OsOkV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1dced4-c45c-4515-a8ad-eb89c5c4d384/1/uH2O-bh8vRpzChjDXX0U5wk8FCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1dced4-c45c-4515-a8ad-eb89c5c4d384/1/m1GCqpZq9LmzzDzj7O1T_OsOkV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.177.0/24
Signature Algorithm: sha256WithRSAEncryption
73:b6:b8:00:7f:1c:72:36:fb:96:05:38:0f:c0:7d:d2:6a:9e:
19:e2:ed:4f:fd:72:18:ef:c9:4d:5f:9e:2a:94:17:0f:ad:3f:
df:d8:8d:5e:ed:87:ad:6b:bc:2f:e2:ea:74:e7:eb:0d:5d:89:
0c:dc:1a:6c:80:9d:06:06:31:ca:2c:5e:b1:b6:2f:6b:c1:d5:
26:3a:d6:54:61:bb:2d:07:0d:51:f1:ec:c9:02:35:94:3f:d9:
fc:a9:15:f1:d0:5c:4f:10:ec:14:db:73:f6:be:2c:b0:05:e0:
e8:36:26:fa:18:c5:25:23:05:0b:80:26:92:07:90:ff:c4:4c:
13:34:40:eb:bc:b4:12:01:e8:10:a1:90:d3:f0:1a:f2:5a:f2:
76:d3:7b:2e:dd:49:04:48:ed:c0:93:01:6b:cd:a1:09:95:1b:
90:e0:b4:e9:dc:26:5f:2c:04:55:30:4c:88:91:08:c8:bb:80:
11:e5:1a:05:56:ef:11:ec:0d:0a:cb:52:d4:b0:33:18:b9:e6:
af:0e:19:54:1c:dc:d5:0c:82:3f:3f:00:17:4d:2b:0f:d4:d5:
22:f4:68:ec:1d:cf:95:30:0c:bc:83:50:88:68:fd:8f:2c:74:
a3:a0:ac:e3:86:b1:c9:84:ef:09:a7:5f:ac:c6:b9:28:f2:48:
34:68:e3:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuKmO+OyqXhyBUDU3tjcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTE4MmFhOTY2YWY0YjliM2NjM2NlM2VjZWQ1M2ZjZWIw
ZTkxNWYwHhcNMjQwMTAxMjAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdkOGVmOWI4N2NiZDFhNzMwYTE4YzM1ZDdkMTRlNzA5M2MxNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbxHz+SheP5r1VTSRJi7wiFbLnQ2
AK4XYFv8VHUUfZy35KeVWT6KoMA8omLvIyBBTs1m96A/fCxcio1iQn+IAvU/3sC8
yi78jlQ0llLfT4ho/iW0uAMyGRmt9/7DwATbG5aR3e35zTCcQ2P766cgI8yOpPlm
kKWsMH/QqOsgyIQBAR9RdrRUGl5UyEISf8Q6KJOVDeBIzzqm22JsveGYK5AMm/ym
JC0hjQDUwFY3/8r8hL4hKp/0g+8UvVbU4qN5S1PpuczguaeFRMzBt/Ik1jr2YJRa
1vOnPtjY8guHM41edg/MkYnmQeO60lMIf0fiMew7OKro0u24mJBK3cfpdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLh9jvm4fL0acwoYw119FOcJPBQhMB8GA1UdIwQY
MBaAFJtRgqqWavS5s8w84+ztU/zrDpFfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFHQ3FwWnE5TG16ekR6ajdPMVRfT3NPa1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xZGNlZDQtYzQ1Yy00NTE1LWE4YWQt
ZWI4OWM1YzRkMzg0LzEvdUgyTy1iaDh2UnB6Q2hqRFhYMFU1d2s4RkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xZGNlZDQtYzQ1Yy00NTE1LWE4YWQtZWI4OWM1YzRkMzg0
LzEvbTFHQ3FwWnE5TG16ekR6ajdPMVRfT3NPa1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+qxMA0G
CSqGSIb3DQEBCwUAA4IBAQBztrgAfxxyNvuWBTgPwH3Sap4Z4u1P/XIY78lNX54q
lBcPrT/f2I1e7Yeta7wv4up05+sNXYkM3BpsgJ0GBjHKLF6xti9rwdUmOtZUYbst
Bw1R8ezJAjWUP9n8qRXx0FxPEOwU23P2viywBeDoNib6GMUlIwULgCaSB5D/xEwT
NEDrvLQSAegQoZDT8BryWvJ203su3UkESO3AkwFrzaEJlRuQ4LTp3CZfLARVMEyI
kQjIu4AR5RoFVu8R7A0Ky1LUsDMYueavDhlUHNzVDII/PwAXTSsP1NUi9GjsHc+V
MAy8g1CIaP2PLHSjoKzjhrHJhO8Jp1+sxrko8kg0aOMo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:04 2025 by rpki-client