Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/unTwGWUlLtukFpmGCiLRF4IFtNk.roa
File: unTwGWUlLtukFpmGCiLRF4IFtNk.roa (raw, json)
Hash identifier: On4Gg7hoHCwp3N/KrNRWZ9f9vqel+RAsURIdANgDkbI=
Subject key identifier: BA:74:F0:19:65:25:2E:DB:A4:16:99:86:0A:22:D1:17:82:05:B4:D9
Certificate issuer: /CN=99bf7d5c70c63254d0cde34c2ba49d9407fc24f3
Certificate serial: 01941F8C78EFE3D16F7F67CB2C7248DEE6D0
Authority key identifier: 99:BF:7D:5C:70:C6:32:54:D0:CD:E3:4C:2B:A4:9D:94:07:FC:24:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mb99XHDGMlTQzeNMK6SdlAf8JPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/unTwGWUlLtukFpmGCiLRF4IFtNk.roa
Signing time: Wed 01 Jan 2025 01:48:07 +0000
ROA not before: Wed 01 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49729
IP address blocks: 185.137.76.0/22 maxlen: 22
185.137.76.0/23 maxlen: 23
185.137.76.0/24 maxlen: 24
185.137.77.0/24 maxlen: 24
185.137.78.0/23 maxlen: 23
185.137.78.0/24 maxlen: 24
185.137.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:78:ef:e3:d1:6f:7f:67:cb:2c:72:48:de:e6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99bf7d5c70c63254d0cde34c2ba49d9407fc24f3
Validity
Not Before: Jan 1 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba74f01965252edba41699860a22d1178205b4d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:36:99:d0:ce:68:73:96:8b:10:b4:5e:d1:
b8:06:fc:21:84:ae:1f:78:22:79:61:f9:28:bc:2d:
e8:0d:69:3c:30:9c:22:77:3e:03:24:3d:42:92:ce:
e7:71:ed:59:cf:46:8e:35:58:c0:a2:f5:2b:f5:53:
76:ac:fc:a5:9e:0b:04:9d:36:04:16:44:46:e1:ce:
80:c4:5d:ba:b7:cf:a4:2b:81:0e:f2:87:e7:ab:e5:
67:38:c5:9b:5d:91:30:67:55:e1:89:93:89:b6:5e:
fa:cb:70:b0:f0:e2:75:6d:5c:de:d9:b5:4e:be:56:
54:e1:7f:ba:0c:f3:11:24:11:61:85:69:74:e5:29:
eb:64:55:57:07:1f:3f:00:50:eb:b4:e7:1f:f0:ad:
44:48:09:39:98:80:d8:b4:0d:f0:1a:94:b8:71:30:
7d:c5:de:b9:8a:d8:4e:00:6f:91:e2:24:18:13:ce:
f5:f9:9c:b1:a0:bb:08:00:55:9b:71:8f:d0:55:c2:
9c:39:94:a2:e1:99:e8:09:0c:96:3e:f2:9c:11:d4:
bc:43:06:25:5f:e8:3e:56:ed:b8:da:c0:e6:46:99:
14:a1:ea:64:e4:18:e6:09:b0:1e:f2:79:d3:99:98:
d4:0f:34:eb:0b:01:84:c9:fb:d7:59:c3:62:61:45:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:74:F0:19:65:25:2E:DB:A4:16:99:86:0A:22:D1:17:82:05:B4:D9
X509v3 Authority Key Identifier:
keyid:99:BF:7D:5C:70:C6:32:54:D0:CD:E3:4C:2B:A4:9D:94:07:FC:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mb99XHDGMlTQzeNMK6SdlAf8JPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/unTwGWUlLtukFpmGCiLRF4IFtNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/mb99XHDGMlTQzeNMK6SdlAf8JPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.76.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:0e:c0:c7:70:28:de:5e:1f:b5:ab:aa:a4:6c:c1:fd:1c:2e:
82:fa:1d:14:85:ab:22:48:ee:bf:4c:b0:fd:bb:08:5f:45:b7:
16:88:8f:c1:46:ef:0e:8e:cb:2a:b3:cd:d0:50:a2:ab:69:75:
b7:ee:4c:10:88:b2:4a:43:0b:9c:97:da:63:e7:29:94:56:11:
05:fb:de:a3:73:d2:c0:da:10:bc:c5:47:ef:23:fd:ff:60:9c:
9a:c3:f6:fb:81:ae:f7:e8:42:fa:d5:fe:5a:2b:68:3a:a1:0a:
1d:54:7b:5f:71:87:5d:2a:5b:1f:8c:1a:76:ec:12:c4:46:7c:
c6:07:63:e1:18:b1:9f:c8:e0:f3:83:a4:ca:50:97:f3:88:fc:
af:5d:93:cd:9b:7f:41:5b:68:08:a9:35:10:c6:d7:a2:f2:c2:
3a:65:63:fd:e7:51:e5:34:80:95:ab:f7:67:c5:83:b0:ac:fd:
2d:71:f6:34:5c:59:fb:57:66:1e:ff:dd:61:d2:75:04:c2:23:
3c:0f:c6:ce:04:26:18:71:b3:ca:37:2c:24:03:eb:15:57:cc:
02:80:21:76:26:ca:84:b1:1c:06:ff:67:4e:9a:95:75:11:89:
4a:1d:a5:29:ad:a1:7e:ee:cc:18:57:f9:c1:54:d3:38:9b:03:
0a:d2:86:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHjv49Fvf2fLLHJI3ubQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YmY3ZDVjNzBjNjMyNTRkMGNkZTM0YzJiYTQ5ZDk0MDdm
YzI0ZjMwHhcNMjUwMTAxMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc0ZjAxOTY1MjUyZWRiYTQxNjk5ODYwYTIyZDExNzgyMDViNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi02mdDOaHOWixC0XtG4BvwhhK4f
eCJ5YfkovC3oDWk8MJwidz4DJD1Cks7nce1Zz0aONVjAovUr9VN2rPylngsEnTYE
FkRG4c6AxF26t8+kK4EO8ofnq+VnOMWbXZEwZ1XhiZOJtl76y3Cw8OJ1bVze2bVO
vlZU4X+6DPMRJBFhhWl05SnrZFVXBx8/AFDrtOcf8K1ESAk5mIDYtA3wGpS4cTB9
xd65ithOAG+R4iQYE871+ZyxoLsIAFWbcY/QVcKcOZSi4ZnoCQyWPvKcEdS8QwYl
X+g+Vu242sDmRpkUoepk5BjmCbAe8nnTmZjUDzTrCwGEyfvXWcNiYUUUnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLp08BllJS7bpBaZhgoi0ReCBbTZMB8GA1UdIwQY
MBaAFJm/fVxwxjJU0M3jTCuknZQH/CTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWI5OVhIREdNbFRRemVOTUs2U2RsQWY4SlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNDgyNTYtYzZmYy00NjMxLThmNWYt
NThiY2RhMzU2ZTYyLzEvdW5Ud0dXVWxMdHVrRnBtR0NpTFJGNElGdE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNDgyNTYtYzZmYy00NjMxLThmNWYtNThiY2RhMzU2ZTYy
LzEvbWI5OVhIREdNbFRRemVOTUs2U2RsQWY4SlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYlMMA0G
CSqGSIb3DQEBCwUAA4IBAQBdDsDHcCjeXh+1q6qkbMH9HC6C+h0UhasiSO6/TLD9
uwhfRbcWiI/BRu8Ojssqs83QUKKraXW37kwQiLJKQwucl9pj5ymUVhEF+96jc9LA
2hC8xUfvI/3/YJyaw/b7ga736EL61f5aK2g6oQodVHtfcYddKlsfjBp27BLERnzG
B2PhGLGfyODzg6TKUJfziPyvXZPNm39BW2gIqTUQxtei8sI6ZWP951HlNICVq/dn
xYOwrP0tcfY0XFn7V2Ye/91h0nUEwiM8D8bOBCYYcbPKNywkA+sVV8wCgCF2JsqE
sRwG/2dOmpV1EYlKHaUpraF+7swYV/nBVNM4mwMK0obi
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:58 2025 by rpki-client on console.sobornost.net