Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/KUPJ1lDWM9H_O_nug1XhCm8CDY0.roa
File: KUPJ1lDWM9H_O_nug1XhCm8CDY0.roa (raw, json)
Hash identifier: N5MTKqEvC4tpTv0nenMYPQJAtm9LjBH+zL/o+EsRhto=
Subject key identifier: 29:43:C9:D6:50:D6:33:D1:FF:3B:F9:EE:83:55:E1:0A:6F:02:0D:8D
Certificate issuer: /CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Certificate serial: 019422FC48D929FB3A184BA49D59C64D8766
Authority key identifier: 83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/KUPJ1lDWM9H_O_nug1XhCm8CDY0.roa
Signing time: Wed 01 Jan 2025 17:49:06 +0000
ROA not before: Wed 01 Jan 2025 17:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206332
IP address blocks: 185.146.46.0/24 maxlen: 24
185.146.47.0/24 maxlen: 24
185.171.201.0/24 maxlen: 24
2a07:4d80::/32 maxlen: 32
2a10:55c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:48:d9:29:fb:3a:18:4b:a4:9d:59:c6:4d:87:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Validity
Not Before: Jan 1 17:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2943c9d650d633d1ff3bf9ee8355e10a6f020d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:30:1b:cf:be:93:10:bb:f5:f3:7c:fa:b9:
6e:f2:6d:6d:d3:fc:85:e1:0e:5a:18:87:60:0a:87:
fe:3c:92:4c:29:f7:a5:0e:15:dd:64:e9:6a:ce:db:
2f:b5:d9:fe:25:74:d1:50:a4:98:64:a3:ac:ec:4b:
b8:ff:ab:59:a8:f5:ee:12:79:9b:da:7e:65:c5:f2:
45:ba:2f:e1:87:de:52:fc:33:f5:d1:b4:89:0c:05:
81:c2:fb:3a:2f:38:8f:de:51:53:21:b1:d3:ca:09:
3b:f7:38:df:dc:b6:18:bd:71:ad:77:0b:6f:bb:1c:
fc:80:67:e6:f1:d3:2c:5c:fe:df:cc:0c:99:37:54:
da:91:ed:15:8d:41:ff:2f:25:b1:1d:7d:cb:99:99:
c2:a7:1d:38:52:e0:ac:4d:f5:1b:3d:08:80:f4:7b:
a3:4e:4f:90:f3:cf:b2:2a:b3:04:67:93:65:cf:a3:
6f:c1:20:ef:bc:4c:7a:1b:d9:65:cc:49:1c:3c:5f:
3d:4e:a1:bf:69:0e:30:7f:0a:b8:2c:42:e4:c9:73:
b7:cd:df:f5:68:95:4d:7d:c0:fc:83:00:93:06:35:
9f:3e:9a:db:5c:5e:57:9b:c4:36:76:10:d8:96:92:
c7:5c:2f:3a:3c:74:df:58:25:df:31:e3:7b:57:d5:
c0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:43:C9:D6:50:D6:33:D1:FF:3B:F9:EE:83:55:E1:0A:6F:02:0D:8D
X509v3 Authority Key Identifier:
keyid:83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/KUPJ1lDWM9H_O_nug1XhCm8CDY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/gyO5cxsZaxrLyCn1sosyX9nT49Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.46.0/23
185.171.201.0/24
IPv6:
2a07:4d80::/32
2a10:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:1d:8e:60:2c:bc:0b:ab:15:2a:0a:26:b8:86:95:01:25:1d:
77:72:0f:aa:a5:2d:1e:3a:23:05:8c:71:d1:2b:af:88:7a:89:
f1:4e:f7:0d:8a:3f:bb:20:0e:70:87:7e:d7:9a:ba:ac:4d:82:
80:f6:38:e9:44:60:ea:bf:90:d3:4a:ad:47:2c:54:06:e1:bb:
36:d3:85:04:08:9d:ef:32:f9:f4:97:53:1c:53:f2:65:be:26:
d8:63:f3:ad:ec:70:df:64:b9:92:e1:d8:72:33:a1:94:0e:cb:
2e:f2:94:f3:7d:d3:ea:78:74:dc:a9:51:b9:29:8e:6d:ed:72:
ce:a6:c9:db:bf:e5:3c:71:a8:91:09:b3:90:f5:22:e0:58:01:
eb:ea:6d:a1:28:b2:17:0a:ab:ca:85:6f:0e:a5:a9:48:37:3a:
ba:de:45:d5:3e:36:ae:bf:72:df:a5:8e:3e:f1:31:f1:7c:03:
2a:3c:fa:63:db:dc:31:cf:84:98:31:91:a2:ae:eb:6b:87:5a:
5c:ca:f1:09:35:7d:66:aa:d5:f1:bb:6e:ea:d2:13:f6:9c:02:
53:16:70:48:73:6a:02:42:cf:5c:9a:4d:b6:d1:94:18:3a:6e:
24:a4:f0:48:bf:9c:60:ca:e3:94:79:a6:24:a6:91:c9:48:e8:
20:ac:b1:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQi/EjZKfs6GEuknVnGTYdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNiOTczMWIxOTZiMWFjYmM4MjlmNWIyOGIzMjVmZDlk
M2UzZDQwHhcNMjUwMTAxMTc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQzYzlkNjUwZDYzM2QxZmYzYmY5ZWU4MzU1ZTEwYTZmMDIwZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwIwG8++kxC79fN8+rlu8m1t0/yF
4Q5aGIdgCof+PJJMKfelDhXdZOlqztsvtdn+JXTRUKSYZKOs7Eu4/6tZqPXuEnmb
2n5lxfJFui/hh95S/DP10bSJDAWBwvs6LziP3lFTIbHTygk79zjf3LYYvXGtdwtv
uxz8gGfm8dMsXP7fzAyZN1Take0VjUH/LyWxHX3LmZnCpx04UuCsTfUbPQiA9Huj
Tk+Q88+yKrMEZ5Nlz6NvwSDvvEx6G9llzEkcPF89TqG/aQ4wfwq4LELkyXO3zd/1
aJVNfcD8gwCTBjWfPprbXF5Xm8Q2dhDYlpLHXC86PHTfWCXfMeN7V9XALwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFClDydZQ1jPR/zv57oNV4QpvAg2NMB8GA1UdIwQY
MBaAFIMjuXMbGWsay8gp9bKLMl/Z0+PUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2Yt
Y2ExZTVmMDgxOTUwLzEvS1VQSjFsRFdNOUhfT19udWcxWGhDbThDRFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2YtY2ExZTVmMDgxOTUw
LzEvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBuZIuAwQA
uavJMBQEAgACMA4DBQAqB02AAwUDKhBVwDANBgkqhkiG9w0BAQsFAAOCAQEAoR2O
YCy8C6sVKgomuIaVASUdd3IPqqUtHjojBYxx0SuviHqJ8U73DYo/uyAOcId+15q6
rE2CgPY46URg6r+Q00qtRyxUBuG7NtOFBAid7zL59JdTHFPyZb4m2GPzrexw32S5
kuHYcjOhlA7LLvKU833T6nh03KlRuSmObe1yzqbJ27/lPHGokQmzkPUi4FgB6+pt
oSiyFwqryoVvDqWpSDc6ut5F1T42rr9y36WOPvEx8XwDKjz6Y9vcMc+EmDGRoq7r
a4daXMrxCTV9ZqrV8btu6tIT9pwCUxZwSHNqAkLPXJpNttGUGDpuJKTwSL+cYMrj
lHmmJKaRyUjoIKyxKg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:49 2025 by rpki-client on console.sobornost.net