Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/29a016-f614-4bc3-9362-5ee30989b6eb/1/UN9vSirRPlkQNZSLz6S-4q_0hgc.roa
File: UN9vSirRPlkQNZSLz6S-4q_0hgc.roa (raw, json)
Hash identifier: k4buypy7OfYmZUOCVpHMcT9rXbCNMeWUDz6Gb5HIJ4A=
Subject key identifier: 50:DF:6F:4A:2A:D1:3E:59:10:35:94:8B:CF:A4:BE:E2:AF:F4:86:07
Certificate issuer: /CN=ef738909f94d9968436bb4e09a2d47cc7901733c
Certificate serial: 018CC8DF87D37FE7A91B4931EF380351D29B
Authority key identifier: EF:73:89:09:F9:4D:99:68:43:6B:B4:E0:9A:2D:47:CC:79:01:73:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73OJCflNmWhDa7Tgmi1HzHkBczw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/29a016-f614-4bc3-9362-5ee30989b6eb/1/UN9vSirRPlkQNZSLz6S-4q_0hgc.roa
Signing time: Tue 02 Jan 2024 06:32:21 +0000
ROA not before: Tue 02 Jan 2024 06:32:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 185.237.185.0/24 maxlen: 24
185.255.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:87:d3:7f:e7:a9:1b:49:31:ef:38:03:51:d2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef738909f94d9968436bb4e09a2d47cc7901733c
Validity
Not Before: Jan 2 06:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50df6f4a2ad13e591035948bcfa4bee2aff48607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d6:ec:c2:6a:9d:8b:08:d4:83:86:c0:eb:ad:
4d:49:bf:a8:d7:48:a1:bf:ae:3e:42:68:79:b0:2c:
7f:20:45:12:1e:b1:a6:ce:f4:3c:a7:41:78:58:d2:
ed:95:9c:6a:cc:0f:46:ed:e3:99:c0:e1:93:68:31:
72:cf:57:1d:aa:26:ce:a3:6f:03:70:b9:83:b7:9b:
09:47:10:f5:60:d5:c4:15:93:a4:1f:1c:2f:73:0f:
e7:19:e4:49:01:ce:bd:ce:8a:3a:30:a5:40:b9:0d:
04:95:d9:21:c7:25:b5:c9:70:5e:a6:a3:e6:a0:8d:
9e:d7:e9:fc:99:2a:bc:e0:58:62:c7:75:b4:d7:2f:
94:ef:0c:26:8c:3d:db:43:f9:fe:ff:e1:fe:d2:da:
1a:f7:9e:1f:ab:e7:c3:b9:f4:3a:fc:10:43:be:d6:
17:7f:c5:72:55:ae:1a:23:45:f6:f0:5e:23:26:1a:
bd:13:73:46:a2:fe:93:77:b7:0d:f2:82:8f:72:f7:
05:bc:1e:aa:5c:51:0b:23:0b:f0:55:a5:e7:9c:4f:
c0:ac:28:97:65:bb:e2:23:20:b8:d6:5f:b1:57:9b:
a6:04:1a:e0:31:38:a9:66:ab:48:f3:f6:fd:50:3b:
28:9f:b0:20:6c:01:4f:e7:28:02:12:41:36:f4:6d:
12:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DF:6F:4A:2A:D1:3E:59:10:35:94:8B:CF:A4:BE:E2:AF:F4:86:07
X509v3 Authority Key Identifier:
keyid:EF:73:89:09:F9:4D:99:68:43:6B:B4:E0:9A:2D:47:CC:79:01:73:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73OJCflNmWhDa7Tgmi1HzHkBczw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/29a016-f614-4bc3-9362-5ee30989b6eb/1/UN9vSirRPlkQNZSLz6S-4q_0hgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/29a016-f614-4bc3-9362-5ee30989b6eb/1/73OJCflNmWhDa7Tgmi1HzHkBczw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.185.0/24
