Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/1b4f68-3f28-4ff2-8f92-2f89fca6728b/1/youkzedjOue4qcOZbYiih9hFFF8.roa
File: youkzedjOue4qcOZbYiih9hFFF8.roa (raw, json)
Hash identifier: Gss+TCWAClyBqPcyLlL3OcWcmPaGA+0Qq5knJj7Jl+w=
Subject key identifier: CA:8B:A4:CD:E7:63:3A:E7:B8:A9:C3:99:6D:88:A2:87:D8:45:14:5F
Certificate issuer: /CN=597fdc5df7c1d0478b4dfa32908d9ff95818ac78
Certificate serial: 0193E418F114EF3C387CF33C1606A2DE70C3
Authority key identifier: 59:7F:DC:5D:F7:C1:D0:47:8B:4D:FA:32:90:8D:9F:F9:58:18:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WX_cXffB0EeLTfoykI2f-VgYrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/1b4f68-3f28-4ff2-8f92-2f89fca6728b/1/youkzedjOue4qcOZbYiih9hFFF8.roa
Signing time: Fri 20 Dec 2024 12:44:19 +0000
ROA not before: Fri 20 Dec 2024 12:44:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.111.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:18:f1:14:ef:3c:38:7c:f3:3c:16:06:a2:de:70:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597fdc5df7c1d0478b4dfa32908d9ff95818ac78
Validity
Not Before: Dec 20 12:44:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca8ba4cde7633ae7b8a9c3996d88a287d845145f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:1c:fb:64:3b:8f:2d:f0:10:3f:ad:b7:60:
2d:84:b9:5a:db:ea:8d:68:bb:0f:7f:76:fc:57:57:
30:f0:73:8f:1d:58:c3:c5:5b:78:89:fe:f1:79:83:
f4:53:70:8b:66:37:c4:3e:d7:3d:ff:60:8e:96:42:
97:f6:5b:c6:43:5e:37:a7:4c:d2:db:26:6d:b3:2e:
08:f5:8f:60:4e:80:3f:be:b4:55:dd:9f:74:67:13:
05:81:64:40:08:0f:87:6d:ca:eb:48:44:df:1a:60:
c7:10:f2:4f:36:ae:85:bd:a9:fa:ff:64:96:8e:5f:
58:c5:12:98:14:c9:57:e3:3a:29:f7:58:c1:ae:fe:
df:f3:d9:96:bd:bc:82:4d:3c:91:56:55:0e:7c:84:
3d:96:a7:0d:98:91:de:f1:d9:e1:c7:f8:b8:e3:ea:
18:e5:f7:e7:37:eb:e4:fe:17:4f:96:87:27:30:a6:
81:2f:2b:de:b4:2d:5f:b9:65:a0:fc:07:aa:d3:d5:
72:c9:81:10:87:af:79:03:af:42:ce:c7:cd:20:27:
74:ce:4d:1a:5f:6b:1c:5a:37:2d:18:1b:53:0c:64:
3e:d4:c8:82:c1:36:b3:d0:ba:d5:4c:b4:9a:2f:8f:
ad:58:86:e1:4a:32:99:3d:ec:3e:44:27:08:32:12:
6c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8B:A4:CD:E7:63:3A:E7:B8:A9:C3:99:6D:88:A2:87:D8:45:14:5F
X509v3 Authority Key Identifier:
keyid:59:7F:DC:5D:F7:C1:D0:47:8B:4D:FA:32:90:8D:9F:F9:58:18:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WX_cXffB0EeLTfoykI2f-VgYrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/1b4f68-3f28-4ff2-8f92-2f89fca6728b/1/youkzedjOue4qcOZbYiih9hFFF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/1b4f68-3f28-4ff2-8f92-2f89fca6728b/1/WX_cXffB0EeLTfoykI2f-VgYrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.208.0/24
