Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/1UHsPnht93cnjqacHzDZGozstlU.roa
File: 1UHsPnht93cnjqacHzDZGozstlU.roa (raw, json)
Hash identifier: sn6UImS2sxFUQqqQ+ntyQ/sKctqCKvWxNyVg5LKfCSk=
Subject key identifier: D5:41:EC:3E:78:6D:F7:77:27:8E:A6:9C:1F:30:D9:1A:8C:EC:B6:55
Certificate issuer: /CN=8a01ab6cd44a7a3ea4002c106a96c427b52c81d5
Certificate serial: 019421B1DCB7F6475BDD2BD3BDDBD1CFAE24
Authority key identifier: 8A:01:AB:6C:D4:4A:7A:3E:A4:00:2C:10:6A:96:C4:27:B5:2C:81:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igGrbNRKej6kACwQapbEJ7UsgdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/1UHsPnht93cnjqacHzDZGozstlU.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198429
IP address blocks: 185.29.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dc:b7:f6:47:5b:dd:2b:d3:bd:db:d1:cf:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a01ab6cd44a7a3ea4002c106a96c427b52c81d5
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d541ec3e786df777278ea69c1f30d91a8cecb655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ea:33:70:93:5d:fa:1b:a2:5f:d0:63:57:2e:
33:6b:ac:06:59:2f:17:3d:77:07:6e:6e:25:eb:c4:
c0:2e:7c:25:4d:8c:a4:50:c2:ea:44:07:45:aa:97:
81:6b:c1:62:70:76:7f:71:0c:0d:bf:df:48:49:08:
77:3e:45:f6:ee:57:25:85:77:06:47:34:9b:d6:ae:
44:c1:60:f3:76:82:1a:a1:9b:02:3f:8d:19:0b:20:
ec:68:b5:1a:81:c3:db:9a:e5:00:7f:34:0c:b3:56:
e6:c3:26:3d:c6:a9:91:ff:70:98:fb:33:46:d9:dc:
24:57:35:dd:7d:71:ef:84:2d:47:5e:b8:da:db:13:
b1:42:3b:be:8e:e1:a5:73:9f:74:59:f4:fb:4d:ae:
9d:27:ee:80:2d:21:33:d3:5c:7e:d9:f1:ac:8b:99:
6f:20:6d:93:3d:74:e5:01:31:c0:2d:53:96:e8:6c:
0a:ab:e4:0a:89:14:36:01:2d:7f:8d:25:b6:23:47:
51:35:7c:d5:c4:dd:dd:21:db:ef:e0:ce:b2:99:9c:
0f:8d:a1:1e:ab:4f:1d:e2:4f:c2:e1:e1:a0:7e:60:
59:78:d6:7b:3f:44:c3:74:d9:3a:9d:a6:7c:d3:cd:
88:b3:61:ee:7c:5c:c9:d4:11:7c:6b:49:71:2a:b2:
56:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:41:EC:3E:78:6D:F7:77:27:8E:A6:9C:1F:30:D9:1A:8C:EC:B6:55
X509v3 Authority Key Identifier:
keyid:8A:01:AB:6C:D4:4A:7A:3E:A4:00:2C:10:6A:96:C4:27:B5:2C:81:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igGrbNRKej6kACwQapbEJ7UsgdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/1UHsPnht93cnjqacHzDZGozstlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/5832f4-e4e2-498b-a06a-9febf8c3e33f/1/igGrbNRKej6kACwQapbEJ7UsgdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.254.0/24
Signature Algorithm: sha256WithRSAEncryption
