Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UPwXH4vazEt6iiTVmgUMMqYrJso.roa
File: UPwXH4vazEt6iiTVmgUMMqYrJso.roa (raw, json)
Hash identifier: 52L1FtGMBgsuRPVyE6V0WBR4fy0yyi1z0u7D4leyw4Q=
Subject key identifier: 50:FC:17:1F:8B:DA:CC:4B:7A:8A:24:D5:9A:05:0C:32:A6:2B:26:CA
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E34F1E52010113F63F1DC561C4918
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UPwXH4vazEt6iiTVmgUMMqYrJso.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42117
IP address blocks: 159.20.8.0/21 maxlen: 21
95.175.160.0/19 maxlen: 19
77.233.96.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:34:f1:e5:20:10:11:3f:63:f1:dc:56:1c:49:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50fc171f8bdacc4b7a8a24d59a050c32a62b26ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1c:8e:c0:bd:c7:12:f9:2d:71:86:f2:39:df:
45:72:da:25:c8:8d:1c:fd:27:85:4e:24:83:9c:41:
30:95:ad:23:dd:ac:10:f8:56:92:23:56:00:fa:4c:
67:70:b1:59:dd:b6:b8:92:ab:e4:bc:82:60:26:dc:
7e:9b:91:d8:59:76:d5:f8:1e:cd:c8:57:30:de:b6:
6b:bb:d6:91:60:52:48:03:ea:df:6c:1c:f0:33:76:
2d:6d:c1:7b:5e:89:e0:a1:52:d6:29:32:99:9a:b2:
92:07:ad:25:2c:66:81:1b:32:9e:84:ff:df:27:36:
32:03:9a:fa:27:5d:85:15:42:f2:f8:f3:71:ff:9f:
05:43:06:f0:92:10:82:0a:34:5f:6a:f9:97:e1:7d:
16:d8:5a:ac:49:f0:4d:c5:ac:1d:ba:4b:54:d4:33:
ef:8f:02:4a:1a:e4:23:9e:12:5e:1b:81:fa:37:e3:
8a:1a:e2:dd:ae:0c:04:6b:09:01:e5:91:ce:44:02:
b2:df:7a:1c:55:cc:3e:4a:94:27:b5:8f:53:19:6f:
a0:5d:dc:d8:18:18:ad:09:6b:05:08:bf:09:a0:26:
1b:c8:fa:61:9f:aa:11:ef:84:7b:4f:fe:58:60:94:
cf:47:a5:8b:8a:0a:a1:7c:98:87:72:49:61:f1:a5:
72:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FC:17:1F:8B:DA:CC:4B:7A:8A:24:D5:9A:05:0C:32:A6:2B:26:CA
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UPwXH4vazEt6iiTVmgUMMqYrJso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.233.96.0/19
95.175.160.0/19
159.20.8.0/21
Signature Algorithm: sha256WithRSAEncryption
04:78:a6:c8:ce:af:28:d3:03:2f:4e:3c:ef:18:dc:c0:4a:e9:
cb:fc:17:7a:97:67:d2:5d:02:56:c9:ab:04:d0:b0:1d:1a:00:
72:c2:9b:4a:d7:c9:bd:60:73:1e:4b:09:f5:1d:52:3c:4a:2a:
4d:e5:3f:c5:51:cc:21:05:cd:cb:bf:d0:c3:91:0a:2e:e5:ac:
2e:17:56:ee:e9:44:9f:fa:ea:6e:ec:69:da:05:19:94:df:97:
52:7b:5d:61:ae:cb:66:fe:cb:b0:6b:a4:8c:c9:90:6e:fb:c6:
b4:4e:8e:cc:4e:d8:0a:69:04:31:99:de:06:a0:b6:94:fb:55:
45:93:41:f0:77:e3:4e:51:4b:cd:8a:46:04:5c:c4:84:72:d3:
e5:3c:47:69:98:9b:92:3a:c5:a3:f0:d8:d1:0d:c8:7d:f5:e1:
da:d0:53:c1:f8:4f:37:c7:3a:fa:0d:28:03:7a:08:97:5a:12:
a8:b9:5b:9f:a0:a3:64:be:48:fa:d2:ea:de:3c:9b:ec:d6:e1:
b1:85:de:6c:39:12:df:b7:5c:61:56:6d:d4:41:44:72:0e:6b:
80:28:c9:62:7e:b7:96:9f:2f:70:b1:fb:33:89:b8:81:16:85:
23:a5:63:67:5a:f3:7b:51:37:0f:8f:c6:e1:b3:9e:cb:cc:26:
14:2c:c0:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTjTx5SAQET9j8dxWHEkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZjMTcxZjhiZGFjYzRiN2E4YTI0ZDU5YTA1MGMzMmE2MmIyNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhyOwL3HEvktcYbyOd9FctolyI0c
/SeFTiSDnEEwla0j3awQ+FaSI1YA+kxncLFZ3ba4kqvkvIJgJtx+m5HYWXbV+B7N
yFcw3rZru9aRYFJIA+rfbBzwM3YtbcF7XongoVLWKTKZmrKSB60lLGaBGzKehP/f
JzYyA5r6J12FFULy+PNx/58FQwbwkhCCCjRfavmX4X0W2FqsSfBNxawduktU1DPv
jwJKGuQjnhJeG4H6N+OKGuLdrgwEawkB5ZHORAKy33ocVcw+SpQntY9TGW+gXdzY
GBitCWsFCL8JoCYbyPphn6oR74R7T/5YYJTPR6WLigqhfJiHcklh8aVyJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFD8Fx+L2sxLeook1ZoFDDKmKybKMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvVVB3WEg0dmF6RXQ2aWlUVm1nVU1NcVlySnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTelgAwQF
X6+gAwQDnxQIMA0GCSqGSIb3DQEBCwUAA4IBAQAEeKbIzq8o0wMvTjzvGNzASunL
/Bd6l2fSXQJWyasE0LAdGgBywptK18m9YHMeSwn1HVI8SipN5T/FUcwhBc3Lv9DD
kQou5awuF1bu6USf+upu7GnaBRmU35dSe11hrstm/suwa6SMyZBu+8a0To7MTtgK
aQQxmd4GoLaU+1VFk0Hwd+NOUUvNikYEXMSEctPlPEdpmJuSOsWj8NjRDch99eHa
0FPB+E83xzr6DSgDegiXWhKouVufoKNkvkj60urePJvs1uGxhd5sORLft1xhVm3U
QURyDmuAKMlifreWny9wsfszibiBFoUjpWNnWvN7UTcPj8bhs57LzCYULMCt
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:39:14 2025 by rpki-client