Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK5NsII-LTF761VzxF9DY42Yywg.roa
File: UK5NsII-LTF761VzxF9DY42Yywg.roa (raw, json)
Hash identifier: QuTtsuw1h6GuFHsNhToNXvzfUPgZu4JE7jLTZ5xOxnA=
Subject key identifier: 50:AE:4D:B0:82:3E:2D:31:7B:EB:55:73:C4:5F:43:63:8D:98:CB:08
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019425218C92D8623444E47D2B84D438973B
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK5NsII-LTF761VzxF9DY42Yywg.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16589
IP address blocks: 85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8c:92:d8:62:34:44:e4:7d:2b:84:d4:38:97:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ae4db0823e2d317beb5573c45f43638d98cb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:db:36:e9:ec:a9:79:4d:b4:a5:8f:77:9b:e2:
83:86:4d:d1:b7:7b:63:ad:74:22:29:6c:6f:6b:9e:
70:fd:6f:7e:a5:d0:df:12:7e:59:f3:81:c6:68:98:
b2:ac:a2:6d:d8:37:bf:e6:c4:e0:62:ec:da:ab:a6:
ca:3b:43:46:aa:a6:4d:0f:00:49:b8:90:a1:d0:b5:
66:77:6d:0d:3d:c9:0a:b0:e8:22:14:37:c9:72:25:
fe:17:20:62:49:95:21:99:10:42:17:64:89:69:84:
41:25:bd:92:54:d4:2d:13:53:aa:cb:c2:2c:7b:f5:
e0:59:b9:a9:02:b9:a3:60:69:a6:b1:3a:58:08:2e:
16:1b:d5:7e:8d:3c:9a:a6:31:ea:9d:db:6e:d2:68:
7c:96:7b:51:de:eb:f2:55:59:ca:ba:67:5b:ca:e9:
98:6d:40:47:66:95:a2:36:d0:73:dc:38:f4:03:53:
a7:bb:3a:f5:fb:8c:2b:0d:15:4c:2f:d6:56:f9:dc:
bd:20:2e:f7:8c:81:f9:00:73:2a:7c:d7:e1:a0:55:
bb:da:de:9c:f7:aa:2e:6b:b1:2a:13:a8:a7:96:d3:
f0:a2:a8:f6:db:33:f1:08:d5:5a:24:d1:6e:e5:df:
d4:4b:48:51:44:7f:9a:6e:6c:7a:8c:26:fe:7f:70:
34:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AE:4D:B0:82:3E:2D:31:7B:EB:55:73:C4:5F:43:63:8D:98:CB:08
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UK5NsII-LTF761VzxF9DY42Yywg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.146.0/23
185.95.156.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:5e:d0:63:22:74:e7:2d:2f:39:ef:88:6d:2e:5d:fd:96:ce:
6a:05:ae:a7:94:d2:aa:0a:35:49:d3:85:f1:27:78:82:9a:8b:
55:6f:29:e4:c0:42:1b:ad:93:7b:43:04:d0:f9:92:15:42:18:
ed:18:ef:1a:10:57:6b:75:2a:f2:81:c5:a6:75:32:42:1b:78:
3f:51:66:7b:a5:e3:e2:d2:76:ba:38:ec:a6:e1:e4:11:c8:10:
82:77:2b:4f:5c:7d:6f:aa:80:88:e5:ce:61:29:7f:8f:91:92:
a9:be:9a:cc:68:c9:c9:3c:20:47:65:52:1e:0f:2e:86:2e:95:
df:24:a6:8a:ea:31:9a:cf:e9:84:ff:b4:47:27:6d:62:9e:3d:
97:f2:a1:0e:c5:7b:cb:e2:5f:0b:b8:56:99:71:7a:d0:8f:68:
8e:84:85:b2:b9:0b:e5:a9:10:ff:50:54:be:1f:f5:8e:8c:b5:
c9:99:5c:bd:65:5e:83:ef:77:4e:7c:fd:c7:29:34:0b:f2:b9:
34:cd:82:92:af:ad:61:ea:9b:9f:48:47:d2:ae:4c:ee:6b:d3:
13:ae:84:86:70:8c:3e:66:84:43:0e:82:81:02:f8:83:2f:c8:
96:8b:31:50:12:b6:71:b9:c4:00:ba:79:2e:90:e8:04:f1:0e:
f0:da:81:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIYyS2GI0ROR9K4TUOJc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFlNGRiMDgyM2UyZDMxN2JlYjU1NzNjNDVmNDM2MzhkOThjYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ts26eypeU20pY93m+KDhk3Rt3tj
rXQiKWxva55w/W9+pdDfEn5Z84HGaJiyrKJt2De/5sTgYuzaq6bKO0NGqqZNDwBJ
uJCh0LVmd20NPckKsOgiFDfJciX+FyBiSZUhmRBCF2SJaYRBJb2SVNQtE1Oqy8Is
e/XgWbmpArmjYGmmsTpYCC4WG9V+jTyapjHqndtu0mh8lntR3uvyVVnKumdbyumY
bUBHZpWiNtBz3Dj0A1Onuzr1+4wrDRVML9ZW+dy9IC73jIH5AHMqfNfhoFW72t6c
96oua7EqE6inltPwoqj22zPxCNVaJNFu5d/US0hRRH+abmx6jCb+f3A0BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCuTbCCPi0xe+tVc8RfQ2ONmMsIMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvVUs1TnNJSS1MVEY3NjFWenhGOURZNDJZeXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVe+SAwQA
uV+cMA0GCSqGSIb3DQEBCwUAA4IBAQB7XtBjInTnLS8574htLl39ls5qBa6nlNKq
CjVJ04XxJ3iCmotVbynkwEIbrZN7QwTQ+ZIVQhjtGO8aEFdrdSrygcWmdTJCG3g/
UWZ7pePi0na6OOym4eQRyBCCdytPXH1vqoCI5c5hKX+PkZKpvprMaMnJPCBHZVIe
Dy6GLpXfJKaK6jGaz+mE/7RHJ21inj2X8qEOxXvL4l8LuFaZcXrQj2iOhIWyuQvl
qRD/UFS+H/WOjLXJmVy9ZV6D73dOfP3HKTQL8rk0zYKSr61h6pufSEfSrkzua9MT
roSGcIw+ZoRDDoKBAviDL8iWizFQErZxucQAunkukOgE8Q7w2oHO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:00 2025 by rpki-client