Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/27cf00-a8bd-4108-a56a-76a09215f9e9/1/UYU6nWbasUNTNvYQPHOhE3QLEik.roa
File: UYU6nWbasUNTNvYQPHOhE3QLEik.roa (raw, json)
Hash identifier: rw6/n/45cyWg3IF91fNTO+dBAGPHknMZlYkTBn1++q4=
Subject key identifier: 51:85:3A:9D:66:DA:B1:43:53:36:F6:10:3C:73:A1:13:74:0B:12:29
Certificate issuer: /CN=3e8712f7be8cb487783fc0a69b01b7dbe8729e71
Certificate serial: 01856D2F5A89AE7C2AE12634D25F73A566D9
Authority key identifier: 3E:87:12:F7:BE:8C:B4:87:78:3F:C0:A6:9B:01:B7:DB:E8:72:9E:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocS976MtId4P8CmmwG32-hynnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/27cf00-a8bd-4108-a56a-76a09215f9e9/1/UYU6nWbasUNTNvYQPHOhE3QLEik.roa
Signing time: Sun 01 Jan 2023 11:54:57 +0000
ROA not before: Sun 01 Jan 2023 11:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34412
IP address blocks: 91.246.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:5a:89:ae:7c:2a:e1:26:34:d2:5f:73:a5:66:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e8712f7be8cb487783fc0a69b01b7dbe8729e71
Validity
Not Before: Jan 1 11:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51853a9d66dab1435336f6103c73a113740b1229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f2:40:bd:80:7a:7b:93:50:a8:1a:41:be:64:
e9:ef:88:41:81:d4:fd:75:6e:36:65:3b:b5:b4:a7:
d5:11:53:87:41:0d:ad:ba:d4:f9:ba:a5:06:e0:7a:
f4:9b:bc:cc:ae:dc:79:7a:11:6d:1c:93:3c:17:26:
8f:1a:c9:32:57:cf:01:fa:5c:a9:29:7e:4e:ac:14:
80:8f:cb:13:06:cd:93:87:74:e5:e5:43:53:ea:cd:
17:a2:86:a9:43:f6:f2:41:04:13:c3:bc:b8:c2:4c:
1e:1d:ee:24:01:95:a9:bc:19:d8:0d:64:7a:35:82:
7d:85:9c:89:8d:41:e1:f1:e4:23:7b:a9:53:48:f9:
00:6b:39:e0:c7:71:e4:35:84:d9:70:09:0e:b3:9f:
10:55:2c:af:b0:53:b1:fa:d4:0b:d9:6d:3c:11:af:
f9:10:e1:9e:f4:4c:48:52:be:b6:18:ec:42:80:fb:
fd:c4:69:13:c8:aa:f3:cd:a4:c7:ce:43:28:06:f9:
d9:c5:ef:19:60:3c:30:3b:99:ca:bb:2d:05:37:29:
e3:20:2e:03:5f:5c:67:aa:46:cb:bc:70:84:39:c8:
c2:a2:89:06:86:58:fa:79:4e:f0:3c:38:94:77:8d:
98:81:66:16:c7:a7:1b:98:f3:c4:09:97:4a:ea:63:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:85:3A:9D:66:DA:B1:43:53:36:F6:10:3C:73:A1:13:74:0B:12:29
X509v3 Authority Key Identifier:
keyid:3E:87:12:F7:BE:8C:B4:87:78:3F:C0:A6:9B:01:B7:DB:E8:72:9E:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocS976MtId4P8CmmwG32-hynnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/27cf00-a8bd-4108-a56a-76a09215f9e9/1/UYU6nWbasUNTNvYQPHOhE3QLEik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/27cf00-a8bd-4108-a56a-76a09215f9e9/1/PocS976MtId4P8CmmwG32-hynnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.44.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:1c:0a:2f:7b:d9:5f:ce:45:03:d7:be:11:97:b1:ff:3b:f3:
