Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/bb6001-402e-43b7-b794-c6150b8f2489/1/UJzI2acH31F1ALTqoeowuk0inp4.roa
File: UJzI2acH31F1ALTqoeowuk0inp4.roa (raw, json)
Hash identifier: 2FCeTNSdU7CMfmlvFZty7KlsOCYNFIZEOYTzbcoZwEI=
Subject key identifier: 50:9C:C8:D9:A7:07:DF:51:75:00:B4:EA:A1:EA:30:BA:4D:22:9E:9E
Certificate issuer: /CN=619429d3c447e4301a9a411440aa9a164f0cba47
Certificate serial: 018570B97BC0ED882D7215AC5DBCD8DE883A
Authority key identifier: 61:94:29:D3:C4:47:E4:30:1A:9A:41:14:40:AA:9A:16:4F:0C:BA:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YZQp08RH5DAamkEUQKqaFk8Mukc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/bb6001-402e-43b7-b794-c6150b8f2489/1/UJzI2acH31F1ALTqoeowuk0inp4.roa
Signing time: Mon 02 Jan 2023 04:24:41 +0000
ROA not before: Mon 02 Jan 2023 04:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43414
IP address blocks: 91.198.170.0/23 maxlen: 23
91.199.184.0/23 maxlen: 23
2a0f:8f80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7b:c0:ed:88:2d:72:15:ac:5d:bc:d8:de:88:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=619429d3c447e4301a9a411440aa9a164f0cba47
Validity
Not Before: Jan 2 04:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=509cc8d9a707df517500b4eaa1ea30ba4d229e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:0b:7e:f7:28:2b:2f:45:c8:eb:7e:7c:37:
a3:93:76:34:87:46:a2:3f:3f:15:c8:0f:43:d2:1f:
b9:64:e0:90:f9:f7:be:25:be:b0:3d:33:f4:9c:b7:
64:eb:61:7d:25:06:2b:d4:15:ba:8c:49:12:6b:03:
11:16:dd:dd:bd:37:5b:28:b1:ef:0a:11:f3:a9:ea:
1f:7d:d1:09:63:c2:a4:d0:66:25:9c:ae:64:49:4a:
5d:af:e6:eb:6a:9a:e3:93:06:53:67:74:49:9d:45:
f7:44:12:64:86:f0:77:5f:67:3a:94:5e:2f:05:05:
ed:d6:d0:f8:38:c3:cd:03:81:21:b1:8e:9a:1a:f7:
01:5a:95:49:ee:12:fb:03:50:f0:9d:cb:20:c9:70:
17:5d:d3:1f:43:47:2c:a2:be:73:a3:8e:0e:cb:58:
8e:b8:a8:08:1b:af:d0:57:e7:91:c1:4f:d3:7f:f2:
ed:d9:94:68:99:6e:68:40:ca:82:16:0c:ae:c3:7b:
b3:66:89:d5:89:8a:5c:df:95:0e:ac:a3:86:5b:f6:
ef:da:8a:c1:71:c9:82:90:b2:02:4e:27:0d:00:24:
ad:2f:48:d5:90:45:1f:3c:d9:61:07:53:5e:47:59:
19:fe:3b:61:fe:ef:b7:cd:2b:a6:6f:3b:68:dd:a1:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9C:C8:D9:A7:07:DF:51:75:00:B4:EA:A1:EA:30:BA:4D:22:9E:9E
X509v3 Authority Key Identifier:
keyid:61:94:29:D3:C4:47:E4:30:1A:9A:41:14:40:AA:9A:16:4F:0C:BA:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YZQp08RH5DAamkEUQKqaFk8Mukc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/bb6001-402e-43b7-b794-c6150b8f2489/1/UJzI2acH31F1ALTqoeowuk0inp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/bb6001-402e-43b7-b794-c6150b8f2489/1/YZQp08RH5DAamkEUQKqaFk8Mukc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
