Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fc1adc-ccd8-4aa6-b54d-04d362a2858d/1/ukp1qSkbacWgh99iGDLbhVTGpfE.roa
File: ukp1qSkbacWgh99iGDLbhVTGpfE.roa (raw, json)
Hash identifier: VZyI94Eyjd6/U3vi8uEiKE4SlR4D8n4H4v7qeg38d2M=
Subject key identifier: BA:4A:75:A9:29:1B:69:C5:A0:87:DF:62:18:32:DB:85:54:C6:A5:F1
Certificate issuer: /CN=4a6f1e01af24d792497d77ed1f7990ae3a61290d
Certificate serial: 01942444B3ACF824465EB577C2D5BD9D8329
Authority key identifier: 4A:6F:1E:01:AF:24:D7:92:49:7D:77:ED:1F:79:90:AE:3A:61:29:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm8eAa8k15JJfXftH3mQrjphKQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/fc1adc-ccd8-4aa6-b54d-04d362a2858d/1/ukp1qSkbacWgh99iGDLbhVTGpfE.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197895
IP address blocks: 91.228.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b3:ac:f8:24:46:5e:b5:77:c2:d5:bd:9d:83:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6f1e01af24d792497d77ed1f7990ae3a61290d
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba4a75a9291b69c5a087df621832db8554c6a5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:70:99:a4:2d:f2:d1:cf:91:92:f5:8f:9a:f7:
74:43:22:97:00:7f:23:18:10:f7:03:c3:ea:15:fb:
64:04:5d:47:55:b6:ae:b0:71:36:5c:f7:76:79:24:
eb:26:52:41:5d:8e:3a:fe:f9:5e:f7:35:d1:4b:4a:
b0:91:d1:f9:0c:19:d3:bb:6c:3c:92:44:53:20:36:
6b:32:94:45:c3:4e:2f:5a:c7:98:1a:b1:ee:e0:a8:
76:f8:06:b3:a1:52:bf:f3:6d:97:1a:0d:3c:44:c4:
59:98:8c:38:6a:58:b6:6c:13:46:5d:12:94:4e:19:
75:4c:4e:05:0b:cf:d2:80:30:fe:7c:e4:60:92:58:
61:bb:62:24:92:0c:7b:a5:bb:8f:66:e1:c3:7f:f9:
3c:82:20:67:4f:9f:ab:4e:ee:e1:96:79:67:4d:3d:
97:b9:4e:2b:46:df:d5:26:d2:bd:64:98:2c:3b:50:
c5:67:c0:4b:79:47:28:c1:02:44:6e:2e:cf:ff:b2:
35:31:c3:f3:b2:47:3e:9e:e1:42:e5:f6:10:c0:0a:
2d:ab:eb:08:16:12:0e:00:00:56:0e:f0:46:4a:57:
97:4d:f6:a1:13:fa:51:a2:9a:c6:aa:e0:2f:aa:b5:
62:10:a2:ee:75:7d:85:4a:a5:27:de:62:ec:3b:6b:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:4A:75:A9:29:1B:69:C5:A0:87:DF:62:18:32:DB:85:54:C6:A5:F1
X509v3 Authority Key Identifier:
keyid:4A:6F:1E:01:AF:24:D7:92:49:7D:77:ED:1F:79:90:AE:3A:61:29:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm8eAa8k15JJfXftH3mQrjphKQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fc1adc-ccd8-4aa6-b54d-04d362a2858d/1/ukp1qSkbacWgh99iGDLbhVTGpfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fc1adc-ccd8-4aa6-b54d-04d362a2858d/1/Sm8eAa8k15JJfXftH3mQrjphKQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.44.0/22
