Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/259879-7b1e-4544-8013-15e41c40aec9/1/UmpOhRez3moOZWrjBKIN45JkCE8.roa
File: UmpOhRez3moOZWrjBKIN45JkCE8.roa (raw, json)
Hash identifier: rPkye9amYErKpRGECf5NJc6OYwjs4QcPoervOMLXjak=
Subject key identifier: 52:6A:4E:85:17:B3:DE:6A:0E:65:6A:E3:04:A2:0D:E3:92:64:08:4F
Certificate issuer: /CN=f54e3b797f4ba37ebf7189a4c14f0520d7cf30d7
Certificate serial: 019425FCE7C7D2C08078E9E3295921703AC7
Authority key identifier: F5:4E:3B:79:7F:4B:A3:7E:BF:71:89:A4:C1:4F:05:20:D7:CF:30:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9U47eX9Lo36_cYmkwU8FINfPMNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/259879-7b1e-4544-8013-15e41c40aec9/1/UmpOhRez3moOZWrjBKIN45JkCE8.roa
Signing time: Thu 02 Jan 2025 07:48:38 +0000
ROA not before: Thu 02 Jan 2025 07:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58282
IP address blocks: 193.3.234.0/23 maxlen: 23
193.163.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e7:c7:d2:c0:80:78:e9:e3:29:59:21:70:3a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f54e3b797f4ba37ebf7189a4c14f0520d7cf30d7
Validity
Not Before: Jan 2 07:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=526a4e8517b3de6a0e656ae304a20de39264084f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:9a:4d:79:d6:11:f7:ba:40:95:1b:ad:81:
fd:82:33:9e:98:8a:ab:bf:29:67:c8:f4:4f:1d:76:
e0:c4:e7:ef:5e:fe:f9:a2:97:8f:ca:29:cb:01:29:
35:b3:63:31:09:fe:98:c6:c1:75:69:b5:6e:85:80:
1f:a6:a6:c9:68:64:e9:cf:45:91:08:54:e2:50:da:
81:28:25:bc:3e:62:8d:a7:67:20:bd:e3:70:fa:90:
c3:76:89:15:73:80:e7:e2:f5:0f:78:e5:7a:95:34:
b8:63:57:09:a7:45:ce:ae:02:3b:29:50:4c:87:ce:
22:64:24:c6:77:db:96:3b:2c:70:eb:df:91:26:d5:
d7:54:bc:0b:1f:ce:7e:c9:89:33:65:ee:e6:dd:fa:
c2:b2:3d:b4:24:a8:d7:a2:dc:fd:b8:5e:cd:32:a5:
87:45:41:c6:b4:62:aa:2f:9d:77:e0:be:95:81:81:
a0:ad:82:69:61:78:3f:18:4f:5a:9f:25:cb:b1:56:
aa:a5:fc:9f:77:ce:3c:19:fb:67:2e:4f:3b:96:7b:
14:94:59:46:52:c9:9a:d4:4a:90:bc:68:97:ed:77:
a2:f8:63:67:cb:1f:f3:01:7c:48:57:de:03:89:bb:
e4:2e:aa:c4:29:dd:93:73:8d:3c:15:9c:26:18:1c:
8c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6A:4E:85:17:B3:DE:6A:0E:65:6A:E3:04:A2:0D:E3:92:64:08:4F
X509v3 Authority Key Identifier:
keyid:F5:4E:3B:79:7F:4B:A3:7E:BF:71:89:A4:C1:4F:05:20:D7:CF:30:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9U47eX9Lo36_cYmkwU8FINfPMNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/259879-7b1e-4544-8013-15e41c40aec9/1/UmpOhRez3moOZWrjBKIN45JkCE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/259879-7b1e-4544-8013-15e41c40aec9/1/9U47eX9Lo36_cYmkwU8FINfPMNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.234.0/23
