Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/UBg5H2PYYwmFwtuuB5TxJD258zc.roa
File: UBg5H2PYYwmFwtuuB5TxJD258zc.roa (raw, json)
Hash identifier: mETMUQGm3Ge4vPrABQSGfrYWzYlfLqVqloDe3yUr+lM=
Subject key identifier: 50:18:39:1F:63:D8:63:09:85:C2:DB:AE:07:94:F1:24:3D:B9:F3:37
Certificate issuer: /CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Certificate serial: 019425222CFC53754912374CB0A27CD10F77
Authority key identifier: EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/UBg5H2PYYwmFwtuuB5TxJD258zc.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206314
IP address blocks: 91.238.172.0/22 maxlen: 22
91.241.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2c:fc:53:75:49:12:37:4c:b0:a2:7c:d1:0f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2c4ea79ddb7b003de01f1d05f6dbf716b11336
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5018391f63d8630985c2dbae0794f1243db9f337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:65:7b:41:81:8f:4a:44:79:10:b3:a8:f0:
c8:48:ba:48:ca:59:d9:ee:e7:93:a0:5a:20:04:dd:
d0:82:34:3f:29:66:2a:f2:41:21:c1:1b:34:ce:13:
1a:78:64:7b:c6:3f:3d:ff:68:41:9f:db:f0:2f:c1:
8f:8e:11:0b:62:37:b9:37:b3:b7:01:e9:de:8c:00:
9b:af:2e:a1:c6:c7:65:92:a4:cb:47:c9:e5:06:11:
dc:98:08:e4:42:a9:8f:92:4c:b9:02:70:39:c3:5e:
af:95:2f:5d:df:8e:ca:d8:6f:89:b2:36:62:eb:16:
aa:18:19:f0:f7:68:c2:b6:1b:96:9c:37:29:d0:f5:
c3:e9:98:3a:13:3a:32:95:bc:ea:6f:d9:29:ed:07:
61:c4:82:d1:fc:af:d2:d4:13:7a:93:f0:c9:ff:6d:
e4:85:86:5e:ec:88:d7:c6:f4:35:40:43:5e:a8:81:
45:42:37:b0:65:a5:47:64:3a:3b:c4:ef:1b:d7:25:
ac:2d:39:c9:88:f7:7f:0b:c2:0b:6a:0d:dd:43:d2:
60:1f:03:db:a1:c4:ad:99:52:2f:a0:9d:2e:00:ea:
46:d6:73:cf:f8:a7:e9:48:56:35:20:ed:ed:03:4c:
f4:8a:c7:51:ce:b3:e4:67:2b:bc:1d:bf:84:c9:75:
6b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:18:39:1F:63:D8:63:09:85:C2:DB:AE:07:94:F1:24:3D:B9:F3:37
X509v3 Authority Key Identifier:
keyid:EA:2C:4E:A7:9D:DB:7B:00:3D:E0:1F:1D:05:F6:DB:F7:16:B1:13:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ixOp53bewA94B8dBfbb9xaxEzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/UBg5H2PYYwmFwtuuB5TxJD258zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8e7e1d-158f-4c6e-aba3-39f13e76afa3/1/6ixOp53bewA94B8dBfbb9xaxEzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.172.0/22
91.241.24.0/22
Signature Algorithm: sha256WithRSAEncryption
11:2b:0d:5a:91:37:58:2c:ee:7d:c3:e2:dd:e7:4c:1d:9d:3e:
