Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/625ed5-7e74-4427-9bdf-dd1d249017aa/1/ulpVz6oz9XYNKND7r8cyUHxYbf8.roa
File: ulpVz6oz9XYNKND7r8cyUHxYbf8.roa (raw, json)
Hash identifier: gFOodfsqdoFiAv0lVY3HgqujFbAqe9mhjL0SdVU2xyc=
Subject key identifier: BA:5A:55:CF:AA:33:F5:76:0D:28:D0:FB:AF:C7:32:50:7C:58:6D:FF
Certificate issuer: /CN=59acb4022765898be4f06050cd3a2f9291d83367
Certificate serial: 019425FDDABACA9AB71FB1746811CBE02571
Authority key identifier: 59:AC:B4:02:27:65:89:8B:E4:F0:60:50:CD:3A:2F:92:91:D8:33:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Way0AidliYvk8GBQzTovkpHYM2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/625ed5-7e74-4427-9bdf-dd1d249017aa/1/ulpVz6oz9XYNKND7r8cyUHxYbf8.roa
Signing time: Thu 02 Jan 2025 07:49:41 +0000
ROA not before: Thu 02 Jan 2025 07:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6798
IP address blocks: 193.105.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:da:ba:ca:9a:b7:1f:b1:74:68:11:cb:e0:25:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59acb4022765898be4f06050cd3a2f9291d83367
Validity
Not Before: Jan 2 07:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba5a55cfaa33f5760d28d0fbafc732507c586dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f4:0d:4f:83:0f:11:8c:a0:30:f9:2b:7d:fc:
68:41:de:1b:4a:eb:92:72:9c:a6:c0:30:cc:b3:aa:
22:57:8c:be:e5:c9:ed:e3:c1:bd:4b:3c:e6:88:f2:
f1:4e:3e:27:8f:1f:c8:3a:ae:92:a8:00:68:b5:82:
50:b4:c1:91:da:e9:b2:fe:85:01:fb:3f:82:b8:a8:
c5:2a:77:d5:1e:9d:cf:f3:d9:20:dc:80:53:2a:e5:
ad:a5:e7:82:e2:ac:73:02:e6:a8:ec:a5:df:c2:d2:
73:d6:db:d7:f1:59:e2:b4:5c:b9:2e:d0:d2:d1:85:
45:74:e0:80:ba:8b:33:5d:94:ed:61:f4:a7:a2:34:
00:f8:37:46:9f:59:46:2c:33:6b:14:cc:cf:db:b3:
7c:16:5b:81:9f:05:c2:38:51:a4:91:c2:a5:7a:63:
28:f3:b9:a5:27:35:11:e6:d2:93:9a:ac:fe:a4:2e:
29:fd:a2:7f:56:1e:35:91:76:3b:10:19:6b:3c:a1:
ca:b4:83:36:74:7f:10:a5:ea:9d:3d:c8:f0:44:2c:
80:fb:25:65:1e:50:d4:71:d3:86:e5:c3:10:b9:3e:
71:da:44:9c:3a:63:97:e7:10:47:0b:b4:fb:2b:c5:
ed:08:fb:e8:ac:91:e5:2d:6b:0f:69:d4:e5:86:dd:
30:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5A:55:CF:AA:33:F5:76:0D:28:D0:FB:AF:C7:32:50:7C:58:6D:FF
X509v3 Authority Key Identifier:
keyid:59:AC:B4:02:27:65:89:8B:E4:F0:60:50:CD:3A:2F:92:91:D8:33:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Way0AidliYvk8GBQzTovkpHYM2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/625ed5-7e74-4427-9bdf-dd1d249017aa/1/ulpVz6oz9XYNKND7r8cyUHxYbf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/625ed5-7e74-4427-9bdf-dd1d249017aa/1/Way0AidliYvk8GBQzTovkpHYM2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.153.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b8:e6:7f:bc:29:2c:34:26:47:3a:1f:24:d8:63:f2:6d:9d:
40:40:77:be:c4:c3:ac:93:da:18:12:5a:b3:95:f3:c0:b9:d0:
ab:42:86:7c:d0:05:8c:2b:31:b2:ca:f6:43:6d:7a:6b:f3:42:
8a:fd:d9:92:88:33:56:7c:f4:f2:c6:44:e9:78:c5:30:16:09:
94:42:13:14:55:d2:b8:34:77:a1:5a:35:41:6d:f4:1c:0a:2b:
35:cf:73:be:e5:57:61:a9:42:de:c3:6f:8f:95:db:29:f0:5d:
c8:33:00:6f:01:49:cd:01:40:dd:da:81:97:da:68:9b:e7:30:
40:46:f9:f6:c1:91:af:00:9c:f0:3b:25:87:35:ff:a1:03:c0:
f6:fb:77:73:57:8b:bd:81:d3:e4:23:e1:77:ee:13:3f:dc:15:
d1:f7:20:ac:24:7b:fe:64:8c:85:fe:f8:93:2b:ac:c1:ce:64:
d3:e0:bd:c8:ed:ee:82:4a:17:53:ce:55:cb:63:e4:ed:f2:0f:
2f:e1:64:1a:7c:b6:1b:1f:9a:d5:54:21:13:5e:f2:98:b9:f7:
09:da:ed:4c:9c:62:41:02:17:8f:05:5f:e1:5a:23:ae:b2:8e:
e1:fe:24:09:86:bc:c4:ac:eb:31:82:ef:81:45:30:31:d3:2a:
88:b1:15:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/dq6ypq3H7F0aBHL4CVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YWNiNDAyMjc2NTg5OGJlNGYwNjA1MGNkM2EyZjkyOTFk
ODMzNjcwHhcNMjUwMTAyMDc0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVhNTVjZmFhMzNmNTc2MGQyOGQwZmJhZmM3MzI1MDdjNTg2ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/QNT4MPEYygMPkrffxoQd4bSuuS
cpymwDDMs6oiV4y+5cnt48G9SzzmiPLxTj4njx/IOq6SqABotYJQtMGR2umy/oUB
+z+CuKjFKnfVHp3P89kg3IBTKuWtpeeC4qxzAuao7KXfwtJz1tvX8VnitFy5LtDS
0YVFdOCAuoszXZTtYfSnojQA+DdGn1lGLDNrFMzP27N8FluBnwXCOFGkkcKlemMo
87mlJzUR5tKTmqz+pC4p/aJ/Vh41kXY7EBlrPKHKtIM2dH8QpeqdPcjwRCyA+yVl
HlDUcdOG5cMQuT5x2kScOmOX5xBHC7T7K8XtCPvorJHlLWsPadTlht0wOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpaVc+qM/V2DSjQ+6/HMlB8WG3/MB8GA1UdIwQY
MBaAFFmstAInZYmL5PBgUM06L5KR2DNnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2F5MEFpZGxpWXZrOEdCUXpUb3ZrcEhZTTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MjVlZDUtN2U3NC00NDI3LTliZGYt
ZGQxZDI0OTAxN2FhLzEvdWxwVno2b3o5WFlOS05EN3I4Y3lVSHhZYmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MjVlZDUtN2U3NC00NDI3LTliZGYtZGQxZDI0OTAxN2Fh
LzEvV2F5MEFpZGxpWXZrOEdCUXpUb3ZrcEhZTTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWmZMA0G
CSqGSIb3DQEBCwUAA4IBAQBUuOZ/vCksNCZHOh8k2GPybZ1AQHe+xMOsk9oYElqz
lfPAudCrQoZ80AWMKzGyyvZDbXpr80KK/dmSiDNWfPTyxkTpeMUwFgmUQhMUVdK4
NHehWjVBbfQcCis1z3O+5VdhqULew2+Pldsp8F3IMwBvAUnNAUDd2oGX2mib5zBA
Rvn2wZGvAJzwOyWHNf+hA8D2+3dzV4u9gdPkI+F37hM/3BXR9yCsJHv+ZIyF/viT
K6zBzmTT4L3I7e6CShdTzlXLY+Tt8g8v4WQafLYbH5rVVCETXvKYufcJ2u1MnGJB
AhePBV/hWiOuso7h/iQJhrzErOsxgu+BRTAx0yqIsRUt
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:21:48 2025 by rpki-client