Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UNKHpMd6KGdnn4FxHQUwDnpRS_0.roa
File: UNKHpMd6KGdnn4FxHQUwDnpRS_0.roa (raw, json)
Hash identifier: xUrooVDGoVgqP/tCoQv4tN5E4R+mH1Wmph/jw+y9UEk=
Subject key identifier: 50:D2:87:A4:C7:7A:28:67:67:9F:81:71:1D:05:30:0E:7A:51:4B:FD
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018AEA4D29A712642829C7FC9776C96B74EB
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UNKHpMd6KGdnn4FxHQUwDnpRS_0.roa
Signing time: Sun 01 Oct 2023 08:13:59 +0000
ROA not before: Sun 01 Oct 2023 08:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 213.159.12.0/23 maxlen: 24
195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
84.234.24.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:4d:29:a7:12:64:28:29:c7:fc:97:76:c9:6b:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 1 08:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50d287a4c77a2867679f81711d05300e7a514bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ef:f4:bb:55:bf:9f:2a:d7:78:ac:d5:8b:1e:
1b:d1:ca:46:57:eb:b8:a2:7a:7d:71:58:c0:45:69:
35:72:b6:42:1b:9b:10:76:50:59:36:e9:84:d6:e3:
69:ff:ff:9e:23:21:35:19:e2:8d:2a:d2:29:38:6e:
08:37:f3:01:82:3b:90:c0:9f:7f:3d:71:80:4e:ec:
68:de:89:e3:a6:e7:9b:ba:9e:d2:74:1f:33:af:5f:
28:08:9c:a7:70:81:bc:0e:8f:5c:53:f4:c1:33:7c:
09:6b:29:8c:f3:73:32:4b:e4:3a:31:8f:d5:85:34:
98:2e:3b:f9:1f:41:29:6e:c9:f2:25:2d:fb:f1:bf:
fd:16:8c:0e:b8:88:37:f4:52:bf:19:9c:49:51:36:
3c:9b:06:1f:7c:3d:e0:bd:85:e5:ce:6b:4f:77:2c:
fa:36:af:e6:10:5e:df:84:53:05:59:6a:63:4d:29:
38:54:a3:26:82:73:30:8c:50:0f:fc:3e:20:e3:ce:
ad:39:7e:68:4c:8d:4d:f4:c6:dc:c4:4a:98:c1:17:
06:6e:a4:38:05:3a:5f:61:01:48:3d:9c:0f:d6:0d:
21:1c:d0:f2:c4:f0:a8:95:8e:27:cc:62:81:e2:93:
7b:85:48:7b:83:83:bc:ca:09:12:90:89:95:3f:5d:
01:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D2:87:A4:C7:7A:28:67:67:9F:81:71:1D:05:30:0E:7A:51:4B:FD
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/UNKHpMd6KGdnn4FxHQUwDnpRS_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.24.0/22
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
195.133.208.0/23
213.159.12.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:ba:f8:ce:51:5c:da:ee:70:da:e8:ef:f6:05:91:c9:ec:37:
0e:e4:e4:72:bc:96:96:68:04:8d:62:dd:0b:b4:82:4e:41:08:
2f:62:1a:9f:78:7b:1e:29:a0:4d:41:4c:b8:37:d3:72:b5:ff:
41:77:57:f3:c3:9a:1f:18:21:b4:e2:15:b8:d1:a3:13:68:aa:
97:25:9c:aa:19:6d:ec:aa:55:d2:9b:c8:6e:68:fe:b8:1e:42:
93:c7:77:a6:ff:b1:5c:3c:8b:a9:3d:92:ce:03:3a:13:00:98:
c2:8d:a0:2e:fd:8d:b7:de:8a:e2:1b:e8:a6:f7:d7:00:6d:34:
c5:12:bc:ee:65:8c:e8:93:0f:70:f4:71:66:13:04:ea:57:d6:
40:fa:5a:e4:55:1e:78:e8:af:d7:f1:07:25:34:5a:87:bb:12:
97:80:a9:5d:1f:3e:e6:0d:51:87:13:fa:24:ea:1b:7d:a6:5f:
62:0d:73:c1:71:03:e2:e4:a4:82:28:67:44:c3:d7:27:5d:8f:
91:8c:f1:39:8c:54:3c:4e:ff:ee:d2:04:80:ea:c2:3f:76:71:
6e:63:c7:38:86:70:91:aa:75:a1:2c:3d:57:77:30:63:88:58:
d9:e5:77:90:c9:29:4b:8e:a2:91:4d:19:9e:66:cf:6a:a6:5e:
e1:91:4d:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYrqTSmnEmQoKcf8l3bJa3TrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDAxMDgxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQyODdhNGM3N2EyODY3Njc5ZjgxNzExZDA1MzAwZTdhNTE0YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+/0u1W/nyrXeKzVix4b0cpGV+u4
onp9cVjARWk1crZCG5sQdlBZNumE1uNp//+eIyE1GeKNKtIpOG4IN/MBgjuQwJ9/
PXGATuxo3onjpuebup7SdB8zr18oCJyncIG8Do9cU/TBM3wJaymM83MyS+Q6MY/V
hTSYLjv5H0EpbsnyJS378b/9FowOuIg39FK/GZxJUTY8mwYffD3gvYXlzmtPdyz6
Nq/mEF7fhFMFWWpjTSk4VKMmgnMwjFAP/D4g486tOX5oTI1N9MbcxEqYwRcGbqQ4
BTpfYQFIPZwP1g0hHNDyxPColY4nzGKB4pN7hUh7g4O8ygkSkImVP10B5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFDSh6THeihnZ5+BcR0FMA56UUv9MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVU5LSHBNZDZLR2RubjRGeEhRVXdEbnBSU18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCVOoYAwQB
wjpAAwQDwlhgAwQBw4XKAwQBw4XQAwQB1Z8MMA0GCSqGSIb3DQEBCwUAA4IBAQBK
uvjOUVza7nDa6O/2BZHJ7DcO5ORyvJaWaASNYt0LtIJOQQgvYhqfeHseKaBNQUy4
N9Nytf9Bd1fzw5ofGCG04hW40aMTaKqXJZyqGW3sqlXSm8huaP64HkKTx3em/7Fc
PIupPZLOAzoTAJjCjaAu/Y233oriG+im99cAbTTFErzuZYzokw9w9HFmEwTqV9ZA
+lrkVR546K/X8QclNFqHuxKXgKldHz7mDVGHE/ok6ht9pl9iDXPBcQPi5KSCKGdE
w9cnXY+RjPE5jFQ8Tv/u0gSA6sI/dnFuY8c4hnCRqnWhLD1XdzBjiFjZ5XeQySlL
jqKRTRmeZs9qpl7hkU2P
-----END CERTIFICATE-----
Generated at Mon May 12 04:43:11 2025 by rpki-client