193.163.131.0/24
Signature Algorithm: sha256WithRSAEncryption
78:06:95:04:f5:9d:ff:27:d7:d7:85:a6:81:77:0e:39:30:00:
9d:6e:fa:39:64:4d:57:5c:05:46:22:77:2a:d1:9f:40:fa:8f:
9f:d4:95:5f:a9:e4:60:a8:fd:9f:fe:89:1c:b8:fb:99:a0:67:
4f:75:94:ca:21:f2:0a:02:8f:fe:3c:6e:85:d7:1d:b2:04:ff:
26:e5:4e:41:b9:bd:af:db:39:82:35:ab:99:56:b5:4e:3e:d5:
f6:5c:7e:87:a0:7c:53:f2:1a:e0:52:75:5a:46:14:36:94:0c:
0f:67:eb:d4:3f:6b:c3:36:e5:1d:6c:bb:1e:75:6b:73:cf:56:
8a:57:54:9b:8c:94:8a:f7:77:b8:9c:4a:95:10:4b:2c:5a:dd:
a7:98:97:69:f8:09:e7:8a:92:5b:ba:ca:c6:2d:a0:85:6f:97:
36:1b:1a:d2:3b:74:c9:33:b6:ec:6b:f8:75:4e:5a:5d:3e:6f:
ba:31:17:f2:1e:4c:51:a6:44:e3:e7:70:45:ac:0f:5a:1c:48:
26:19:e4:f4:5e:14:5e:dd:68:69:ab:4a:eb:77:19:7c:38:25:
ac:16:2b:fe:49:e6:96:91:30:0c:1d:ad:91:d6:c6:56:8d:72:
52:e3:d6:ca:7f:06:53:b6:32:ad:28:dd:d9:62:7c:eb:8f:36:
b8:5e:17:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/OfH0sCAeOnjKVkhcDrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NGUzYjc5N2Y0YmEzN2ViZjcxODlhNGMxNGYwNTIwZDdj
ZjMwZDcwHhcNMjUwMTAyMDc0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZhNGU4NTE3YjNkZTZhMGU2NTZhZTMwNGEyMGRlMzkyNjQwODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRGaTXnWEfe6QJUbrYH9gjOemIqr
vylnyPRPHXbgxOfvXv75opePyinLASk1s2MxCf6YxsF1abVuhYAfpqbJaGTpz0WR
CFTiUNqBKCW8PmKNp2cgveNw+pDDdokVc4Dn4vUPeOV6lTS4Y1cJp0XOrgI7KVBM
h84iZCTGd9uWOyxw69+RJtXXVLwLH85+yYkzZe7m3frCsj20JKjXotz9uF7NMqWH
RUHGtGKqL5134L6VgYGgrYJpYXg/GE9anyXLsVaqpfyfd848GftnLk87lnsUlFlG
Usma1EqQvGiX7Xei+GNnyx/zAXxIV94DibvkLqrEKd2Tc408FZwmGByMgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJqToUXs95qDmVq4wSiDeOSZAhPMB8GA1UdIwQY
MBaAFPVOO3l/S6N+v3GJpMFPBSDXzzDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVU0N2VYOUxvMzZfY1lta3dVOEZJTmZQTU5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8yNTk4NzktN2IxZS00NTQ0LTgwMTMt
MTVlNDFjNDBhZWM5LzEvVW1wT2hSZXozbW9PWldyakJLSU40NUprQ0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8yNTk4NzktN2IxZS00NTQ0LTgwMTMtMTVlNDFjNDBhZWM5
LzEvOVU0N2VYOUxvMzZfY1lta3dVOEZJTmZQTU5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwQPqAwQA
waODMA0GCSqGSIb3DQEBCwUAA4IBAQB4BpUE9Z3/J9fXhaaBdw45MACdbvo5ZE1X
XAVGIncq0Z9A+o+f1JVfqeRgqP2f/okcuPuZoGdPdZTKIfIKAo/+PG6F1x2yBP8m
5U5Bub2v2zmCNauZVrVOPtX2XH6HoHxT8hrgUnVaRhQ2lAwPZ+vUP2vDNuUdbLse
dWtzz1aKV1SbjJSK93e4nEqVEEssWt2nmJdp+AnnipJbusrGLaCFb5c2GxrSO3TJ
M7bsa/h1TlpdPm+6MRfyHkxRpkTj53BFrA9aHEgmGeT0XhRe3Whpq0rrdxl8OCWs
Fiv+SeaWkTAMHa2R1sZWjXJS49bKfwZTtjKtKN3ZYnzrjza4Xhcr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:00 2025 by rpki-client