Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/a905e9-f93b-4d60-8108-810b9f5cc415/1/u4XkgPABKlmzAjFlFb35_bSOoZM.roa
File: u4XkgPABKlmzAjFlFb35_bSOoZM.roa (raw, json)
Hash identifier: 5OhzujGDvwa+oBk89U1CXUeSGEyZAhhsIH31ZmjrM8I=
Subject key identifier: BB:85:E4:80:F0:01:2A:59:B3:02:31:65:15:BD:F9:FD:B4:8E:A1:93
Certificate issuer: /CN=4b5d45a2abb960d2bce758ece733b126dca7e71b
Certificate serial: 01942068684A9E6A89AEC6AA5E815330A49E
Authority key identifier: 4B:5D:45:A2:AB:B9:60:D2:BC:E7:58:EC:E7:33:B1:26:DC:A7:E7:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S11Foqu5YNK851js5zOxJtyn5xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/a905e9-f93b-4d60-8108-810b9f5cc415/1/u4XkgPABKlmzAjFlFb35_bSOoZM.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50405
IP address blocks: 193.8.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:68:4a:9e:6a:89:ae:c6:aa:5e:81:53:30:a4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b5d45a2abb960d2bce758ece733b126dca7e71b
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb85e480f0012a59b302316515bdf9fdb48ea193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:c6:4c:dd:a6:52:6f:7c:eb:23:72:4d:03:
11:cc:56:96:3a:31:3a:fd:9d:85:d7:33:91:4d:b0:
4a:80:ed:82:a8:b5:8a:c4:7f:da:5c:48:47:b8:ec:
b1:f3:5f:83:6f:61:f1:2a:68:bc:1e:a1:c4:1b:97:
07:89:1f:f0:56:a3:cf:0c:85:17:23:41:90:42:09:
9e:85:db:a1:0d:24:b1:76:c6:3a:cc:97:64:a3:ef:
31:4a:1c:3f:65:7c:26:e8:6a:48:de:5e:2c:d0:ad:
ab:e6:c0:64:85:69:31:ba:b6:69:3e:41:47:ea:70:
b7:24:41:e6:b1:c5:81:83:dd:88:d2:55:fd:13:1b:
4b:b5:47:05:f3:16:fb:e0:5b:72:d2:5a:84:25:dc:
e4:ed:cc:f6:2e:ac:51:cd:d8:f1:6a:48:1b:3e:11:
82:50:91:7b:28:3d:a8:1c:80:42:45:c0:ec:84:4a:
4f:07:f1:6b:ae:50:a2:f7:2a:9c:c6:bb:0a:b9:16:
19:4b:4f:c0:2e:1c:f8:78:16:a6:62:80:fd:f7:f2:
88:f5:9d:15:e1:d2:74:05:91:fb:8a:2d:95:60:49:
ec:0d:51:8d:b7:61:f6:75:16:d0:01:1d:1f:f3:dd:
26:27:43:d8:af:50:5b:16:58:c4:95:a4:29:a6:3d:
f1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:85:E4:80:F0:01:2A:59:B3:02:31:65:15:BD:F9:FD:B4:8E:A1:93
X509v3 Authority Key Identifier:
keyid:4B:5D:45:A2:AB:B9:60:D2:BC:E7:58:EC:E7:33:B1:26:DC:A7:E7:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S11Foqu5YNK851js5zOxJtyn5xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/a905e9-f93b-4d60-8108-810b9f5cc415/1/u4XkgPABKlmzAjFlFb35_bSOoZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/a905e9-f93b-4d60-8108-810b9f5cc415/1/S11Foqu5YNK851js5zOxJtyn5xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.252.0/24