91.199.184.0/23
IPv6:
2a0f:8f80::/29
Signature Algorithm: sha256WithRSAEncryption
08:b9:f2:03:ae:92:c3:36:75:13:66:b5:4d:4f:74:25:6a:21:
e4:0e:99:27:9f:c3:fd:a5:42:f4:41:68:ac:1a:fb:23:e6:43:
11:aa:e9:90:d3:de:6f:97:ed:da:0c:77:57:fc:52:1b:67:89:
2f:6f:fd:47:53:1d:2e:09:4e:74:5c:f3:aa:9d:e5:eb:bd:90:
35:86:bf:f3:6e:bf:6b:39:1c:d0:67:9e:91:fa:e9:52:95:bf:
04:28:10:91:37:7a:ed:af:ed:57:01:df:0f:2c:0a:02:05:a8:
b5:e7:87:d9:a8:e8:69:41:a2:46:9c:a2:60:a6:5e:c5:d9:a7:
77:22:be:c8:d2:07:ad:fd:c5:b6:bb:3a:a5:e2:83:9d:69:8f:
11:8c:64:f5:12:0b:81:49:e4:d5:bb:bb:54:e8:b2:80:c5:23:
a4:d8:8f:17:74:c0:0c:78:44:f3:29:81:a5:aa:96:f5:4c:da:
d4:df:73:10:d8:a2:df:22:30:43:12:54:f3:a9:77:3b:38:bb:
ab:f1:15:0c:46:87:d8:d4:40:3f:3a:1d:06:a0:02:c6:60:50:
e7:9e:3a:eb:cb:e6:80:2a:25:0a:48:ea:f7:af:3f:1a:fc:3a:
90:79:4c:d9:8e:1e:6d:11:21:9f:df:e0:cc:ea:e4:3c:77:66:
98:cf:72:91
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwuXvA7YgtchWsXbzY3og6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOTQyOWQzYzQ0N2U0MzAxYTlhNDExNDQwYWE5YTE2NGYw
Y2JhNDcwHhcNMjMwMTAyMDQyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDljYzhkOWE3MDdkZjUxNzUwMGI0ZWFhMWVhMzBiYTRkMjI5ZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss0LfvcoKy9FyOt+fDejk3Y0h0ai
Pz8VyA9D0h+5ZOCQ+fe+Jb6wPTP0nLdk62F9JQYr1BW6jEkSawMRFt3dvTdbKLHv
ChHzqeoffdEJY8Kk0GYlnK5kSUpdr+braprjkwZTZ3RJnUX3RBJkhvB3X2c6lF4v
BQXt1tD4OMPNA4EhsY6aGvcBWpVJ7hL7A1DwncsgyXAXXdMfQ0csor5zo44Oy1iO
uKgIG6/QV+eRwU/Tf/Lt2ZRomW5oQMqCFgyuw3uzZonViYpc35UOrKOGW/bv2orB
ccmCkLICTicNACStL0jVkEUfPNlhB1NeR1kZ/jth/u+3zSumbzto3aHiAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFCcyNmnB99RdQC06qHqMLpNIp6eMB8GA1UdIwQY
MBaAFGGUKdPER+QwGppBFECqmhZPDLpHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVpRcDA4Ukg1REFhbWtFVVFLcWFGazhNdWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iYjYwMDEtNDAyZS00M2I3LWI3OTQt
YzYxNTBiOGYyNDg5LzEvVUp6STJhY0gzMUYxQUxUcW9lb3d1azBpbnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iYjYwMDEtNDAyZS00M2I3LWI3OTQtYzYxNTBiOGYyNDg5
LzEvWVpRcDA4Ukg1REFhbWtFVVFLcWFGazhNdWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8aqAwQB
W8e4MA0EAgACMAcDBQMqD4+AMA0GCSqGSIb3DQEBCwUAA4IBAQAIufIDrpLDNnUT
ZrVNT3QlaiHkDpknn8P9pUL0QWisGvsj5kMRqumQ095vl+3aDHdX/FIbZ4kvb/1H
Ux0uCU50XPOqneXrvZA1hr/zbr9rORzQZ56R+ulSlb8EKBCRN3rtr+1XAd8PLAoC
Bai154fZqOhpQaJGnKJgpl7F2ad3Ir7I0get/cW2uzql4oOdaY8RjGT1EguBSeTV
u7tU6LKAxSOk2I8XdMAMeETzKYGlqpb1TNrU33MQ2KLfIjBDElTzqXc7OLur8RUM
RofY1EA/Oh0GoALGYFDnnjrry+aAKiUKSOr3rz8a/DqQeUzZjh5tESGf3+DM6uQ8
d2aYz3KR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:06 2025 by rpki-client