Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uuab1oZ4k7SP7x3epsInWuBmPbY.roa
File: uuab1oZ4k7SP7x3epsInWuBmPbY.roa (raw, json)
Hash identifier: troS6OMAWt3Al9WOUZBe8vBvx/7s8GwIKdw3q5+6Qog=
Subject key identifier: BA:E6:9B:D6:86:78:93:B4:8F:EF:1D:DE:A6:C2:27:5A:E0:66:3D:B6
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 019420680FC20D3937FB8B12F9F7B26E7538
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uuab1oZ4k7SP7x3epsInWuBmPbY.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 85.239.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:0f:c2:0d:39:37:fb:8b:12:f9:f7:b2:6e:75:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bae69bd6867893b48fef1ddea6c2275ae0663db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:4a:bb:87:f6:d9:15:13:b8:f5:23:0c:f1:
4d:a7:b1:d5:b9:8c:01:ca:26:9e:09:51:a8:eb:39:
8f:42:6b:22:0d:44:33:93:d1:00:cc:66:9d:a6:07:
76:7b:48:7e:0c:66:d2:37:8a:f6:c6:94:b9:82:81:
28:e4:b7:7d:5e:f6:cf:d3:80:d7:b4:c5:a5:d8:11:
80:8e:c4:11:3e:c9:ed:5e:c5:4b:04:d7:9a:06:35:
40:8b:ee:06:8f:86:c6:a3:bf:44:9f:93:61:53:c0:
50:35:fc:ee:e7:14:67:3b:41:73:49:9c:33:8d:5b:
7e:b8:d5:12:6a:54:45:f5:14:a6:0c:eb:1b:68:c5:
e5:bd:e5:3a:5c:8f:17:0d:9d:e2:7f:2d:75:2d:65:
10:ff:24:9a:59:40:3f:95:1d:72:82:f6:9b:9e:bf:
9e:a9:dd:06:22:cf:e1:d8:b9:e1:d4:fb:b7:70:63:
45:6b:e8:83:13:bd:a1:7c:38:67:74:2e:58:97:92:
40:26:7f:c3:c1:d4:8e:6e:c9:60:d1:db:ef:16:3d:
68:ff:0a:79:d3:0a:fe:5e:e3:a4:9f:84:12:58:58:
c0:6f:71:fd:d7:96:1c:1a:1c:35:90:fb:76:99:4c:
05:fe:28:c4:1e:98:a9:92:0b:72:02:4b:d8:9f:df:
34:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E6:9B:D6:86:78:93:B4:8F:EF:1D:DE:A6:C2:27:5A:E0:66:3D:B6
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/uuab1oZ4k7SP7x3epsInWuBmPbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
Signature Algorithm: sha256WithRSAEncryption
76:75:35:6d:4d:c4:fc:a0:ae:ca:db:c9:e1:ce:f0:e5:ef:27:
8b:c6:74:60:f0:1e:c9:45:02:6e:87:f3:0c:f4:2c:9e:62:99:
f4:72:89:50:eb:ff:0d:64:ae:82:df:8f:d2:32:22:c3:7e:a1:
64:23:81:94:db:f7:d9:e0:82:3d:8d:c8:92:da:c8:b7:c8:a1:
85:a5:81:ee:cc:47:96:54:09:69:9b:52:db:ae:22:c3:cc:eb:
e5:e8:04:41:85:d0:0a:be:9f:b3:94:6b:c0:db:f0:c8:8e:88:
0d:65:e0:d7:f0:4e:19:27:94:b5:e1:6d:de:fc:7c:47:13:81:
c8:f9:1c:92:af:ef:a3:db:f9:a5:20:63:a2:c0:49:5a:ef:a7:
e0:60:b1:00:65:52:de:4d:bc:7d:47:23:03:db:75:6a:c0:d7:
71:d8:7a:3e:52:7f:c7:3b:55:a9:cc:80:08:44:98:0d:a1:50:
ec:5c:d5:3f:16:0f:86:ec:22:f3:c2:e1:41:5c:e5:af:6f:1c:
41:93:1e:99:bf:e8:89:25:8f:72:ff:c4:ce:4b:79:22:a7:b5:
bd:5b:9f:fe:b1:6b:82:5a:38:fc:67:a3:7c:8c:7c:6e:0e:8a:
be:c2:5f:c3:8b:3f:2d:93:89:2a:cc:b3:45:70:c6:43:5d:6b:
17:ea:9b:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaA/CDTk3+4sS+feybnU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWU2OWJkNjg2Nzg5M2I0OGZlZjFkZGVhNmMyMjc1YWUwNjYzZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+pKu4f22RUTuPUjDPFNp7HVuYwB
yiaeCVGo6zmPQmsiDUQzk9EAzGadpgd2e0h+DGbSN4r2xpS5goEo5Ld9XvbP04DX
tMWl2BGAjsQRPsntXsVLBNeaBjVAi+4Gj4bGo79En5NhU8BQNfzu5xRnO0FzSZwz
jVt+uNUSalRF9RSmDOsbaMXlveU6XI8XDZ3ify11LWUQ/ySaWUA/lR1ygvabnr+e
qd0GIs/h2Lnh1Pu3cGNFa+iDE72hfDhndC5Yl5JAJn/DwdSObslg0dvvFj1o/wp5
0wr+XuOkn4QSWFjAb3H915YcGhw1kPt2mUwF/ijEHpipkgtyAkvYn980ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrmm9aGeJO0j+8d3qbCJ1rgZj22MB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvdXVhYjFvWjRrN1NQN3gzZXBzSW5XdUJtUGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe8kMA0G
CSqGSIb3DQEBCwUAA4IBAQB2dTVtTcT8oK7K28nhzvDl7yeLxnRg8B7JRQJuh/MM
9CyeYpn0colQ6/8NZK6C34/SMiLDfqFkI4GU2/fZ4II9jciS2si3yKGFpYHuzEeW
VAlpm1LbriLDzOvl6ARBhdAKvp+zlGvA2/DIjogNZeDX8E4ZJ5S14W3e/HxHE4HI
+RySr++j2/mlIGOiwEla76fgYLEAZVLeTbx9RyMD23VqwNdx2Ho+Un/HO1WpzIAI
RJgNoVDsXNU/Fg+G7CLzwuFBXOWvbxxBkx6Zv+iJJY9y/8TOS3kip7W9W5/+sWuC
Wjj8Z6N8jHxuDoq+wl/Diz8tk4kqzLNFcMZDXWsX6pvg
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:46:20 2025 by rpki-client