Signature Algorithm: sha256WithRSAEncryption
34:12:75:c9:39:b5:f7:35:81:b0:3b:8c:f5:82:b9:ec:77:05:
d5:73:c1:71:80:b0:89:e5:3a:29:46:3f:72:eb:fd:1d:23:fe:
2c:80:aa:b5:74:24:ba:fa:f7:d5:ff:ae:c9:8c:15:a6:63:36:
62:b9:0a:4a:1f:ba:b5:ef:2d:74:64:12:d4:91:7e:81:68:13:
b7:06:61:80:0d:35:c0:b8:11:1f:b6:03:90:62:6b:d6:77:14:
6e:c0:27:07:7c:8b:20:ee:eb:4e:30:7a:a7:b5:05:0b:a2:9f:
a2:6e:3e:87:e3:ee:6c:60:5d:4c:6e:6f:9e:c4:a4:9d:cb:e2:
b5:ef:0a:cd:ac:13:66:4e:f0:c2:01:c1:1e:12:43:ba:7c:cf:
0b:82:81:d0:1b:6a:fa:a2:b0:e8:ff:eb:c3:95:29:48:50:f1:
8e:70:b3:38:ad:38:71:f2:10:bb:28:a8:ed:c7:a3:b4:30:ae:
b4:a8:52:70:ba:27:32:3e:67:10:85:f3:23:1c:ce:68:bd:94:
d5:2d:58:7e:a7:ba:f9:7d:23:7c:8c:e6:81:40:42:e9:43:48:
73:a7:3d:06:0b:dc:5b:70:c9:1a:07:0e:88:e9:b9:85:12:34:
96:60:1c:aa:e7:c0:3b:90:c9:3f:55:56:2d:f6:2a:1c:1a:49:
ce:a2:54:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPkGPEU7zw4fPM8Fgai3nDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2ZkYzVkZjdjMWQwNDc4YjRkZmEzMjkwOGQ5ZmY5NTgx
OGFjNzgwHhcNMjQxMjIwMTI0NDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYThiYTRjZGU3NjMzYWU3YjhhOWMzOTk2ZDg4YTI4N2Q4NDUxNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAAc+2Q7jy3wED+tt2AthLla2+qN
aLsPf3b8V1cw8HOPHVjDxVt4if7xeYP0U3CLZjfEPtc9/2COlkKX9lvGQ143p0zS
2yZtsy4I9Y9gToA/vrRV3Z90ZxMFgWRACA+HbcrrSETfGmDHEPJPNq6Fvan6/2SW
jl9YxRKYFMlX4zop91jBrv7f89mWvbyCTTyRVlUOfIQ9lqcNmJHe8dnhx/i44+oY
5ffnN+vk/hdPlocnMKaBLyvetC1fuWWg/Aeq09VyyYEQh695A69CzsfNICd0zk0a
X2scWjctGBtTDGQ+1MiCwTaz0LrVTLSaL4+tWIbhSjKZPew+RCcIMhJs8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqLpM3nYzrnuKnDmW2IoofYRRRfMB8GA1UdIwQY
MBaAFFl/3F33wdBHi036MpCNn/lYGKx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hfY1hmZkIwRWVMVGZveWtJMmYtVmdZckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xYjRmNjgtM2YyOC00ZmYyLThmOTIt
MmY4OWZjYTY3MjhiLzEveW91a3plZGpPdWU0cWNPWmJZaWloOWhGRkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xYjRmNjgtM2YyOC00ZmYyLThmOTItMmY4OWZjYTY3Mjhi
LzEvV1hfY1hmZkIwRWVMVGZveWtJMmYtVmdZckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW/QMA0G
CSqGSIb3DQEBCwUAA4IBAQA0EnXJObX3NYGwO4z1grnsdwXVc8FxgLCJ5TopRj9y
6/0dI/4sgKq1dCS6+vfV/67JjBWmYzZiuQpKH7q17y10ZBLUkX6BaBO3BmGADTXA
uBEftgOQYmvWdxRuwCcHfIsg7utOMHqntQULop+ibj6H4+5sYF1Mbm+exKSdy+K1
7wrNrBNmTvDCAcEeEkO6fM8LgoHQG2r6orDo/+vDlSlIUPGOcLM4rThx8hC7KKjt
x6O0MK60qFJwuicyPmcQhfMjHM5ovZTVLVh+p7r5fSN8jOaBQELpQ0hzpz0GC9xb
cMkaBw6I6bmFEjSWYByq58A7kMk/VVYt9iocGknOolSz
-----END CERTIFICATE-----
Generated at Mon May 12 04:25:03 2025 by rpki-client