d5:ef:99:c3:bd:83:f7:ef:ac:88:94:16:62:0e:03:ba:5a:c0:
22:53:94:ab:a2:f0:19:d9:5c:c0:b4:9a:7e:9f:5d:e4:7c:8e:
18:61:62:76:5a:a3:49:c8:d3:56:fd:b2:7f:36:60:5d:c3:20:
fd:db:64:28:b4:cc:7b:14:9c:df:fd:ee:2f:b3:c5:34:6d:34:
a3:d9:0f:52:16:b4:f1:c8:0d:66:61:9a:7c:a7:31:3c:03:51:
f2:27:f1:53:16:be:b2:40:a7:2a:1d:50:79:c6:e8:dd:d5:e9:
07:bf:32:38:0e:89:40:a5:53:ae:ba:08:5c:cc:c3:8a:d1:55:
76:49:e6:71:4b:cb:25:19:92:82:3a:57:4b:f2:db:48:c2:55:
0f:b4:57:22:51:ec:07:0a:58:84:27:28:93:4e:9f:12:07:a5:
91:c7:fd:f3:ef:2d:9d:8f:e2:4d:ba:98:38:01:ca:22:20:9c:
2a:fe:d9:3b:88:94:c1:48:e7:dd:13:6c:c6:5f:65:96:ba:4d:
8c:9b:79:74:8b:7e:67:db:05:6a:74:22:f5:23:68:70:75:4d:
8f:cc:bd:f1:1e:fd:57:3c:dc:a0:22:b4:d0:c3:b3:e2:ee:44:
96:25:08:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIiz8U3VJEjdMsKJ80Q93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmM0ZWE3OWRkYjdiMDAzZGUwMWYxZDA1ZjZkYmY3MTZi
MTEzMzYwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDE4MzkxZjYzZDg2MzA5ODVjMmRiYWUwNzk0ZjEyNDNkYjlmMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFple0GBj0pEeRCzqPDISLpIylnZ
7ueToFogBN3QgjQ/KWYq8kEhwRs0zhMaeGR7xj89/2hBn9vwL8GPjhELYje5N7O3
AenejACbry6hxsdlkqTLR8nlBhHcmAjkQqmPkky5AnA5w16vlS9d347K2G+JsjZi
6xaqGBnw92jCthuWnDcp0PXD6Zg6Ezoylbzqb9kp7QdhxILR/K/S1BN6k/DJ/23k
hYZe7IjXxvQ1QENeqIFFQjewZaVHZDo7xO8b1yWsLTnJiPd/C8ILag3dQ9JgHwPb
ocStmVIvoJ0uAOpG1nPP+KfpSFY1IO3tA0z0isdRzrPkZyu8Hb+EyXVr6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFAYOR9j2GMJhcLbrgeU8SQ9ufM3MB8GA1UdIwQY
MBaAFOosTqed23sAPeAfHQX22/cWsRM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNml4T3A1M2Jld0E5NEI4ZEJmYmI5eGF4RXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84ZTdlMWQtMTU4Zi00YzZlLWFiYTMt
MzlmMTNlNzZhZmEzLzEvVUJnNUgyUFlZd21Gd3R1dUI1VHhKRDI1OHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC84ZTdlMWQtMTU4Zi00YzZlLWFiYTMtMzlmMTNlNzZhZmEz
LzEvNml4T3A1M2Jld0E5NEI4ZEJmYmI5eGF4RXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+6sAwQC
W/EYMA0GCSqGSIb3DQEBCwUAA4IBAQARKw1akTdYLO59w+Ld50wdnT7V75nDvYP3
76yIlBZiDgO6WsAiU5SrovAZ2VzAtJp+n13kfI4YYWJ2WqNJyNNW/bJ/NmBdwyD9
22QotMx7FJzf/e4vs8U0bTSj2Q9SFrTxyA1mYZp8pzE8A1HyJ/FTFr6yQKcqHVB5
xujd1ekHvzI4DolApVOuughczMOK0VV2SeZxS8slGZKCOldL8ttIwlUPtFciUewH
CliEJyiTTp8SB6WRx/3z7y2dj+JNupg4AcoiIJwq/tk7iJTBSOfdE2zGX2WWuk2M
m3l0i35n2wVqdCL1I2hwdU2PzL3xHv1XPNygIrTQw7Pi7kSWJQjC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:50 2025 by rpki-client