Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UAoMudnCS87KPRGrqHmK_IDIQBw.roa
File: UAoMudnCS87KPRGrqHmK_IDIQBw.roa (raw, json)
Hash identifier: 5j48C9UdNX7TLQBJ0AuvY/mNWWr3lkem1BfeJQ66o84=
Subject key identifier: 50:0A:0C:B9:D9:C2:4B:CE:CA:3D:11:AB:A8:79:8A:FC:80:C8:40:1C
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 0184C8196E5745041EE09B45F913343B74C2
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UAoMudnCS87KPRGrqHmK_IDIQBw.roa
Signing time: Wed 30 Nov 2022 10:33:40 +0000
ROA not before: Wed 30 Nov 2022 10:33:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25227
IP address blocks: 77.73.129.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:19:6e:57:45:04:1e:e0:9b:45:f9:13:34:3b:74:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Nov 30 10:33:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=500a0cb9d9c24bceca3d11aba8798afc80c8401c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:3b:9b:e4:48:d4:59:7a:46:e4:19:38:a6:
ca:10:4f:cf:e1:75:cf:a1:b1:16:98:75:44:f6:ba:
36:0e:24:27:11:ce:c6:3e:ec:59:d6:a7:20:9f:33:
87:95:ab:b0:e6:20:a1:16:2e:ba:59:67:e2:04:ec:
43:15:8c:77:88:2b:46:99:38:69:a9:e7:cf:fd:8f:
e2:01:a4:1e:91:51:eb:c3:a4:f5:f1:45:af:e9:8f:
49:36:db:3a:74:fa:b7:44:cf:31:62:14:48:5c:2d:
ff:18:bf:d0:45:3d:7e:4b:60:b9:89:54:8b:80:88:
81:ec:2c:41:e7:dd:c6:08:43:ab:93:bd:2b:68:ff:
28:b2:35:81:d4:19:73:c9:2a:e4:1b:81:50:4c:39:
84:f4:d6:71:95:4f:5c:24:2b:77:a3:c9:46:04:37:
d1:81:96:59:b2:2b:a1:9f:81:d2:d7:ff:12:9c:8a:
d7:fd:d2:31:e3:07:96:bc:32:57:5c:a5:ec:30:58:
c0:5a:93:21:5e:3a:3e:6b:35:24:f2:d3:8f:b2:06:
ba:9b:9e:f6:7f:bc:b5:d8:e0:2f:2d:6b:80:66:51:
c6:b2:d3:4c:0b:b3:a0:7b:38:46:1f:08:60:e6:37:
39:88:47:75:8d:a1:50:47:a7:1e:f4:1a:20:a2:cd:
01:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0A:0C:B9:D9:C2:4B:CE:CA:3D:11:AB:A8:79:8A:FC:80:C8:40:1C
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/UAoMudnCS87KPRGrqHmK_IDIQBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:01:4a:5e:21:47:0f:c2:4d:63:0f:d6:eb:23:83:f1:73:ba:
56:e6:50:2c:f6:36:fe:96:f6:fd:64:fa:80:77:80:dd:00:35:
b2:4b:51:00:22:f2:1f:99:59:df:a4:d5:b0:e5:f6:70:1d:7f:
cd:f8:f0:3e:9e:13:57:31:91:91:1d:43:78:a0:22:41:f0:17:
cc:93:bd:ab:4c:2e:07:8b:e9:81:4d:7d:24:7b:bf:82:f8:a8:
cf:7b:de:ac:b6:48:a1:13:d8:e2:a7:52:c3:26:21:7b:39:f8:
48:0c:e0:d7:ad:3d:93:0e:01:2e:a7:29:0a:ab:3e:8a:e3:78:
b0:0a:2d:f5:78:55:41:75:57:9a:f6:5b:57:29:2f:7e:84:a8:
9d:9e:01:44:e5:31:b4:b0:42:a2:79:c8:2e:0f:1e:a3:c4:29:
f4:04:d7:1c:6d:66:a0:48:f9:00:41:67:45:c5:8a:53:46:c2:
34:ef:68:84:11:40:0d:03:01:ce:27:3c:56:8f:bc:77:f3:9f:
36:73:dd:e6:96:30:81:7e:4e:f3:5c:f8:00:0e:56:3e:c8:eb:
a4:45:0c:ec:19:92:aa:79:8d:86:0b:52:e9:90:ec:3c:51:fe:
51:3a:06:a8:1d:17:d4:a9:5a:f3:96:aa:3e:35:8c:bc:42:42:
17:d2:b4:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTIGW5XRQQe4JtF+RM0O3TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjIxMTMwMTAzMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDBhMGNiOWQ5YzI0YmNlY2EzZDExYWJhODc5OGFmYzgwYzg0MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTo7m+RI1Fl6RuQZOKbKEE/P4XXP
obEWmHVE9ro2DiQnEc7GPuxZ1qcgnzOHlauw5iChFi66WWfiBOxDFYx3iCtGmThp
qefP/Y/iAaQekVHrw6T18UWv6Y9JNts6dPq3RM8xYhRIXC3/GL/QRT1+S2C5iVSL
gIiB7CxB593GCEOrk70raP8osjWB1BlzySrkG4FQTDmE9NZxlU9cJCt3o8lGBDfR
gZZZsiuhn4HS1/8SnIrX/dIx4weWvDJXXKXsMFjAWpMhXjo+azUk8tOPsga6m572
f7y12OAvLWuAZlHGstNMC7OgezhGHwhg5jc5iEd1jaFQR6ce9Bogos0B0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAKDLnZwkvOyj0Rq6h5ivyAyEAcMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvVUFvTXVkbkNTODdLUFJHcnFIbUtfSURJUUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmBMA0G
CSqGSIb3DQEBCwUAA4IBAQCcAUpeIUcPwk1jD9brI4Pxc7pW5lAs9jb+lvb9ZPqA
d4DdADWyS1EAIvIfmVnfpNWw5fZwHX/N+PA+nhNXMZGRHUN4oCJB8BfMk72rTC4H
i+mBTX0ke7+C+KjPe96stkihE9jip1LDJiF7OfhIDODXrT2TDgEupykKqz6K43iw
Ci31eFVBdVea9ltXKS9+hKidngFE5TG0sEKiecguDx6jxCn0BNccbWagSPkAQWdF
xYpTRsI072iEEUANAwHOJzxWj7x38582c93mljCBfk7zXPgADlY+yOukRQzsGZKq
eY2GC1LpkOw8Uf5ROgaoHRfUqVrzlqo+NYy8QkIX0rS1
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:27:28 2025 by rpki-client