Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/UbfPQURkGMIvGGdeB5A3_39O47g.roa
File: UbfPQURkGMIvGGdeB5A3_39O47g.roa (raw, json)
Hash identifier: JP3Z3uArYVi1KtzRAtHOB1pQy0cR0p5JgoqJCgTEFok=
Subject key identifier: 51:B7:CF:41:44:64:18:C2:2F:18:67:5E:07:90:37:FF:7F:4E:E3:B8
Certificate issuer: /CN=4709b8553b8679edb4238505d23e460e65ece5a3
Certificate serial: 639346
Authority key identifier: 47:09:B8:55:3B:86:79:ED:B4:23:85:05:D2:3E:46:0E:65:EC:E5:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rwm4VTuGee20I4UF0j5GDmXs5aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/UbfPQURkGMIvGGdeB5A3_39O47g.roa
Signing time: Sat 01 Jan 2022 02:50:52 +0000
ROA not before: Sat 01 Jan 2022 02:50:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47891
IP address blocks: 185.90.98.0/24 maxlen: 24
185.90.96.0/24 maxlen: 24
185.90.97.0/24 maxlen: 24
91.206.156.0/24 maxlen: 24
185.90.99.0/24 maxlen: 24
91.206.157.0/24 maxlen: 24
91.229.231.0/24 maxlen: 24
91.229.230.0/24 maxlen: 24
2a05:df00::/29 maxlen: 29
2a05:df01:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6525766 (0x639346)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4709b8553b8679edb4238505d23e460e65ece5a3
Validity
Not Before: Jan 1 02:50:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51b7cf41446418c22f18675e079037ff7f4ee3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:2d:08:b3:3e:c0:9a:5b:cb:ab:ad:bf:e7:
b5:9b:39:b7:95:09:ba:d7:a7:df:2b:bb:41:20:3a:
d9:14:d1:2b:86:a8:a6:62:37:2a:a9:c3:50:2b:d0:
89:74:05:17:8f:c2:06:a4:e4:57:59:3a:2d:e9:98:
83:0f:a5:cb:79:2a:e3:1f:90:73:3a:46:e0:99:09:
3a:a1:e5:bf:85:3f:5b:da:d6:1e:ac:07:cc:df:98:
d0:b0:96:aa:6a:3e:0c:b1:cc:d3:33:e6:0c:96:b9:
9a:78:08:0f:5e:38:db:be:05:eb:f7:39:eb:de:64:
79:9a:d3:f0:ba:42:81:b4:4a:9d:88:6f:ad:1b:23:
a3:ba:db:d9:50:71:bf:d4:39:d6:92:c7:6f:b3:98:
ab:f1:35:7f:1a:35:fd:41:71:8e:36:7d:93:34:8b:
22:39:c0:fc:04:4c:b4:50:48:50:34:ca:a3:47:aa:
9a:94:44:20:9f:0d:23:26:42:1e:49:20:58:64:2d:
b0:57:65:46:c5:1d:53:1f:b1:0c:b0:f0:3c:5e:fb:
01:2b:b5:1a:7d:ef:4a:e0:66:62:58:26:98:f6:eb:
89:cb:7f:d3:f5:eb:d5:a0:e1:30:60:6b:52:fd:8c:
11:30:b2:a0:d5:e2:82:7f:dd:73:e1:10:e2:f0:dd:
f5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B7:CF:41:44:64:18:C2:2F:18:67:5E:07:90:37:FF:7F:4E:E3:B8
X509v3 Authority Key Identifier:
keyid:47:09:B8:55:3B:86:79:ED:B4:23:85:05:D2:3E:46:0E:65:EC:E5:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rwm4VTuGee20I4UF0j5GDmXs5aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/UbfPQURkGMIvGGdeB5A3_39O47g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b0b29a-56cf-4e17-9341-c97c11d312fa/1/Rwm4VTuGee20I4UF0j5GDmXs5aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.156.0/23
