Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/UXfpgLEO-YbBFk6oonjH1Xm5FgM.roa
File: UXfpgLEO-YbBFk6oonjH1Xm5FgM.roa (raw, json)
Hash identifier: AX0QM/Os3hFjFnv3WUz1vjkj1d0jSqhI2xTsC/dfmWk=
Subject key identifier: 51:77:E9:80:B1:0E:F9:86:C1:16:4E:A8:A2:78:C7:D5:79:B9:16:03
Certificate issuer: /CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763
Certificate serial: 01941F8C0F9A054760DAB9D6E65A18C73ACF
Authority key identifier: B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/UXfpgLEO-YbBFk6oonjH1Xm5FgM.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33832
IP address blocks: 185.99.144.0/22 maxlen: 22
2a06:12c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0f:9a:05:47:60:da:b9:d6:e6:5a:18:c7:3a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5177e980b10ef986c1164ea8a278c7d579b91603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:b3:2c:ab:b4:6d:a4:17:b8:46:06:44:1b:
75:9f:aa:9f:3e:94:87:71:ad:5b:b1:71:7c:ad:82:
82:cc:8a:5d:92:d5:2d:48:cb:3f:2c:6a:b9:e2:41:
b6:6b:b8:2b:77:31:73:8b:c3:81:fc:95:0a:54:0d:
a9:5b:f0:7b:0d:91:ea:4b:7f:53:4d:57:c1:9f:8f:
9d:64:da:8f:7d:fc:86:a5:db:ad:32:65:2b:94:dc:
28:d1:50:f2:17:af:ce:d7:b8:2d:02:69:98:22:20:
8b:a4:e6:0d:a2:48:12:b3:1c:9c:b5:29:4f:2e:aa:
b0:09:a3:89:0d:23:86:ab:c8:70:cd:16:60:06:d1:
59:8a:08:14:69:5b:ad:a0:b7:4d:d1:c8:c2:e0:a3:
f7:09:3b:9b:e9:03:10:84:11:d4:69:7f:cb:2f:e1:
b7:77:60:27:42:5f:a5:4e:d8:52:e5:06:0e:26:2e:
e1:53:22:b4:b8:30:f2:8e:32:60:fb:1d:6a:86:cf:
37:60:93:ee:c3:98:13:26:f1:3f:6b:0d:08:0c:ac:
24:cc:25:f2:97:a1:be:f9:5c:1b:06:22:b8:34:c3:
62:fb:81:97:8a:40:fe:4d:d5:66:ce:b4:82:22:d2:
3d:ce:7c:62:11:b5:0f:2e:58:ce:4c:33:89:45:ab:
cc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:77:E9:80:B1:0E:F9:86:C1:16:4E:A8:A2:78:C7:D5:79:B9:16:03
X509v3 Authority Key Identifier:
keyid:B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/UXfpgLEO-YbBFk6oonjH1Xm5FgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/s6t6iYCGh8w9rXug998LrOAZ92M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.144.0/22
IPv6:
2a06:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:43:74:e9:2a:93:5e:6b:a5:20:9d:f5:c8:0b:b5:1d:e3:7e:
f6:73:87:fd:61:ed:60:28:b1:76:be:f8:96:6b:a1:b1:58:e3:
03:93:0b:16:ff:b9:01:70:30:cc:56:5f:3b:c7:8b:88:85:98:
c3:b8:0c:53:d9:65:23:01:dd:99:d8:7b:34:c8:b2:56:be:de:
e2:da:8e:f2:fd:d3:7f:c9:77:13:46:b9:50:63:03:eb:6c:b6:
e4:f4:bb:f8:ef:8b:7d:8e:c1:3c:5c:d3:39:b9:4f:61:62:33:
f3:d0:1f:48:82:bb:6f:83:41:a8:cb:02:ea:d8:ba:5f:49:1c:
11:a1:f7:77:29:72:76:83:91:c0:d3:da:f1:50:19:ae:0c:1e:
f4:f3:63:dc:fd:4a:a3:e3:cc:92:9d:00:0d:2e:eb:2b:ce:d4:
31:23:68:43:08:03:d2:45:46:69:81:30:0b:96:b1:71:45:9b:
23:4c:c2:58:c6:26:e9:27:7d:6e:6a:4d:6a:e1:bc:0e:12:ce:
52:d9:c9:24:83:35:db:58:32:88:51:38:a9:aa:19:84:6f:55:
07:0b:47:fb:f0:89:bf:f1:a6:8f:15:1c:47:41:ec:ff:a9:f1:
dc:74:e6:7f:70:33:c7:5e:9d:e5:5d:11:f0:e4:1f:09:21:39:
c8:87:50:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjA+aBUdg2rnW5loYxzrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYWI3YTg5ODA4Njg3Y2MzZGFkN2JhMGY3ZGYwYmFjZTAx
OWY3NjMwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTc3ZTk4MGIxMGVmOTg2YzExNjRlYThhMjc4YzdkNTc5YjkxNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu86zLKu0baQXuEYGRBt1n6qfPpSH
ca1bsXF8rYKCzIpdktUtSMs/LGq54kG2a7grdzFzi8OB/JUKVA2pW/B7DZHqS39T
TVfBn4+dZNqPffyGpdutMmUrlNwo0VDyF6/O17gtAmmYIiCLpOYNokgSsxyctSlP
LqqwCaOJDSOGq8hwzRZgBtFZiggUaVutoLdN0cjC4KP3CTub6QMQhBHUaX/LL+G3
d2AnQl+lTthS5QYOJi7hUyK0uDDyjjJg+x1qhs83YJPuw5gTJvE/aw0IDKwkzCXy
l6G++VwbBiK4NMNi+4GXikD+TdVmzrSCItI9znxiEbUPLljOTDOJRavMzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFF36YCxDvmGwRZOqKJ4x9V5uRYDMB8GA1UdIwQY
MBaAFLOreomAhofMPa17oPffC6zgGfdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAt
ODYwNmE3MjRkODkxLzEvVVhmcGdMRU8tWWJCRms2b29uakgxWG01RmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAtODYwNmE3MjRkODkx
LzEvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWOQMA0E
AgACMAcDBQMqBhLAMA0GCSqGSIb3DQEBCwUAA4IBAQApQ3TpKpNea6UgnfXIC7Ud
4372c4f9Ye1gKLF2vviWa6GxWOMDkwsW/7kBcDDMVl87x4uIhZjDuAxT2WUjAd2Z
2Hs0yLJWvt7i2o7y/dN/yXcTRrlQYwPrbLbk9Lv474t9jsE8XNM5uU9hYjPz0B9I
grtvg0GoywLq2LpfSRwRofd3KXJ2g5HA09rxUBmuDB7082Pc/Uqj48ySnQANLusr
ztQxI2hDCAPSRUZpgTALlrFxRZsjTMJYxibpJ31uak1q4bwOEs5S2ckkgzXbWDKI
UTipqhmEb1UHC0f78Im/8aaPFRxHQez/qfHcdOZ/cDPHXp3lXRHw5B8JITnIh1DV
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net