f1:33:66:dd:40:d8:1b:a2:1f:0c:96:fa:8d:f1:6a:46:f0:37:
9d:13:5b:bc:c9:c1:05:2d:8b:b5:3c:45:26:bb:19:88:58:c2:
35:9a:4f:54:71:16:b7:03:36:29:ff:78:cf:e4:d7:48:01:41:
25:78:3a:96:fe:c3:8f:52:bc:bd:3c:d8:37:aa:ee:f0:b7:7d:
00:33:f6:9d:7b:fc:71:72:c1:21:2f:11:ee:87:93:f0:29:d9:
e0:b4:9d:e5:65:86:d9:8d:77:f1:b6:38:2c:a8:25:3f:49:47:
89:b9:d1:0a:70:e6:ed:f8:30:56:14:e9:3c:7d:dd:4c:9e:02:
d5:13:0b:f3:3d:aa:f5:6d:4c:21:c5:cb:fc:00:97:b5:f0:fc:
09:22:dd:07:dc:e7:3e:cb:84:ca:9f:da:18:33:04:62:c9:92:
9d:22:53:cb:67:91:09:a5:b0:46:19:4f:24:7c:d4:04:04:bb:
5d:11:d3:4c:fb:88:a0:6c:01:87:47:8c:62:76:63:12:d0:49:
ca:b2:5d:9b:e1:e3:1f:f1:c9:6a:bc:8b:fb:49:12:33:2e:76:
93:50:d5:3e:29:fd:b6:b0:dc:ba:ed:a0:fd:06:11:b5:df:a6:
c5:2b:a7:05:49:b6:c0:7f:aa:df:9b:43:91:da:36:80:15:2b:
b2:26:19:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdy39kdb3SvTvdvRz64kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMDFhYjZjZDQ0YTdhM2VhNDAwMmMxMDZhOTZjNDI3YjUy
YzgxZDUwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQxZWMzZTc4NmRmNzc3Mjc4ZWE2OWMxZjMwZDkxYThjZWNiNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+ozcJNd+huiX9BjVy4za6wGWS8X
PXcHbm4l68TALnwlTYykUMLqRAdFqpeBa8FicHZ/cQwNv99ISQh3PkX27lclhXcG
RzSb1q5EwWDzdoIaoZsCP40ZCyDsaLUagcPbmuUAfzQMs1bmwyY9xqmR/3CY+zNG
2dwkVzXdfXHvhC1HXrja2xOxQju+juGlc590WfT7Ta6dJ+6ALSEz01x+2fGsi5lv
IG2TPXTlATHALVOW6GwKq+QKiRQ2AS1/jSW2I0dRNXzVxN3dIdvv4M6ymZwPjaEe
q08d4k/C4eGgfmBZeNZ7P0TDdNk6naZ8082Is2HufFzJ1BF8a0lxKrJWAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVB7D54bfd3J46mnB8w2RqM7LZVMB8GA1UdIwQY
MBaAFIoBq2zUSno+pAAsEGqWxCe1LIHVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWdHcmJOUktlajZrQUN3UWFwYkVKN1VzZ2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81ODMyZjQtZTRlMi00OThiLWEwNmEt
OWZlYmY4YzNlMzNmLzEvMVVIc1BuaHQ5M2NuanFhY0h6RFpHb3pzdGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81ODMyZjQtZTRlMi00OThiLWEwNmEtOWZlYmY4YzNlMzNm
LzEvaWdHcmJOUktlajZrQUN3UWFwYkVKN1VzZ2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuR3+MA0G
CSqGSIb3DQEBCwUAA4IBAQDxM2bdQNgboh8MlvqN8WpG8DedE1u8ycEFLYu1PEUm
uxmIWMI1mk9UcRa3AzYp/3jP5NdIAUEleDqW/sOPUry9PNg3qu7wt30AM/ade/xx
csEhLxHuh5PwKdngtJ3lZYbZjXfxtjgsqCU/SUeJudEKcObt+DBWFOk8fd1MngLV
EwvzPar1bUwhxcv8AJe18PwJIt0H3Oc+y4TKn9oYMwRiyZKdIlPLZ5EJpbBGGU8k
fNQEBLtdEdNM+4igbAGHR4xidmMS0EnKsl2b4eMf8clqvIv7SRIzLnaTUNU+Kf22
sNy67aD9BhG136bFK6cFSbbAf6rfm0OR2jaAFSuyJhnd
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:26:54 2025 by rpki-client