Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ukpz258Pu7bNWf8NOO8xTSDm6ac.roa
File: Ukpz258Pu7bNWf8NOO8xTSDm6ac.roa (raw, json)
Hash identifier: N3tcSeOhnfUpzG6xjoUCZ9+KDhbzHATSPGgHhTJK3Ng=
Subject key identifier: 52:4A:73:DB:9F:0F:BB:B6:CD:59:FF:0D:38:EF:31:4D:20:E6:E9:A7
Certificate issuer: /CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Certificate serial: 0194266B76A6690AF3CE6AD729AC62972081
Authority key identifier: 52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ukpz258Pu7bNWf8NOO8xTSDm6ac.roa
Signing time: Thu 02 Jan 2025 09:49:24 +0000
ROA not before: Thu 02 Jan 2025 09:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48775
IP address blocks: 91.197.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:76:a6:69:0a:f3:ce:6a:d7:29:ac:62:97:20:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Validity
Not Before: Jan 2 09:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=524a73db9f0fbbb6cd59ff0d38ef314d20e6e9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:6c:bd:33:ef:a5:0c:bb:c9:88:e6:b4:0c:
da:31:50:9f:a0:db:e7:8a:5e:2e:a3:8f:41:f8:c6:
32:8f:ff:0c:27:78:17:cf:fd:95:88:56:fd:5c:44:
eb:3c:ed:50:e8:03:a9:33:43:bb:df:14:cf:e9:93:
13:a3:69:9b:f4:31:31:02:fe:1d:7b:e0:57:3d:0a:
75:d3:09:c9:c6:76:2c:5d:d6:2c:95:2a:18:ea:13:
d9:6a:be:7b:3e:52:74:4b:cc:7f:2f:ea:fd:25:35:
ed:81:59:2c:f1:33:fb:9a:aa:8e:4d:e8:c2:df:75:
57:1f:67:bc:7e:65:dc:3f:04:6a:e9:7d:f9:73:d9:
c6:db:ce:57:09:4d:d3:c8:0e:ed:bd:51:5b:8c:38:
92:e5:e7:f7:10:b7:c8:30:a3:66:04:f1:11:03:01:
e1:91:7d:2f:b3:d1:ea:1b:53:2d:82:c5:e3:b8:ce:
43:15:64:62:16:cd:04:ee:f8:b4:29:fb:1d:56:12:
b7:c9:a3:69:67:aa:ae:7e:47:e4:3f:c6:a8:7e:40:
5e:b4:2f:af:d0:b7:81:da:b4:73:9f:91:d7:0b:d6:
1d:9a:32:8f:be:a6:d8:fd:28:83:a2:1b:af:85:b1:
ce:7b:13:da:bf:54:0f:90:0b:62:81:50:82:ef:bd:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4A:73:DB:9F:0F:BB:B6:CD:59:FF:0D:38:EF:31:4D:20:E6:E9:A7
X509v3 Authority Key Identifier:
keyid:52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ukpz258Pu7bNWf8NOO8xTSDm6ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.56.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e4:8b:79:e5:38:63:50:76:1e:c1:9d:0d:01:2e:1c:89:f7:
e9:4a:6e:9c:94:47:c3:c4:1f:2d:09:a6:0d:2b:6b:e5:fa:78:
b5:98:4f:ea:ec:d1:3c:09:fc:35:f6:b5:91:87:fc:9d:0b:94:
cd:59:b2:d7:b3:5a:3f:c9:d3:fb:29:f7:c9:ac:4f:85:65:14:
e9:24:89:5d:1f:54:e2:a8:d5:68:f8:8d:0e:1c:d2:c8:7a:db:
b8:54:0f:50:46:98:e8:bf:42:d5:ff:9d:36:94:02:48:c6:19:
33:e1:ea:ca:25:9c:6f:a0:e6:98:e3:fe:54:ea:01:88:17:4b:
15:b3:6c:d5:a3:6f:10:62:91:02:45:3a:29:78:7a:ac:d7:07:
77:4a:1d:90:10:b9:2e:36:25:26:6b:ab:bd:36:9e:d9:5e:95:
92:1a:73:b4:8b:22:e6:58:58:1e:2b:9e:b4:eb:cc:3b:1f:6f:
00:6c:79:fd:c5:ab:f7:49:f5:e4:9a:50:45:0a:b0:0b:14:32:
7d:fe:7e:cd:ea:3b:90:88:d0:d1:7d:48:28:e5:d9:be:eb:38:
95:6d:13:35:cc:ec:13:05:94:28:0f:0c:8e:9d:1d:a7:e1:6e:
02:26:1a:cf:a5:31:6d:f9:cd:3b:79:6d:b7:b2:8a:03:8e:39:
38:36:a8:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma3amaQrzzmrXKaxilyCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmYyMWVlYjM2NDE0YjMyODBlNmMzM2IwYjU3Mjk2Yjhm
NmI2NzUwHhcNMjUwMTAyMDk0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRhNzNkYjlmMGZiYmI2Y2Q1OWZmMGQzOGVmMzE0ZDIwZTZlOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc5svTPvpQy7yYjmtAzaMVCfoNvn
il4uo49B+MYyj/8MJ3gXz/2ViFb9XETrPO1Q6AOpM0O73xTP6ZMTo2mb9DExAv4d
e+BXPQp10wnJxnYsXdYslSoY6hPZar57PlJ0S8x/L+r9JTXtgVks8TP7mqqOTejC
33VXH2e8fmXcPwRq6X35c9nG285XCU3TyA7tvVFbjDiS5ef3ELfIMKNmBPERAwHh
kX0vs9HqG1MtgsXjuM5DFWRiFs0E7vi0KfsdVhK3yaNpZ6qufkfkP8aofkBetC+v
0LeB2rRzn5HXC9YdmjKPvqbY/SiDohuvhbHOexPav1QPkAtigVCC773mAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJKc9ufD7u2zVn/DTjvMU0g5umnMB8GA1UdIwQY
MBaAFFK/Ie6zZBSzKA5sM7C1cpa49rZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUt
YWM5NmY2YWFiNDk0LzEvVWtwejI1OFB1N2JOV2Y4Tk9POHhUU0RtNmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUtYWM5NmY2YWFiNDk0
LzEvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8U4MA0G
CSqGSIb3DQEBCwUAA4IBAQB45It55ThjUHYewZ0NAS4ciffpSm6clEfDxB8tCaYN
K2vl+ni1mE/q7NE8Cfw19rWRh/ydC5TNWbLXs1o/ydP7KffJrE+FZRTpJIldH1Ti
qNVo+I0OHNLIetu4VA9QRpjov0LV/502lAJIxhkz4erKJZxvoOaY4/5U6gGIF0sV
s2zVo28QYpECRTopeHqs1wd3Sh2QELkuNiUma6u9Np7ZXpWSGnO0iyLmWFgeK560
68w7H28AbHn9xav3SfXkmlBFCrALFDJ9/n7N6juQiNDRfUgo5dm+6ziVbRM1zOwT
BZQoDwyOnR2n4W4CJhrPpTFt+c07eW23sooDjjk4Nqj6
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:32:36 2025 by rpki-client