Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/UMf4KbahVEx8sqhbE5i5BsC3FsA.roa
File: UMf4KbahVEx8sqhbE5i5BsC3FsA.roa (raw, json)
Hash identifier: tXmMZLhWuik4iB1zgaI4TBIGH/BwZuH+iewbZQIYmmk=
Subject key identifier: 50:C7:F8:29:B6:A1:54:4C:7C:B2:A8:5B:13:98:B9:06:C0:B7:16:C0
Certificate issuer: /CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Certificate serial: 019420685C1FC295BE0804DDBB1C8F705856
Authority key identifier: F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/UMf4KbahVEx8sqhbE5i5BsC3FsA.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212933
IP address blocks: 193.200.233.0/24 maxlen: 24
2a0f:c1c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5c:1f:c2:95:be:08:04:dd:bb:1c:8f:70:58:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8035ec9de2570c1e7a7db40e272e45548c9202b
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50c7f829b6a1544c7cb2a85b1398b906c0b716c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:08:ad:fd:cd:2f:ff:68:dd:a9:fb:83:8f:a2:
6b:17:25:67:e2:d6:ee:4e:a3:ea:a6:7e:8b:27:06:
a7:e7:ab:f5:6d:64:b1:ae:4f:0a:5d:ca:ee:80:69:
84:3e:b3:05:58:26:09:1d:2a:86:12:3b:53:64:81:
50:38:a0:00:ba:bd:7c:37:12:6b:c7:c5:f6:a7:7d:
e5:36:2f:bc:cf:02:1e:89:81:17:1c:ea:23:26:23:
38:c3:89:30:61:1e:41:d3:dc:40:ba:0d:64:e6:d6:
f9:2a:6f:17:c6:d9:0d:0c:46:38:cf:5a:93:fa:b7:
67:6e:0f:a9:5d:46:eb:cc:ac:5f:d0:ac:49:e0:a1:
b4:9c:23:45:8f:ce:1b:f3:dd:21:98:d0:7c:3a:47:
56:99:ac:ff:91:cb:88:a7:a5:c7:86:5f:dd:29:57:
24:dc:b8:f4:10:84:07:3a:c9:c4:4e:ad:e2:f0:6f:
41:1a:96:58:ad:82:03:5b:43:aa:3b:53:41:7d:79:
82:e4:0a:bb:f4:78:9a:26:84:93:28:e9:8f:56:ab:
7b:07:0c:ff:10:aa:59:5d:d4:44:58:0d:2b:9c:da:
d1:60:94:4e:a6:77:10:26:0c:a3:9d:56:f0:83:a2:
66:6c:1e:31:c6:52:f4:7d:72:9c:57:d2:50:49:1d:
ef:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C7:F8:29:B6:A1:54:4C:7C:B2:A8:5B:13:98:B9:06:C0:B7:16:C0
X509v3 Authority Key Identifier:
keyid:F8:03:5E:C9:DE:25:70:C1:E7:A7:DB:40:E2:72:E4:55:48:C9:20:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ANeyd4lcMHnp9tA4nLkVUjJICs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/UMf4KbahVEx8sqhbE5i5BsC3FsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/101126-1d32-42a6-87fe-9223846ff30b/1/1-ANeyd4lcMHnp9tA4nLkVUjJICs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.233.0/24
IPv6:
2a0f:c1c0::/32
Signature Algorithm: sha256WithRSAEncryption
31:f1:9e:07:fb:5d:e9:75:59:6f:fe:62:ef:d0:12:80:60:b6:
