Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/yVOuH9GnWiOJ4T0Bjcul16G_CUI.roa
File: yVOuH9GnWiOJ4T0Bjcul16G_CUI.roa (raw, json)
Hash identifier: cYY3QuLeMs+0RKKYLhzyVIgFcgFYuNr0hEZcjUsKwaU=
Subject key identifier: C9:53:AE:1F:D1:A7:5A:23:89:E1:3D:01:8D:CB:A5:D7:A1:BF:09:42
Certificate issuer: /CN=d4d86e7d073a9e4d69ec715c3623176805894d5a
Certificate serial: 019420D5BDDF0E24027BE9AFB507DA25A186
Authority key identifier: D4:D8:6E:7D:07:3A:9E:4D:69:EC:71:5C:36:23:17:68:05:89:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NhufQc6nk1p7HFcNiMXaAWJTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/yVOuH9GnWiOJ4T0Bjcul16G_CUI.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62350
IP address blocks: 91.240.236.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bd:df:0e:24:02:7b:e9:af:b5:07:da:25:a1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d86e7d073a9e4d69ec715c3623176805894d5a
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c953ae1fd1a75a2389e13d018dcba5d7a1bf0942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:9f:f9:bf:03:d3:b4:28:5e:e2:05:74:56:
be:dd:1c:32:10:3e:81:d5:21:0e:63:50:d0:d9:74:
f1:e3:c5:96:03:71:90:d6:3c:07:fe:23:46:1c:ca:
9a:74:a1:93:73:5f:0d:42:4e:f7:51:25:52:a7:5e:
5b:59:10:98:bb:93:a7:82:25:f0:20:02:6a:b2:d6:
12:37:f7:0b:6b:33:39:85:45:e9:40:f0:62:89:39:
70:fb:2e:61:be:64:cf:59:a6:26:de:ff:87:4e:6a:
32:f3:5a:96:af:48:55:02:bb:af:53:0f:03:61:b2:
ed:6d:92:19:4c:c9:2b:21:f2:59:ad:86:7b:86:9e:
2d:02:37:54:eb:ed:b2:9f:fb:24:09:d5:8b:72:52:
01:48:7a:5c:d9:cd:17:1a:d3:25:96:00:77:f3:6f:
03:59:17:1a:45:82:fe:13:a9:31:f1:87:30:1d:9c:
17:a3:5b:a8:62:8c:04:ea:25:11:42:87:7e:54:6d:
e7:28:3b:db:d2:4d:5d:24:d8:c9:83:3f:42:86:5a:
22:80:39:c2:cf:f4:bc:36:45:81:d8:48:19:6d:8e:
0a:15:d0:51:1e:e7:fb:0f:fa:31:0f:ed:b8:3f:2b:
0f:25:da:d6:6d:62:01:0b:21:0c:e9:db:0d:7a:84:
a5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:53:AE:1F:D1:A7:5A:23:89:E1:3D:01:8D:CB:A5:D7:A1:BF:09:42
X509v3 Authority Key Identifier:
keyid:D4:D8:6E:7D:07:3A:9E:4D:69:EC:71:5C:36:23:17:68:05:89:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NhufQc6nk1p7HFcNiMXaAWJTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/yVOuH9GnWiOJ4T0Bjcul16G_CUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82d65a-45e2-4efb-b23c-955ad78bcb07/1/1NhufQc6nk1p7HFcNiMXaAWJTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.236.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:ff:5c:8a:4e:d3:bf:f4:d4:2a:7e:d7:27:d5:55:56:2f:ad:
38:f4:69:88:50:24:74:89:90:4f:cc:85:19:a9:3e:20:6f:ba:
3e:8a:38:08:88:05:0a:e5:f6:d9:00:52:97:28:d3:3e:45:68:
c0:88:cc:47:39:28:49:7b:af:14:95:e9:16:26:aa:27:e6:c0:
da:e0:33:af:16:26:70:73:2b:89:22:65:e2:95:63:30:a1:6b:
bc:db:da:ec:5b:d7:cd:b1:96:0b:b3:12:8b:eb:8d:52:cd:98:
9c:0d:6e:d2:c8:1f:f5:b1:0c:9f:9b:55:f4:8f:e7:18:85:8b:
b1:6b:d3:73:6b:e8:0c:ed:14:20:a8:05:b9:4e:1d:b8:fb:14:
8f:80:73:4e:15:2f:03:7f:e3:42:0a:21:8c:ee:84:20:a2:cf:
20:11:8a:34:1c:4d:6b:cd:66:7c:99:23:0c:67:c2:4f:ac:f1:
96:71:54:2c:05:e8:95:70:24:ca:80:a3:59:93:ce:e2:83:41:
81:05:1b:9e:88:e9:a5:6f:a7:e6:08:25:3c:82:5e:41:12:c9:
8e:5a:09:ec:9d:1a:dc:05:44:d5:a2:a3:65:d4:c2:ba:e7:44:
69:5a:bf:40:89:04:de:37:cf:05:23:66:6d:3e:01:98:12:9a:
4c:7f:aa:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1b3fDiQCe+mvtQfaJaGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDg2ZTdkMDczYTllNGQ2OWVjNzE1YzM2MjMxNzY4MDU4
OTRkNWEwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTUzYWUxZmQxYTc1YTIzODllMTNkMDE4ZGNiYTVkN2ExYmYwOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7ef+b8D07QoXuIFdFa+3RwyED6B
1SEOY1DQ2XTx48WWA3GQ1jwH/iNGHMqadKGTc18NQk73USVSp15bWRCYu5OngiXw
IAJqstYSN/cLazM5hUXpQPBiiTlw+y5hvmTPWaYm3v+HTmoy81qWr0hVAruvUw8D
YbLtbZIZTMkrIfJZrYZ7hp4tAjdU6+2yn/skCdWLclIBSHpc2c0XGtMllgB3828D
WRcaRYL+E6kx8YcwHZwXo1uoYowE6iURQod+VG3nKDvb0k1dJNjJgz9ChloigDnC
z/S8NkWB2EgZbY4KFdBRHuf7D/oxD+24PysPJdrWbWIBCyEM6dsNeoSlzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMlTrh/Rp1ojieE9AY3LpdehvwlCMB8GA1UdIwQY
MBaAFNTYbn0HOp5NaexxXDYjF2gFiU1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5odWZRYzZuazFwN0hGY05pTVhhQVdKVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84MmQ2NWEtNDVlMi00ZWZiLWIyM2Mt
OTU1YWQ3OGJjYjA3LzEveVZPdUg5R25XaU9KNFQwQmpjdWwxNkdfQ1VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84MmQ2NWEtNDVlMi00ZWZiLWIyM2MtOTU1YWQ3OGJjYjA3
LzEvMU5odWZRYzZuazFwN0hGY05pTVhhQVdKVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/DsMA0G
CSqGSIb3DQEBCwUAA4IBAQDC/1yKTtO/9NQqftcn1VVWL6049GmIUCR0iZBPzIUZ
qT4gb7o+ijgIiAUK5fbZAFKXKNM+RWjAiMxHOShJe68UlekWJqon5sDa4DOvFiZw
cyuJImXilWMwoWu829rsW9fNsZYLsxKL641SzZicDW7SyB/1sQyfm1X0j+cYhYux
a9Nza+gM7RQgqAW5Th24+xSPgHNOFS8Df+NCCiGM7oQgos8gEYo0HE1rzWZ8mSMM
Z8JPrPGWcVQsBeiVcCTKgKNZk87ig0GBBRueiOmlb6fmCCU8gl5BEsmOWgnsnRrc
BUTVoqNl1MK650RpWr9AiQTeN88FI2ZtPgGYEppMf6q9
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:34:00 2025 by rpki-client