91.229.230.0/23
185.90.96.0/22
IPv6:
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
64:80:9a:8f:27:95:a8:b3:33:3d:17:b3:b3:92:13:96:24:7b:
6c:2c:ce:a9:16:e8:37:ab:c6:5d:d2:50:3e:13:86:3c:57:3f:
5f:c2:84:0d:d3:28:2c:4a:2a:96:7a:64:5c:b2:73:28:2d:34:
b6:e4:66:c8:7b:68:ea:e6:00:4a:8b:d4:56:69:f8:cf:77:b5:
b8:13:67:06:39:2b:c3:bb:57:fd:dd:2d:24:31:8b:df:0c:27:
38:b0:ce:a2:cb:d3:26:56:ee:03:10:a7:37:c0:7f:19:14:85:
ef:d0:51:91:02:3e:84:19:88:cc:9d:b2:25:bc:3d:c6:fc:48:
b8:77:7e:7d:d4:da:5c:d6:2b:3a:2d:ac:71:a7:20:ba:51:99:
5b:8a:01:b7:4e:4f:5e:4d:fc:98:d4:1f:f3:7e:0f:ed:25:de:
d6:5f:90:64:a2:29:a8:6e:f3:fb:d8:64:4b:14:e5:aa:6f:d4:
5d:8d:c4:7b:63:60:06:d9:42:6e:fd:6c:21:ca:32:ca:a8:4e:
a8:70:c6:29:65:f0:a4:f6:ed:08:53:87:6e:c9:c5:72:22:05:
7d:5d:c4:09:a1:ee:a6:9a:98:83:55:76:69:d6:0b:10:38:9d:
3a:f6:0e:b2:3b:02:b3:35:c4:d9:9d:8b:6b:0b:89:6e:f4:38:
98:2b:3c:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDY5NGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ3
MDliODU1M2I4Njc5ZWRiNDIzODUwNWQyM2U0NjBlNjVlY2U1YTMwHhcNMjIwMTAx
MDI1MDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1MWI3Y2Y0MTQ0NjQx
OGMyMmYxODY3NWUwNzkwMzdmZjdmNGVlM2I4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsDQtCLM+wJpby6utv+e1mzm3lQm616ffK7tBIDrZFNErhqim
YjcqqcNQK9CJdAUXj8IGpORXWTot6ZiDD6XLeSrjH5BzOkbgmQk6oeW/hT9b2tYe
rAfM35jQsJaqaj4MsczTM+YMlrmaeAgPXjjbvgXr9znr3mR5mtPwukKBtEqdiG+t
GyOjutvZUHG/1DnWksdvs5ir8TV/GjX9QXGONn2TNIsiOcD8BEy0UEhQNMqjR6qa
lEQgnw0jJkIeSSBYZC2wV2VGxR1TH7EMsPA8XvsBK7Uafe9K4GZiWCaY9uuJy3/T
9evVoOEwYGtS/YwRMLKg1eKCf91z4RDi8N31qwIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFFG3z0FEZBjCLxhnXgeQN/9/TuO4MB8GA1UdIwQYMBaAFEcJuFU7hnnttCOF
BdI+Rg5l7OWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UndtNFZUdUdlZTIwSTRVRjBqNUdEbVhzNWFNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYy9iMGIyOWEtNTZjZi00ZTE3LTkzNDEtYzk3YzExZDMxMmZhLzEv
VWJmUFFVUmtHTUl2R0dkZUI1QTNfMzlPNDdnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9i
MGIyOWEtNTZjZi00ZTE3LTkzNDEtYzk3YzExZDMxMmZhLzEvUndtNFZUdUdlZTIw
STRVRjBqNUdEbVhzNWFNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW86cAwQBW+XmAwQCuVpgMA0EAgAC
MAcDBQMqBd8AMA0GCSqGSIb3DQEBCwUAA4IBAQBkgJqPJ5WoszM9F7OzkhOWJHts
LM6pFug3q8Zd0lA+E4Y8Vz9fwoQN0ygsSiqWemRcsnMoLTS25GbIe2jq5gBKi9RW
afjPd7W4E2cGOSvDu1f93S0kMYvfDCc4sM6iy9MmVu4DEKc3wH8ZFIXv0FGRAj6E
GYjMnbIlvD3G/Ei4d3591Npc1is6LaxxpyC6UZlbigG3Tk9eTfyY1B/zfg/tJd7W
X5BkoimobvP72GRLFOWqb9RdjcR7Y2AG2UJu/WwhyjLKqE6ocMYpZfCk9u0IU4du
ycVyIgV9XcQJoe6mmpiDVXZp1gsQOJ069g6yOwKzNcTZnYtrC4lu9DiYKzww
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org