Signature Algorithm: sha256WithRSAEncryption
02:3c:82:d6:8e:58:a7:3c:dd:87:f1:8b:6c:4d:06:58:95:19:
09:8e:40:4f:8a:45:b8:93:31:e4:f4:11:ce:2d:8c:88:7e:32:
94:52:6f:58:94:00:34:a2:70:8e:a5:51:b6:69:52:e4:fb:f2:
21:09:37:8d:b4:3e:11:cc:1a:36:b6:50:03:47:28:a7:33:b2:
75:92:21:4d:49:f5:1a:f9:b3:67:df:94:2b:f7:96:77:f1:56:
4e:38:08:3d:11:78:69:0a:7f:3d:47:4d:7d:c5:49:a9:5f:51:
81:dc:df:bb:64:55:1f:b8:c7:0d:d3:f3:d8:28:f0:69:67:b0:
96:1f:96:67:22:3b:5b:2c:98:ec:f3:e3:14:c2:01:c9:89:40:
b6:1a:45:ac:a4:74:15:7e:0e:68:d4:af:4f:41:25:fc:d3:2b:
43:3e:17:6c:7a:00:0d:b7:ea:25:d2:36:4e:01:aa:d7:20:9c:
82:3c:90:08:53:8e:74:d7:30:df:c5:72:76:bf:64:1a:b1:03:
98:80:4d:36:56:68:bf:63:b1:2a:18:28:26:a1:96:cb:2b:75:
f8:61:7a:27:8d:4b:70:be:dd:74:6c:7f:3e:0b:0f:8f:18:c2:
29:55:b8:9a:82:2c:b8:fa:5a:75:da:11:31:81:f7:74:93:63:
8e:ae:45:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGhKnmqJrsaqXoFTMKSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNWQ0NWEyYWJiOTYwZDJiY2U3NThlY2U3MzNiMTI2ZGNh
N2U3MWIwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjg1ZTQ4MGYwMDEyYTU5YjMwMjMxNjUxNWJkZjlmZGI0OGVhMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUDGTN2mUm986yNyTQMRzFaWOjE6
/Z2F1zORTbBKgO2CqLWKxH/aXEhHuOyx81+Db2HxKmi8HqHEG5cHiR/wVqPPDIUX
I0GQQgmehduhDSSxdsY6zJdko+8xShw/ZXwm6GpI3l4s0K2r5sBkhWkxurZpPkFH
6nC3JEHmscWBg92I0lX9ExtLtUcF8xb74Fty0lqEJdzk7cz2LqxRzdjxakgbPhGC
UJF7KD2oHIBCRcDshEpPB/FrrlCi9yqcxrsKuRYZS0/ALhz4eBamYoD99/KI9Z0V
4dJ0BZH7ii2VYEnsDVGNt2H2dRbQAR0f890mJ0PYr1BbFljElaQppj3x6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuF5IDwASpZswIxZRW9+f20jqGTMB8GA1UdIwQY
MBaAFEtdRaKruWDSvOdY7OczsSbcp+cbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzExRm9xdTVZTks4NTFqczV6T3hKdHluNXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9hOTA1ZTktZjkzYi00ZDYwLTgxMDgt
ODEwYjlmNWNjNDE1LzEvdTRYa2dQQUJLbG16QWpGbEZiMzVfYlNPb1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9hOTA1ZTktZjkzYi00ZDYwLTgxMDgtODEwYjlmNWNjNDE1
LzEvUzExRm9xdTVZTks4NTFqczV6T3hKdHluNXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQj8MA0G
CSqGSIb3DQEBCwUAA4IBAQACPILWjlinPN2H8YtsTQZYlRkJjkBPikW4kzHk9BHO
LYyIfjKUUm9YlAA0onCOpVG2aVLk+/IhCTeNtD4RzBo2tlADRyinM7J1kiFNSfUa
+bNn35Qr95Z38VZOOAg9EXhpCn89R019xUmpX1GB3N+7ZFUfuMcN0/PYKPBpZ7CW
H5ZnIjtbLJjs8+MUwgHJiUC2GkWspHQVfg5o1K9PQSX80ytDPhdsegANt+ol0jZO
AarXIJyCPJAIU4501zDfxXJ2v2QasQOYgE02Vmi/Y7EqGCgmoZbLK3X4YXonjUtw
vt10bH8+Cw+PGMIpVbiagiy4+lp12hExgfd0k2OOrkW6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:49 2025 by rpki-client on console.sobornost.net