89:dc:ec:14:70:03:90:8c:5e:7a:ed:7b:be:14:ac:15:77:d3:
0d:e8:85:e6:16:4e:26:00:4f:9a:7f:4c:dc:3a:bd:61:67:4b:
2e:de:46:ec:d8:ab:76:5f:2f:c3:cd:cc:9a:0f:9b:82:27:94:
e5:c0:57:76:73:6b:3d:69:66:dc:fc:0c:9c:0a:0d:7c:63:9d:
e4:86:22:f4:1a:1e:8d:88:a3:89:02:02:6d:0e:26:0d:7c:dd:
5b:90:19:b0:f4:1d:02:e8:09:8a:d3:00:b7:0d:21:8e:bc:2e:
f4:98:45:be:20:15:4d:ff:4d:8e:aa:19:76:e8:ca:d3:4d:a8:
c1:4f:e1:6b:1f:a6:93:1f:cc:f4:5c:f3:69:22:30:a6:e5:ed:
2f:11:32:b1:77:7b:f7:5f:18:b6:15:a3:63:12:23:b9:15:f1:
b0:e5:5f:a7:e0:a4:03:bc:cd:a1:02:13:4e:86:cd:60:94:1d:
c4:b1:b6:81:f4:71:6e:c3:eb:99:af:27:a9:bc:bf:e8:e6:fc:
96:d8:c3:ad:88:36:52:f3:1d:46:2f:68:8f:12:9a:22:c6:bb:
df:02:37:d4:2f:14:2f:2b:69:33:db:cc:d1:ba:e3:b0:ff:0f:
a5:7c:40:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtL1qJrnwq4SY00l9zpWbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlODcxMmY3YmU4Y2I0ODc3ODNmYzBhNjliMDFiN2RiZTg3
MjllNzEwHhcNMjMwMTAxMTE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTg1M2E5ZDY2ZGFiMTQzNTMzNmY2MTAzYzczYTExMzc0MGIxMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPJAvYB6e5NQqBpBvmTp74hBgdT9
dW42ZTu1tKfVEVOHQQ2tutT5uqUG4Hr0m7zMrtx5ehFtHJM8FyaPGskyV88B+lyp
KX5OrBSAj8sTBs2Th3Tl5UNT6s0XooapQ/byQQQTw7y4wkweHe4kAZWpvBnYDWR6
NYJ9hZyJjUHh8eQje6lTSPkAazngx3HkNYTZcAkOs58QVSyvsFOx+tQL2W08Ea/5
EOGe9ExIUr62GOxCgPv9xGkTyKrzzaTHzkMoBvnZxe8ZYDwwO5nKuy0FNynjIC4D
X1xnqkbLvHCEOcjCookGhlj6eU7wPDiUd42YgWYWx6cbmPPECZdK6mO5iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGFOp1m2rFDUzb2EDxzoRN0CxIpMB8GA1UdIwQY
MBaAFD6HEve+jLSHeD/AppsBt9vocp5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG9jUzk3Nk10SWQ0UDhDbW13RzMyLWh5bm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yN2NmMDAtYThiZC00MTA4LWE1NmEt
NzZhMDkyMTVmOWU5LzEvVVlVNm5XYmFzVU5UTnZZUVBIT2hFM1FMRWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yN2NmMDAtYThiZC00MTA4LWE1NmEtNzZhMDkyMTVmOWU5
LzEvUG9jUzk3Nk10SWQ0UDhDbW13RzMyLWh5bm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YsMA0G
CSqGSIb3DQEBCwUAA4IBAQCOHAove9lfzkUD174Rl7H/O/OJ3OwUcAOQjF567Xu+
FKwVd9MN6IXmFk4mAE+af0zcOr1hZ0su3kbs2Kt2Xy/DzcyaD5uCJ5TlwFd2c2s9
aWbc/AycCg18Y53khiL0Gh6NiKOJAgJtDiYNfN1bkBmw9B0C6AmK0wC3DSGOvC70
mEW+IBVN/02Oqhl26MrTTajBT+FrH6aTH8z0XPNpIjCm5e0vETKxd3v3Xxi2FaNj
EiO5FfGw5V+n4KQDvM2hAhNOhs1glB3EsbaB9HFuw+uZryepvL/o5vyW2MOtiDZS
8x1GL2iPEpoixrvfAjfULxQvK2kz28zRuuOw/w+lfEDE
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:10 2025 by rpki-client