Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/0UKc3c6_AlpjqrUNJh3DwStXrec.roa
File: 0UKc3c6_AlpjqrUNJh3DwStXrec.roa (raw, json)
Hash identifier: OhWloYhHA/1vQyymMhBSWvWrUFfn2iV/XlUJ3vQrur4=
Subject key identifier: D1:42:9C:DD:CE:BF:02:5A:63:AA:B5:0D:26:1D:C3:C1:2B:57:AD:E7
Certificate issuer: /CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Certificate serial: 019425FCB3CD3EE0B96F3ABC006FCF8451B6
Authority key identifier: 87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/0UKc3c6_AlpjqrUNJh3DwStXrec.roa
Signing time: Thu 02 Jan 2025 07:48:25 +0000
ROA not before: Thu 02 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49824
IP address blocks: 91.225.200.0/24 maxlen: 24
91.225.201.0/24 maxlen: 24
91.225.202.0/24 maxlen: 24
91.245.72.0/21 maxlen: 21
193.93.216.0/22 maxlen: 22
2001:678:604::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b3:cd:3e:e0:b9:6f:3a:bc:00:6f:cf:84:51:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Validity
Not Before: Jan 2 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1429cddcebf025a63aab50d261dc3c12b57ade7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:5c:b2:ac:ef:23:d8:19:85:1f:ff:96:23:
e9:49:4f:c9:11:67:60:66:62:fc:8c:11:25:8f:79:
0f:2e:6b:e7:f4:78:98:21:63:6a:f3:bf:f2:d2:e4:
51:2a:ee:c9:eb:ad:af:39:2e:9d:37:db:96:0b:74:
04:de:8c:86:ff:ec:8a:09:43:1b:62:65:b3:3d:5f:
12:b6:ec:bc:c9:36:da:0b:af:b1:72:bd:ac:41:fa:
f2:ea:81:67:44:ee:b3:c5:61:1d:fc:6c:ea:11:98:
98:09:a9:7e:6e:45:44:25:d2:65:b4:cc:05:f4:a2:
90:02:42:49:b2:b3:c5:b9:03:c6:f5:06:69:7c:a0:
b6:fd:2b:42:4d:1e:ff:10:0d:8d:17:b6:15:0d:89:
c1:25:b8:b9:ad:5f:1c:3c:cd:62:81:df:a3:da:1d:
cd:db:93:d6:3b:7e:0b:c6:97:e9:3e:73:20:57:f8:
24:56:b6:f7:37:bb:fb:ff:ba:36:cf:56:08:a4:fd:
74:bf:27:8a:10:14:12:fc:fd:26:32:47:e1:12:cb:
04:7b:5c:e8:e4:fe:ee:de:31:65:ab:96:d2:1e:9e:
7d:4b:f5:91:27:da:a8:49:21:2c:3e:ba:7a:ba:88:
6f:12:94:0e:6a:95:6f:1e:ed:23:36:b7:6a:76:ea:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:42:9C:DD:CE:BF:02:5A:63:AA:B5:0D:26:1D:C3:C1:2B:57:AD:E7
X509v3 Authority Key Identifier:
keyid:87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/0UKc3c6_AlpjqrUNJh3DwStXrec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.200.0-91.225.202.255
91.245.72.0/21
193.93.216.0/22
IPv6:
2001:678:604::/48
Signature Algorithm: sha256WithRSAEncryption
28:0e:d6:86:25:96:7d:01:a2:64:f2:7b:30:fa:c9:a7:6a:bb:
aa:9c:9a:32:d5:14:31:3e:27:fa:bd:f0:71:14:d9:4d:2f:01:
7f:24:71:5f:15:e2:35:86:b8:ed:a9:22:ea:fc:cb:7a:cb:ca:
79:dc:6d:e5:45:15:9c:e3:15:87:52:3c:ca:21:21:5c:08:49:
dc:df:58:cc:70:fc:f5:7f:c7:69:52:68:d1:3d:a5:d6:66:17:
75:b8:3c:18:62:72:80:f7:1a:32:8a:7a:09:79:b6:d9:42:56:
bd:bf:97:a2:dc:82:32:2c:87:52:24:4a:79:6b:f0:77:dd:f7:
28:99:38:20:25:08:01:0a:2b:1f:63:72:93:c8:6e:64:41:98:
7c:ce:a6:ea:94:2f:23:b8:60:f2:f0:0f:4f:83:3e:94:e5:57:
c6:c6:c4:55:60:f7:a1:e8:b4:3f:50:3b:dd:5a:ad:59:b1:86:
fe:7e:66:63:aa:13:ae:7e:f4:24:7a:14:15:62:6c:5b:0f:4a:
aa:b4:93:af:ce:1d:09:74:ce:3d:a9:b5:57:34:98:d7:dc:ae:
df:7d:19:f8:c2:bd:19:c4:0a:b2:4b:fd:1e:1e:fe:64:67:0d:
10:c8:bc:27:29:5c:4e:9b:89:b4:e1:f9:fd:88:19:ce:8f:2a:
ad:1f:d7:6a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQl/LPNPuC5bzq8AG/PhFG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzcyNmIxN2IwMWJmMGI1NDQyNmQxODEwZjIzZGM0ZjU4
ZjZhN2IwHhcNMjUwMTAyMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQyOWNkZGNlYmYwMjVhNjNhYWI1MGQyNjFkYzNjMTJiNTdhZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1NcsqzvI9gZhR//liPpSU/JEWdg
ZmL8jBElj3kPLmvn9HiYIWNq87/y0uRRKu7J662vOS6dN9uWC3QE3oyG/+yKCUMb
YmWzPV8Stuy8yTbaC6+xcr2sQfry6oFnRO6zxWEd/GzqEZiYCal+bkVEJdJltMwF
9KKQAkJJsrPFuQPG9QZpfKC2/StCTR7/EA2NF7YVDYnBJbi5rV8cPM1igd+j2h3N
25PWO34LxpfpPnMgV/gkVrb3N7v7/7o2z1YIpP10vyeKEBQS/P0mMkfhEssEe1zo
5P7u3jFlq5bSHp59S/WRJ9qoSSEsPrp6uohvEpQOapVvHu0jNrdqdurqaQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFNFCnN3OvwJaY6q1DSYdw8ErV63nMB8GA1UdIwQY
MBaAFIc3JrF7Ab8LVEJtGBDyPcT1j2p7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQt
MmFlMzUxNzU3MTNjLzEvMFVLYzNjNl9BbHBqcXJVTkpoM0R3U3RYcmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQtMmFlMzUxNzU3MTNj
LzEvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBANb4cgD
BABb4coDBANb9UgDBALBXdgwDwQCAAIwCQMHACABBngGBDANBgkqhkiG9w0BAQsF
AAOCAQEAKA7WhiWWfQGiZPJ7MPrJp2q7qpyaMtUUMT4n+r3wcRTZTS8BfyRxXxXi
NYa47aki6vzLesvKedxt5UUVnOMVh1I8yiEhXAhJ3N9YzHD89X/HaVJo0T2l1mYX
dbg8GGJygPcaMop6CXm22UJWvb+XotyCMiyHUiRKeWvwd933KJk4ICUIAQorH2Ny
k8huZEGYfM6m6pQvI7hg8vAPT4M+lOVXxsbEVWD3oei0P1A73VqtWbGG/n5mY6oT
rn70JHoUFWJsWw9KqrSTr84dCXTOPam1VzSY19yu330Z+MK9GcQKskv9Hh7+ZGcN
EMi8JylcTpuJtOH5/YgZzo8qrR/Xag==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:25 2025 by rpki-client