Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/CKdtlmbcMOlr2vtk_UPRfP83SGM.roa
File: CKdtlmbcMOlr2vtk_UPRfP83SGM.roa (raw, json)
Hash identifier: /bnY2Q93i2PFfVvwV73PgI+Lcj7oI0ZV4c49t7wiFok=
Subject key identifier: 08:A7:6D:96:66:DC:30:E9:6B:DA:FB:64:FD:43:D1:7C:FF:37:48:63
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 38734EB9
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/CKdtlmbcMOlr2vtk_UPRfP83SGM.roa
Signing time: Sat 01 Jan 2022 03:56:46 +0000
ROA not before: Sat 01 Jan 2022 03:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203584
IP address blocks: 193.58.217.0/24 maxlen: 24
193.58.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947080889 (0x38734eb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 03:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08a76d9666dc30e96bdafb64fd43d17cff374863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:77:86:ad:70:79:c1:2c:c5:de:93:0d:1d:
68:a3:9b:a8:40:77:03:c8:9b:a7:63:1d:80:22:4c:
ba:65:8c:72:9b:e7:6e:96:07:77:db:9a:d7:7b:97:
38:ae:66:91:84:a3:62:9f:e9:a5:a7:bf:b0:2c:ca:
f2:02:96:2e:2c:d9:12:85:e2:7a:bb:0c:ca:b3:28:
7e:2d:f8:e7:cd:14:b1:4f:20:7d:1c:0c:a5:61:32:
09:7a:f5:13:d2:cf:ca:99:5b:b9:76:d2:6e:05:12:
f4:08:d5:2d:26:71:d1:f6:a6:55:d3:21:57:a3:db:
d4:9c:1b:c3:2a:59:3c:fc:42:ed:da:d2:4c:48:4a:
81:f4:18:99:2d:91:d7:e0:6f:2b:8b:22:6a:a7:5d:
80:9b:cf:94:3e:b1:6d:13:ef:da:98:2c:1b:4b:d3:
c3:35:c5:e9:77:66:aa:9a:db:49:f9:0e:36:10:68:
98:66:c6:86:c6:eb:e6:f3:55:bf:f3:30:83:f2:6a:
04:80:91:ae:c8:bd:c1:ae:04:ba:d4:e0:5f:ed:88:
b1:34:a3:aa:a7:ed:86:8b:52:3c:2b:39:4f:02:26:
70:8c:88:73:e7:26:c8:ad:2e:85:48:e3:f3:7a:bc:
78:e3:60:18:cd:01:aa:9e:11:7a:bf:38:31:56:9f:
a7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A7:6D:96:66:DC:30:E9:6B:DA:FB:64:FD:43:D1:7C:FF:37:48:63
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/CKdtlmbcMOlr2vtk_UPRfP83SGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.216.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:fb:7c:94:72:d1:c6:6e:cd:92:ff:a7:7c:13:99:51:c4:b7:
5c:67:7b:58:53:88:ed:2a:42:5d:ff:20:13:11:4e:db:d2:23:
87:b3:6d:5e:a6:3a:6d:70:9c:d5:eb:8f:ae:62:80:99:a8:18:
ae:46:4e:ef:4d:23:10:c4:f7:28:fe:bd:ed:98:60:ac:bc:67:
90:83:f3:23:4e:d6:ae:dc:fd:1f:e3:d4:fc:6d:d4:c8:c0:b6:
15:4a:73:b8:5e:ec:d6:f2:c0:41:2a:a3:da:9c:40:f9:cb:b5:
00:e7:8e:83:79:52:6f:27:55:a9:60:10:f0:21:98:7a:69:b7:
28:00:f5:5a:73:64:1e:0a:d7:15:3a:9e:c0:af:17:d6:54:27:
d0:80:4e:a9:d9:da:b7:92:b3:35:fc:18:31:6d:e8:f3:f4:4d:
13:cb:be:30:94:43:3f:52:dc:22:d2:39:01:8c:69:78:59:17:
05:25:99:1c:05:a4:50:da:df:1d:49:9a:93:5a:6a:c4:1e:20:
fe:9f:dd:61:bf:f5:6f:7a:05:7c:27:2c:de:5f:ee:ce:3a:18:
ba:3d:9d:76:cc:fb:ff:be:1f:5c:dd:f6:54:a5:30:94:10:c5:
3d:57:b2:32:10:22:85:47:5a:32:b3:e0:71:14:c4:68:17:da:
83:4b:1e:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOHNOuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzFkZDFhNTE0ZDNhN2UzZGZkYjhiZmI3NWQ3ZDI0ZWQ5OGQ0NzlmMB4XDTIyMDEw
MTAzNTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhhNzZkOTY2NmRj
MzBlOTZiZGFmYjY0ZmQ0M2QxN2NmZjM3NDg2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMlwd4atcHnBLMXekw0daKObqEB3A8ibp2MdgCJMumWMcpvn
bpYHd9ua13uXOK5mkYSjYp/ppae/sCzK8gKWLizZEoXiersMyrMofi34580UsU8g
fRwMpWEyCXr1E9LPyplbuXbSbgUS9AjVLSZx0famVdMhV6Pb1JwbwypZPPxC7drS
TEhKgfQYmS2R1+BvK4siaqddgJvPlD6xbRPv2pgsG0vTwzXF6XdmqprbSfkONhBo
mGbGhsbr5vNVv/Mwg/JqBICRrsi9wa4EutTgX+2IsTSjqqfthotSPCs5TwImcIyI
c+cmyK0uhUjj83q8eONgGM0Bqp4Rer84MVafp/sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIp22WZtww6Wva+2T9Q9F8/zdIYzAfBgNVHSMEGDAWgBTTHdGlFNOn49/b
i/t119JO2Y1HnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB4M1JwUlRUcC1QZjI0djdkZGZTVHRtTlI1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8x
L0NLZHRsbWJjTU9scjJ2dGtfVVBSZlA4M1NHTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
ZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8xLzB4M1JwUlRUcC1Q
ZjI0djdkZGZTVHRtTlI1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE62DANBgkqhkiG9w0BAQsFAAOC
AQEAtPt8lHLRxm7Nkv+nfBOZUcS3XGd7WFOI7SpCXf8gExFO29Ijh7NtXqY6bXCc
1euPrmKAmagYrkZO700jEMT3KP697ZhgrLxnkIPzI07Wrtz9H+PU/G3UyMC2FUpz
uF7s1vLAQSqj2pxA+cu1AOeOg3lSbydVqWAQ8CGYemm3KAD1WnNkHgrXFTqewK8X
1lQn0IBOqdnat5KzNfwYMW3o8/RNE8u+MJRDP1LcItI5AYxpeFkXBSWZHAWkUNrf
HUmak1pqxB4g/p/dYb/1b3oFfCcs3l/uzjoYuj2ddsz7/74fXN32VKUwlBDFPVey
MhAihUdaMrPgcRTEaBfag0seXw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:29:48 2025 by rpki-client