Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UaHUGX2me0fCinu2K0o7FQZnjgw.roa
File: UaHUGX2me0fCinu2K0o7FQZnjgw.roa (raw, json)
Hash identifier: OaWH39B32ar55uhOAtdCpNgOxqCD3V6ZAB5otMTUBaU=
Subject key identifier: 51:A1:D4:19:7D:A6:7B:47:C2:8A:7B:B6:2B:4A:3B:15:06:67:8E:0C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0194266BC7A86CAA01B35FB96CA09643E93A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UaHUGX2me0fCinu2K0o7FQZnjgw.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214062
IP address blocks: 91.200.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c7:a8:6c:aa:01:b3:5f:b9:6c:a0:96:43:e9:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51a1d4197da67b47c28a7bb62b4a3b1506678e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ac:9d:74:de:06:96:bd:5a:eb:68:6b:c9:57:
2c:58:7d:fa:fc:1b:f9:4c:7e:63:cf:5e:37:1c:e9:
b0:95:25:98:cd:63:18:8f:c0:96:dd:95:35:06:f5:
e9:4a:8f:35:08:da:35:95:8f:b4:7c:9b:97:2f:b1:
c3:55:9a:9b:7e:6f:0d:5f:41:34:81:5c:7b:3e:5b:
2a:f1:33:fd:1f:34:70:24:0d:48:75:9b:9a:06:0c:
9d:df:fd:ad:e8:14:6e:14:df:5c:23:d1:34:58:a3:
7e:6f:e3:41:31:f5:2d:be:76:4b:0a:2b:e4:b6:c1:
59:a6:d8:a1:0e:74:55:49:c9:b1:d7:ad:02:94:66:
60:97:91:8d:d0:82:91:4e:55:91:1f:95:93:5e:43:
ec:25:31:76:66:41:69:98:a7:8f:d1:9f:63:f4:9d:
7a:c8:17:38:1d:8c:13:f2:61:f4:74:9b:b4:77:b3:
71:51:80:fd:7b:4c:a4:3a:8d:87:db:83:f8:d7:d4:
93:8c:e3:ce:37:cb:df:9f:a8:3b:52:3a:97:d9:61:
0b:d6:43:61:b1:30:51:9a:d5:b1:2e:10:f3:fd:f4:
46:57:27:11:4e:a4:e7:0a:78:4d:52:37:29:54:7a:
2e:a1:9d:49:a0:93:2a:1d:1e:21:99:9e:a1:94:e6:
9d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A1:D4:19:7D:A6:7B:47:C2:8A:7B:B6:2B:4A:3B:15:06:67:8E:0C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/UaHUGX2me0fCinu2K0o7FQZnjgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d0:36:f5:47:6a:a1:3b:13:32:eb:c5:67:85:ac:f0:a4:6b:
49:37:73:ed:f4:3e:f3:4e:2e:6d:2f:24:aa:fa:21:f6:6a:88:
dd:21:b1:35:ab:1b:be:ed:73:4a:a3:9c:98:d8:ae:b1:2f:f2:
b4:aa:51:83:95:7f:67:86:5b:1e:b8:23:3e:ea:a8:14:19:b2:
43:ff:1c:ea:65:ec:40:f5:5e:58:7b:12:34:c1:2b:36:3c:80:
33:11:05:26:ba:01:9c:72:1b:f0:3b:a7:f3:fe:eb:c2:77:a9:
3f:47:03:1e:9b:8c:3c:88:f1:49:71:f5:18:bd:6e:5c:64:73:
de:c4:40:2f:d4:f6:7c:92:52:f5:8b:b1:dd:5a:8b:ba:f3:1e:
90:65:50:01:e4:24:b4:d9:40:e4:6a:2b:a1:ca:16:b8:f1:66:
76:80:20:41:e9:45:e8:09:6c:c9:61:67:cb:8d:f5:96:b6:c5:
2f:f8:6f:a5:83:43:10:7f:43:fd:66:16:37:86:bc:c7:84:54:
78:53:0d:c8:64:77:76:6c:9b:2b:10:e3:1c:08:9c:53:26:7a:
e1:e1:90:fe:f8:90:9f:8a:44:ab:a8:6f:bf:29:be:38:ce:c7:
a3:49:ce:b1:2f:a1:c9:43:dd:34:a3:0b:b0:d6:39:84:9b:0c:
4e:65:e6:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8eobKoBs1+5bKCWQ+k6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWExZDQxOTdkYTY3YjQ3YzI4YTdiYjYyYjRhM2IxNTA2Njc4ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26yddN4Glr1a62hryVcsWH36/Bv5
TH5jz143HOmwlSWYzWMYj8CW3ZU1BvXpSo81CNo1lY+0fJuXL7HDVZqbfm8NX0E0
gVx7Plsq8TP9HzRwJA1IdZuaBgyd3/2t6BRuFN9cI9E0WKN+b+NBMfUtvnZLCivk
tsFZptihDnRVScmx160ClGZgl5GN0IKRTlWRH5WTXkPsJTF2ZkFpmKeP0Z9j9J16
yBc4HYwT8mH0dJu0d7NxUYD9e0ykOo2H24P419STjOPON8vfn6g7UjqX2WEL1kNh
sTBRmtWxLhDz/fRGVycRTqTnCnhNUjcpVHouoZ1JoJMqHR4hmZ6hlOadBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGh1Bl9pntHwop7titKOxUGZ44MMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvVWFIVUdYMm1lMGZDaW51MkswbzdGUVpuamd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8jcMA0G
CSqGSIb3DQEBCwUAA4IBAQB90Db1R2qhOxMy68VnhazwpGtJN3Pt9D7zTi5tLySq
+iH2aojdIbE1qxu+7XNKo5yY2K6xL/K0qlGDlX9nhlseuCM+6qgUGbJD/xzqZexA
9V5YexI0wSs2PIAzEQUmugGcchvwO6fz/uvCd6k/RwMem4w8iPFJcfUYvW5cZHPe
xEAv1PZ8klL1i7HdWou68x6QZVAB5CS02UDkaiuhyha48WZ2gCBB6UXoCWzJYWfL
jfWWtsUv+G+lg0MQf0P9ZhY3hrzHhFR4Uw3IZHd2bJsrEOMcCJxTJnrh4ZD++JCf
ikSrqG+/Kb44zsejSc6xL6HJQ900owuw1jmEmwxOZeZd
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:15:38 2025 by rpki-client