185.255.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:70:81:21:3c:a1:82:07:b4:29:e1:f0:49:b7:4f:89:a9:bc:
4c:0e:da:04:54:6a:5d:66:ef:68:c1:72:c3:d7:19:ae:75:7e:
08:8e:60:38:bf:b2:ae:20:8d:86:72:24:ec:f6:f3:55:6c:58:
82:9b:1e:e6:49:02:b7:4d:61:75:92:26:fe:df:66:9f:c7:7e:
f5:e9:38:b2:c6:28:3d:dc:d2:0c:ae:bf:ad:88:91:fc:36:67:
f7:cb:0b:2b:15:6a:a9:4e:49:2d:3e:99:56:9c:f2:63:43:a2:
e7:5e:16:88:2b:f3:6e:c0:d8:31:e0:b4:39:ad:d2:dd:5b:fd:
8c:43:62:b4:f7:c7:b0:34:22:ee:cc:23:76:6b:d0:34:7b:03:
f7:98:3e:f4:0c:a1:30:24:f5:78:5e:b9:a3:85:a3:c1:d1:58:
22:b1:58:b3:02:78:22:89:2c:f4:76:78:2b:b1:b3:17:cc:48:
7d:66:6f:0d:3d:05:9a:af:2c:74:37:e9:bb:85:11:1e:29:77:
83:ed:68:21:6c:14:ef:e9:17:fa:28:05:8e:ff:19:b1:33:89:
b8:d5:98:55:26:c4:1f:a3:46:1f:8c:ca:1b:60:27:99:43:81:
dd:68:7d:62:6f:b7:56:a6:22:08:43:10:6c:2f:0d:7e:73:21:
17:86:81:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI34fTf+epG0kx7zgDUdKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNzM4OTA5Zjk0ZDk5Njg0MzZiYjRlMDlhMmQ0N2NjNzkw
MTczM2MwHhcNMjQwMTAyMDYzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGRmNmY0YTJhZDEzZTU5MTAzNTk0OGJjZmE0YmVlMmFmZjQ4NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NbswmqdiwjUg4bA661NSb+o10ih
v64+Qmh5sCx/IEUSHrGmzvQ8p0F4WNLtlZxqzA9G7eOZwOGTaDFyz1cdqibOo28D
cLmDt5sJRxD1YNXEFZOkHxwvcw/nGeRJAc69zoo6MKVAuQ0EldkhxyW1yXBepqPm
oI2e1+n8mSq84Fhix3W01y+U7wwmjD3bQ/n+/+H+0toa954fq+fDufQ6/BBDvtYX
f8VyVa4aI0X28F4jJhq9E3NGov6Td7cN8oKPcvcFvB6qXFELIwvwVaXnnE/ArCiX
ZbviIyC41l+xV5umBBrgMTipZqtI8/b9UDson7AgbAFP5ygCEkE29G0SPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDfb0oq0T5ZEDWUi8+kvuKv9IYHMB8GA1UdIwQY
MBaAFO9ziQn5TZloQ2u04JotR8x5AXM8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNPSkNmbE5tV2hEYTdUZ21pMUh6SGtCY3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yOWEwMTYtZjYxNC00YmMzLTkzNjIt
NWVlMzA5ODliNmViLzEvVU45dlNpclJQbGtRTlpTTHo2Uy00cV8waGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yOWEwMTYtZjYxNC00YmMzLTkzNjItNWVlMzA5ODliNmVi
LzEvNzNPSkNmbE5tV2hEYTdUZ21pMUh6SGtCY3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue25AwQA
uf97MA0GCSqGSIb3DQEBCwUAA4IBAQCgcIEhPKGCB7Qp4fBJt0+JqbxMDtoEVGpd
Zu9owXLD1xmudX4IjmA4v7KuII2GciTs9vNVbFiCmx7mSQK3TWF1kib+32afx371
6Tiyxig93NIMrr+tiJH8Nmf3ywsrFWqpTkktPplWnPJjQ6LnXhaIK/NuwNgx4LQ5
rdLdW/2MQ2K098ewNCLuzCN2a9A0ewP3mD70DKEwJPV4XrmjhaPB0VgisVizAngi
iSz0dngrsbMXzEh9Zm8NPQWaryx0N+m7hREeKXeD7WghbBTv6Rf6KAWO/xmxM4m4
1ZhVJsQfo0YfjMobYCeZQ4HdaH1ib7dWpiIIQxBsLw1+cyEXhoHc
-----END CERTIFICATE-----
Generated at Wed Feb 7 11:48:33 2024 by rpki-client on console-fra.rpki-client.org