Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ucd37ryibW27iJp1LSiePnG8QM4.roa
File: ucd37ryibW27iJp1LSiePnG8QM4.roa (raw, json)
Hash identifier: NMuQJwbaZIR4s3fSThWqnIRh4qin2UEJigdrhMB2tUU=
Subject key identifier: B9:C7:77:EE:BC:A2:6D:6D:BB:88:9A:75:2D:28:9E:3E:71:BC:40:CE
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018E4E9C3BFDD29C3CE89A039C850D413A1E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ucd37ryibW27iJp1LSiePnG8QM4.roa
Signing time: Sun 17 Mar 2024 22:50:45 +0000
ROA not before: Sun 17 Mar 2024 22:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
178.219.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4e:9c:3b:fd:d2:9c:3c:e8:9a:03:9c:85:0d:41:3a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 17 22:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9c777eebca26d6dbb889a752d289e3e71bc40ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:1d:eb:d7:06:3a:13:f9:1e:75:e0:a2:cf:
9a:ab:75:1b:90:03:d0:c3:80:79:52:f7:77:28:c8:
74:09:3e:b8:7d:fc:3d:44:8d:4b:71:9a:85:c4:34:
1d:f8:a4:bf:31:40:1f:86:99:77:cc:c6:fa:8a:1e:
b3:75:f5:cb:12:c2:c1:07:1e:38:a4:1e:0c:0b:29:
fd:6d:6e:7a:d4:c0:1e:b0:ba:28:de:83:2a:63:6f:
52:91:b4:41:ca:76:48:b2:3e:1e:a2:49:a9:49:4b:
24:26:e7:c3:eb:d3:78:20:5c:87:23:7d:20:09:c9:
6c:e4:22:c6:17:73:d4:66:12:cf:48:61:cb:73:56:
ec:8f:a2:42:08:14:ea:5c:af:40:cf:a0:92:a2:74:
a1:77:4d:0a:55:a9:11:26:94:1d:36:78:d2:f3:59:
ac:42:df:89:70:56:d0:88:07:7f:32:33:51:21:43:
a5:80:8e:41:7b:e5:10:d0:3d:82:97:83:9f:a9:f2:
cb:4e:4f:cc:60:6f:e2:d5:96:cb:d4:d5:88:97:ca:
58:17:7a:36:80:a4:a7:e4:64:7c:67:56:20:b6:d5:
23:ea:65:50:24:2b:12:a7:fe:e8:82:c0:c9:9f:12:
81:71:44:f8:01:4d:8e:38:21:de:64:60:56:61:fc:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C7:77:EE:BC:A2:6D:6D:BB:88:9A:75:2D:28:9E:3E:71:BC:40:CE
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ucd37ryibW27iJp1LSiePnG8QM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.0.0/19
178.219.14.0/24
Signature Algorithm: sha256WithRSAEncryption
86:56:d2:c7:8c:c7:f9:66:81:a1:8c:1d:e2:12:11:62:1d:43:
fc:06:71:0f:80:b4:37:1b:9e:9f:5f:4f:d4:32:8b:38:17:f6:
12:6b:7f:18:f1:88:ca:92:66:22:34:bf:43:e7:df:55:d4:2c:
a4:76:d9:77:fd:e2:0e:fa:dc:95:88:e2:2f:ca:82:2e:fa:5b:
fa:2c:5c:7d:21:8c:12:b2:71:93:5d:6d:96:7f:ed:76:cd:3e:
6a:de:77:f1:fb:01:20:68:b2:cb:54:bc:34:d8:a2:90:83:00:
23:41:3b:23:cd:a4:d9:c7:1e:4a:ea:38:a2:f2:8c:09:29:70:
6c:07:4b:19:93:08:f3:28:81:86:d4:e0:00:d2:8f:28:8c:08:
08:dc:35:6d:10:0e:82:69:66:80:0d:f7:f8:b2:79:df:fb:20:
ed:c9:d4:a8:5b:36:86:3e:5a:87:70:21:1f:24:3a:9a:ab:d7:
79:86:c6:e7:36:12:25:1e:3a:f9:3b:25:c6:62:c3:68:56:46:
09:eb:bd:59:8d:ba:f6:6c:85:34:f9:ee:31:56:c7:9f:16:9e:
24:60:f8:5b:c0:20:0f:52:e1:36:2c:78:81:73:b1:bb:64:67:
b8:8a:fa:ad:34:c3:b2:43:ed:5b:e0:64:54:56:ef:4a:bf:19:
c3:e9:44:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5OnDv90pw86JoDnIUNQToeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMzE3MjI1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM3NzdlZWJjYTI2ZDZkYmI4ODlhNzUyZDI4OWUzZTcxYmM0MGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnEd69cGOhP5HnXgos+aq3UbkAPQ
w4B5Uvd3KMh0CT64ffw9RI1LcZqFxDQd+KS/MUAfhpl3zMb6ih6zdfXLEsLBBx44
pB4MCyn9bW561MAesLoo3oMqY29SkbRBynZIsj4eokmpSUskJufD69N4IFyHI30g
Ccls5CLGF3PUZhLPSGHLc1bsj6JCCBTqXK9Az6CSonShd00KVakRJpQdNnjS81ms
Qt+JcFbQiAd/MjNRIUOlgI5Be+UQ0D2Cl4OfqfLLTk/MYG/i1ZbL1NWIl8pYF3o2
gKSn5GR8Z1YgttUj6mVQJCsSp/7ogsDJnxKBcUT4AU2OOCHeZGBWYfwGYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnHd+68om1tu4iadS0onj5xvEDOMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdWNkMzdyeWliVzI3aUpwMUxTaWVQbkc4UU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATWkWAwQF
bXkAAwQAstsOMA0GCSqGSIb3DQEBCwUAA4IBAQCGVtLHjMf5ZoGhjB3iEhFiHUP8
BnEPgLQ3G56fX0/UMos4F/YSa38Y8YjKkmYiNL9D599V1Cykdtl3/eIO+tyViOIv
yoIu+lv6LFx9IYwSsnGTXW2Wf+12zT5q3nfx+wEgaLLLVLw02KKQgwAjQTsjzaTZ
xx5K6jii8owJKXBsB0sZkwjzKIGG1OAA0o8ojAgI3DVtEA6CaWaADff4snnf+yDt
ydSoWzaGPlqHcCEfJDqaq9d5hsbnNhIlHjr5OyXGYsNoVkYJ671Zjbr2bIU0+e4x
VsefFp4kYPhbwCAPUuE2LHiBc7G7ZGe4ivqtNMOyQ+1b4GRUVu9KvxnD6UQh
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:16:21 2025 by rpki-client