bb:a2:81:90:d6:52:76:e5:16:e5:46:f8:35:d6:2d:ee:39:81:
21:e5:7c:e2:db:5a:66:e5:11:36:2f:dc:e3:f9:5d:a6:6d:68:
f9:22:a7:41:a5:7d:2d:3a:9e:05:6f:98:25:7d:75:56:f6:ca:
8f:61:f1:f8:c5:dc:bc:7c:0f:85:f2:84:bb:b6:7e:80:24:76:
d7:17:30:54:26:73:97:0b:8b:63:31:58:e4:cf:be:1b:36:77:
12:13:3c:af:da:df:2a:8e:d1:41:a8:1e:f0:15:b6:22:74:56:
b5:eb:03:c2:03:54:3d:bb:fc:98:b6:d4:69:3d:d6:cb:28:ed:
ed:ec:bc:44:cc:69:68:4d:16:50:bc:5a:8c:85:e1:9e:ac:cf:
47:ff:60:fb:2d:97:97:66:9b:9d:b1:90:05:d0:95:4b:ce:bd:
c5:bb:ed:5b:1f:ec:f5:6f:ac:7a:17:42:a9:02:9e:51:fe:09:
a9:f9:ba:49:8d:1d:4e:27:84:0c:1b:10:b5:1a:4f:ed:af:68:
66:e3:a0:db:44:d6:5b:37:a2:3a:50:3d:35:32:2e:f8:d6:81:
7d:ad:c7:82:4b:1a:1d:14:48:b6:a7:ef:52:32:4d:62:6f:df:
cb:ae:5c:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgaFwfwpW+CATduxyPcFhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MDM1ZWM5ZGUyNTcwYzFlN2E3ZGI0MGUyNzJlNDU1NDhj
OTIwMmIwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM3ZjgyOWI2YTE1NDRjN2NiMmE4NWIxMzk4YjkwNmMwYjcxNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ait/c0v/2jdqfuDj6JrFyVn4tbu
TqPqpn6LJwan56v1bWSxrk8KXcrugGmEPrMFWCYJHSqGEjtTZIFQOKAAur18NxJr
x8X2p33lNi+8zwIeiYEXHOojJiM4w4kwYR5B09xAug1k5tb5Km8XxtkNDEY4z1qT
+rdnbg+pXUbrzKxf0KxJ4KG0nCNFj84b890hmNB8OkdWmaz/kcuIp6XHhl/dKVck
3Lj0EIQHOsnETq3i8G9BGpZYrYIDW0OqO1NBfXmC5Aq79HiaJoSTKOmPVqt7Bwz/
EKpZXdREWA0rnNrRYJROpncQJgyjnVbwg6JmbB4xxlL0fXKcV9JQSR3vcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFDH+Cm2oVRMfLKoWxOYuQbAtxbAMB8GA1UdIwQY
MBaAFPgDXsneJXDB56fbQOJy5FVIySArMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BTmV5ZDRsY01IbnA5dEE0bkxrVlVqSklDcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2Zl
LTkyMjM4NDZmZjMwYi8xL1VNZjRLYmFoVkV4OHNxaGJFNWk1QnNDM0ZzQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvMTAxMTI2LTFkMzItNDJhNi04N2ZlLTkyMjM4NDZmZjMw
Yi8xLzEtQU5leWQ0bGNNSG5wOXRBNG5Ma1ZVakpJQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADByOkw
DQQCAAIwBwMFACoPwcAwDQYJKoZIhvcNAQELBQADggEBADHxngf7Xel1WW/+Yu/Q
EoBgtruigZDWUnblFuVG+DXWLe45gSHlfOLbWmblETYv3OP5XaZtaPkip0GlfS06
ngVvmCV9dVb2yo9h8fjF3Lx8D4XyhLu2foAkdtcXMFQmc5cLi2MxWOTPvhs2dxIT
PK/a3yqO0UGoHvAVtiJ0VrXrA8IDVD27/Ji21Gk91sso7e3svETMaWhNFlC8WoyF
4Z6sz0f/YPstl5dmm52xkAXQlUvOvcW77Vsf7PVvrHoXQqkCnlH+Can5ukmNHU4n
hAwbELUaT+2vaGbjoNtE1ls3ojpQPTUyLvjWgX2tx4JLGh0USLan71IyTWJv38uu
XFU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:48:43 2025 by rpki-client