Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/UBhFR3OZMj_R8VlXXyVrvKRDJfU.roa
File: UBhFR3OZMj_R8VlXXyVrvKRDJfU.roa (raw, json)
Hash identifier: rvFp0ktgwJ1/3eTonU7/7v6UyJ5UYW+gGNm92KfeHQY=
Subject key identifier: 50:18:45:47:73:99:32:3F:D1:F1:59:57:5F:25:6B:BC:A4:43:25:F5
Certificate issuer: /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial: 0194236A2F84DB1016A0694E0DB5F1F4AFB9
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/UBhFR3OZMj_R8VlXXyVrvKRDJfU.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43256
IP address blocks: 217.171.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2f:84:db:10:16:a0:69:4e:0d:b5:f1:f4:af:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=501845477399323fd1f159575f256bbca44325f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:57:fd:d8:94:45:9e:89:63:6c:6e:d1:a8:da:
55:a5:72:26:92:36:cc:14:cd:e4:0a:91:f8:8d:d5:
8d:f8:b9:02:5f:57:b7:3e:f0:51:b0:10:d9:f0:a9:
dc:17:6d:bf:66:c9:25:55:9a:31:65:8a:de:0b:e3:
60:51:c8:bc:33:a5:28:e5:db:0c:26:70:4c:dd:04:
5d:d1:e9:e4:49:02:10:68:cf:e3:6e:66:b3:57:f2:
dc:d5:24:f4:66:ef:10:43:f9:94:fe:4f:db:76:74:
cb:ea:58:f4:b2:b1:6e:ff:7f:b4:8c:a2:ef:a8:df:
8d:9d:c0:58:ca:c2:68:4f:f4:ac:d1:bb:ce:6f:6a:
2d:39:4c:8d:f3:f5:b5:30:3b:ab:bf:67:ee:cf:62:
68:24:3c:78:06:7b:c3:1a:d4:53:23:7f:07:e6:5b:
2b:a4:ee:10:75:30:cc:d4:89:cd:63:9f:fd:37:46:
6a:9f:89:fe:20:f8:4f:01:bf:c7:e4:77:ea:6c:74:
ad:87:ed:fe:1f:92:5c:fe:cd:86:24:5d:f2:6f:50:
d4:b4:07:e6:18:eb:a5:f9:62:29:12:61:6a:d2:28:
ca:9f:39:41:21:0a:7f:69:00:95:fa:76:dc:e1:c0:
f0:26:d0:df:1c:36:49:66:19:eb:69:e7:ac:19:8f:
d8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:18:45:47:73:99:32:3F:D1:F1:59:57:5F:25:6B:BC:A4:43:25:F5
X509v3 Authority Key Identifier:
keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/UBhFR3OZMj_R8VlXXyVrvKRDJfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.171.91.0/24
Signature Algorithm: sha256WithRSAEncryption
49:2f:73:bf:d3:cf:bc:11:a2:e9:b4:79:6d:9d:2b:cb:49:ae:
e5:3b:e2:ec:a4:aa:69:c1:45:52:c2:f8:14:7a:29:3e:1f:99:
37:9d:a6:d0:6b:fe:10:61:8d:d6:dc:86:fb:fe:7b:e3:a9:cf:
5a:da:8b:2e:f5:d3:d2:d9:9e:a2:23:f8:05:80:a8:7f:ba:30:
19:3c:95:0b:0a:ac:40:c9:33:37:3c:d8:57:e0:7c:53:ab:18:
95:df:9a:e0:3b:d6:1d:33:0f:95:71:1f:21:67:36:6c:7d:01:
72:0c:8f:da:31:08:f7:8b:b1:2f:41:71:09:d3:66:f6:bc:2f:
5e:22:ef:6f:04:13:f5:06:56:2d:d4:2f:32:ab:2b:b3:45:26:
5a:98:4b:1a:ac:5d:f1:5b:09:0e:f7:f6:9e:8b:e4:e8:d0:60:
3d:63:f3:5b:58:8f:64:b4:2c:69:9d:8f:d5:81:76:90:2b:fe:
cd:88:be:d7:7f:74:7f:eb:c2:68:1a:12:33:70:fa:72:b4:bc:
fe:69:51:20:c7:b1:fa:a8:fe:d8:dc:f2:6c:47:39:2d:80:47:
8b:2a:87:1a:aa:dc:3b:c4:a2:83:fe:68:47:5e:6f:29:53:d0:
e5:ad:11:6e:90:f3:d4:77:48:c6:49:f4:5e:3b:f6:bf:e7:be:
6b:e8:8b:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai+E2xAWoGlODbXx9K+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDE4NDU0NzczOTkzMjNmZDFmMTU5NTc1ZjI1NmJiY2E0NDMyNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lf92JRFnoljbG7RqNpVpXImkjbM
FM3kCpH4jdWN+LkCX1e3PvBRsBDZ8KncF22/ZsklVZoxZYreC+NgUci8M6Uo5dsM
JnBM3QRd0enkSQIQaM/jbmazV/Lc1ST0Zu8QQ/mU/k/bdnTL6lj0srFu/3+0jKLv
qN+NncBYysJoT/Ss0bvOb2otOUyN8/W1MDurv2fuz2JoJDx4BnvDGtRTI38H5lsr
pO4QdTDM1InNY5/9N0Zqn4n+IPhPAb/H5HfqbHSth+3+H5Jc/s2GJF3yb1DUtAfm
GOul+WIpEmFq0ijKnzlBIQp/aQCV+nbc4cDwJtDfHDZJZhnraeesGY/YlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAYRUdzmTI/0fFZV18la7ykQyX1MB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvVUJoRlIzT1pNal9SOFZsWFh5VnJ2S1JESmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2atbMA0G
CSqGSIb3DQEBCwUAA4IBAQBJL3O/08+8EaLptHltnSvLSa7lO+LspKppwUVSwvgU
eik+H5k3nabQa/4QYY3W3Ib7/nvjqc9a2osu9dPS2Z6iI/gFgKh/ujAZPJULCqxA
yTM3PNhX4HxTqxiV35rgO9YdMw+VcR8hZzZsfQFyDI/aMQj3i7EvQXEJ02b2vC9e
Iu9vBBP1BlYt1C8yqyuzRSZamEsarF3xWwkO9/aei+To0GA9Y/NbWI9ktCxpnY/V
gXaQK/7NiL7Xf3R/68JoGhIzcPpytLz+aVEgx7H6qP7Y3PJsRzktgEeLKocaqtw7
xKKD/mhHXm8pU9DlrRFukPPUd0jGSfReO/a/575r6IsY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:56 2025 by rpki-client on console.sobornost.net