Signature Algorithm: sha256WithRSAEncryption
32:55:46:6d:b6:31:a7:c8:57:58:17:62:f9:97:f3:ea:ff:5a:
ed:0a:05:c6:8f:56:d1:16:da:61:0d:8b:99:97:71:17:e5:cc:
c9:c4:9f:b5:29:70:1f:51:5e:73:6e:04:25:8f:4e:8b:4e:76:
a0:aa:22:21:6f:55:de:34:7a:58:eb:07:45:ec:c2:a4:fc:cb:
72:1a:c5:62:1e:22:dd:cd:2f:ef:48:f0:77:fc:05:9d:da:e8:
13:30:75:e2:66:4c:34:f3:52:f6:1a:8c:2f:2c:58:7e:6a:bf:
e1:b6:ea:87:bd:e5:fd:94:3c:76:52:d0:4b:28:6b:cf:12:3e:
bb:0c:6c:ef:45:62:86:74:84:76:09:ff:6b:96:be:2c:30:b2:
7d:44:84:00:20:ce:ba:3e:85:02:99:7c:98:91:a4:85:6e:54:
75:79:4e:b1:41:b8:e9:b3:6a:7b:f1:da:64:e9:58:fb:03:41:
d1:ad:13:90:98:84:11:f7:2e:c2:b5:0b:a1:fd:33:db:1b:09:
1e:86:15:df:00:f0:d6:49:1d:52:87:90:b6:31:1c:aa:7c:20:
64:68:62:30:c9:32:d5:3e:24:af:3d:f1:fd:75:64:ef:22:57:
43:d4:7a:26:ba:51:2f:15:3e:1e:04:a7:0d:73:10:8f:bc:21:
72:b8:ac:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLOs+CRGXrV3wtW9nYMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmYxZTAxYWYyNGQ3OTI0OTdkNzdlZDFmNzk5MGFlM2E2
MTI5MGQwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTRhNzVhOTI5MWI2OWM1YTA4N2RmNjIxODMyZGI4NTU0YzZhNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnCZpC3y0c+RkvWPmvd0QyKXAH8j
GBD3A8PqFftkBF1HVbausHE2XPd2eSTrJlJBXY46/vle9zXRS0qwkdH5DBnTu2w8
kkRTIDZrMpRFw04vWseYGrHu4Kh2+AazoVK/822XGg08RMRZmIw4ali2bBNGXRKU
Thl1TE4FC8/SgDD+fORgklhhu2Ikkgx7pbuPZuHDf/k8giBnT5+rTu7hlnlnTT2X
uU4rRt/VJtK9ZJgsO1DFZ8BLeUcowQJEbi7P/7I1McPzskc+nuFC5fYQwAotq+sI
FhIOAABWDvBGSleXTfahE/pRoprGquAvqrViEKLudX2FSqUn3mLsO2ubPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpKdakpG2nFoIffYhgy24VUxqXxMB8GA1UdIwQY
MBaAFEpvHgGvJNeSSX137R95kK46YSkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU204ZUFhOGsxNUpKZlhmdEgzbVFyanBoS1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mYzFhZGMtY2NkOC00YWE2LWI1NGQt
MDRkMzYyYTI4NThkLzEvdWtwMXFTa2JhY1dnaDk5aUdETGJoVlRHcGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mYzFhZGMtY2NkOC00YWE2LWI1NGQtMDRkMzYyYTI4NThk
LzEvU204ZUFhOGsxNUpKZlhmdEgzbVFyanBoS1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+QsMA0G
CSqGSIb3DQEBCwUAA4IBAQAyVUZttjGnyFdYF2L5l/Pq/1rtCgXGj1bRFtphDYuZ
l3EX5czJxJ+1KXAfUV5zbgQlj06LTnagqiIhb1XeNHpY6wdF7MKk/MtyGsViHiLd
zS/vSPB3/AWd2ugTMHXiZkw081L2GowvLFh+ar/htuqHveX9lDx2UtBLKGvPEj67
DGzvRWKGdIR2Cf9rlr4sMLJ9RIQAIM66PoUCmXyYkaSFblR1eU6xQbjps2p78dpk
6Vj7A0HRrROQmIQR9y7CtQuh/TPbGwkehhXfAPDWSR1Sh5C2MRyqfCBkaGIwyTLV
PiSvPfH9dWTvIldD1HomulEvFT4eBKcNcxCPvCFyuKwV
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:38:07 2025 by rpki-client