Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/UN74uc5YlLqW_undi6fagl4jLqE.roa
File: UN74uc5YlLqW_undi6fagl4jLqE.roa (raw, json)
Hash identifier: T8wwQEk35bUytAqstSvFlsiKKzh4r6h8H/xSeUZvLig=
Subject key identifier: 50:DE:F8:B9:CE:58:94:BA:96:FE:E9:DD:8B:A7:DA:82:5E:23:2E:A1
Certificate issuer: /CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Certificate serial: 019423D714348FAFE2EE2B25A6C01AD45143
Authority key identifier: 19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/UN74uc5YlLqW_undi6fagl4jLqE.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208472
IP address blocks: 194.11.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:14:34:8f:af:e2:ee:2b:25:a6:c0:1a:d4:51:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1983b02e10ca821bfe1be6e751d92cf73d6d4c0b
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50def8b9ce5894ba96fee9dd8ba7da825e232ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:40:66:29:5c:ae:30:2b:1d:87:8d:12:65:d7:
72:7d:8b:e2:11:a9:d1:c8:1e:db:11:6d:16:77:fb:
36:b5:c6:71:ba:ea:84:90:1d:42:55:e6:ef:11:5d:
f0:4f:18:c2:77:f6:b6:b9:83:ec:6e:37:d0:1e:5f:
b8:b3:90:f6:bb:34:f4:c0:53:76:7c:61:75:88:ff:
21:32:a4:e6:81:4a:bf:3c:21:7e:6f:56:e6:78:fe:
99:27:87:ec:a9:eb:f2:45:d3:3e:7c:47:af:9f:1e:
97:cb:82:e7:79:a2:7d:83:ff:b3:3b:23:44:97:ae:
ce:b5:48:6e:bb:e8:4c:4c:c3:00:79:15:2f:7d:64:
4c:81:dd:b7:e3:38:cc:03:64:e0:e2:82:48:d3:ed:
9a:a8:04:61:a5:5b:c7:34:ba:c5:e0:0c:ad:3a:d5:
ef:22:be:7b:45:df:e6:e6:15:cb:35:fa:8c:f1:60:
db:00:dc:40:d4:e1:8e:c1:5b:56:58:75:17:ad:56:
5b:0c:ce:b8:ed:0e:6a:13:cd:20:2a:88:1c:88:5d:
7a:5a:34:74:05:56:d7:80:0b:53:97:6f:a6:e7:f3:
a1:ca:fa:89:43:69:85:6a:a6:2d:36:64:fa:1d:a1:
f6:74:47:ed:47:cd:03:3a:3b:82:77:3c:b8:70:e0:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DE:F8:B9:CE:58:94:BA:96:FE:E9:DD:8B:A7:DA:82:5E:23:2E:A1
X509v3 Authority Key Identifier:
keyid:19:83:B0:2E:10:CA:82:1B:FE:1B:E6:E7:51:D9:2C:F7:3D:6D:4C:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYOwLhDKghv-G-bnUdks9z1tTAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/UN74uc5YlLqW_undi6fagl4jLqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/096c17-dd83-4058-82e1-cda36256296c/1/GYOwLhDKghv-G-bnUdks9z1tTAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.247.0/24
Signature Algorithm: sha256WithRSAEncryption
98:3d:e4:16:57:cf:28:66:95:99:bc:79:a4:c6:0c:74:ac:3d:
91:bd:96:0a:7f:e0:ec:a6:b9:5a:54:68:f9:db:15:10:55:dc:
3f:cb:ad:63:0b:19:20:07:81:31:45:dc:37:bf:70:e2:d0:dc:
d2:49:c9:92:d6:40:62:f6:77:37:61:f4:55:d4:b4:b7:6d:2c:
46:9e:02:fc:7f:12:ba:b2:01:8a:fb:4e:76:07:56:93:e4:7f:
21:c1:d9:73:04:48:dd:fe:1b:25:d1:69:69:c4:52:0b:c1:c7:
41:b8:2b:b4:4a:c3:f4:66:df:14:6a:ba:a6:ae:2b:84:20:c7:
e0:8f:ea:23:c1:e8:c7:a6:58:8e:41:5c:54:3f:59:9c:9c:dd:
ce:1f:a6:04:cf:4a:9c:25:10:4a:1c:cc:c9:e0:85:7a:88:54:
e1:6c:07:98:ff:a4:d7:cc:ec:9e:7c:7e:87:15:16:67:5f:7d:
d8:25:21:0c:15:d9:c0:db:53:71:b3:aa:1e:43:b4:d4:bd:7b:
33:75:1e:b1:cb:5a:35:8b:f6:e3:f5:7d:4a:19:fc:b9:54:29:
a0:66:e6:51:cd:65:3c:b5:6a:3c:b5:82:9b:23:54:80:00:cf:
b8:e9:7d:39:5f:ee:3e:b6:0e:db:60:63:34:1e:57:49:22:1e:
11:97:e7:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xQ0j6/i7islpsAa1FFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODNiMDJlMTBjYTgyMWJmZTFiZTZlNzUxZDkyY2Y3M2Q2
ZDRjMGIwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGRlZjhiOWNlNTg5NGJhOTZmZWU5ZGQ4YmE3ZGE4MjVlMjMyZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEBmKVyuMCsdh40SZddyfYviEanR
yB7bEW0Wd/s2tcZxuuqEkB1CVebvEV3wTxjCd/a2uYPsbjfQHl+4s5D2uzT0wFN2
fGF1iP8hMqTmgUq/PCF+b1bmeP6ZJ4fsqevyRdM+fEevnx6Xy4LneaJ9g/+zOyNE
l67OtUhuu+hMTMMAeRUvfWRMgd234zjMA2Tg4oJI0+2aqARhpVvHNLrF4AytOtXv
Ir57Rd/m5hXLNfqM8WDbANxA1OGOwVtWWHUXrVZbDM647Q5qE80gKogciF16WjR0
BVbXgAtTl2+m5/OhyvqJQ2mFaqYtNmT6HaH2dEftR80DOjuCdzy4cOCm0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDe+LnOWJS6lv7p3Yun2oJeIy6hMB8GA1UdIwQY
MBaAFBmDsC4QyoIb/hvm51HZLPc9bUwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEt
Y2RhMzYyNTYyOTZjLzEvVU43NHVjNVlsTHFXX3VuZGk2ZmFnbDRqTHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wOTZjMTctZGQ4My00MDU4LTgyZTEtY2RhMzYyNTYyOTZj
LzEvR1lPd0xoREtnaHYtRy1iblVka3M5ejF0VEFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgv3MA0G
CSqGSIb3DQEBCwUAA4IBAQCYPeQWV88oZpWZvHmkxgx0rD2RvZYKf+DsprlaVGj5
2xUQVdw/y61jCxkgB4ExRdw3v3Di0NzSScmS1kBi9nc3YfRV1LS3bSxGngL8fxK6
sgGK+052B1aT5H8hwdlzBEjd/hsl0WlpxFILwcdBuCu0SsP0Zt8UarqmriuEIMfg
j+ojwejHpliOQVxUP1mcnN3OH6YEz0qcJRBKHMzJ4IV6iFThbAeY/6TXzOyefH6H
FRZnX33YJSEMFdnA21Nxs6oeQ7TUvXszdR6xy1o1i/bj9X1KGfy5VCmgZuZRzWU8
tWo8tYKbI1SAAM+46X05X+4+tg7bYGM0HldJIh4Rl+eq
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:51:03 2025 by rpki-client