Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/UM6dw0XQbFTPTS55vn_AWHEI4yo.roa
File: UM6dw0XQbFTPTS55vn_AWHEI4yo.roa (raw, json)
Hash identifier: wNNMkvQzBNZYljSVr847fPVoftKe9bYtHY9cgokEaZM=
Subject key identifier: 50:CE:9D:C3:45:D0:6C:54:CF:4D:2E:79:BE:7F:C0:58:71:08:E3:2A
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942748031E97743AFAC6CC8F494117E5C0
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/UM6dw0XQbFTPTS55vn_AWHEI4yo.roa
Signing time: Thu 02 Jan 2025 13:50:18 +0000
ROA not before: Thu 02 Jan 2025 13:50:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207371
IP address blocks: 77.85.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:03:1e:97:74:3a:fa:c6:cc:8f:49:41:17:e5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50ce9dc345d06c54cf4d2e79be7fc0587108e32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:5e:a7:60:7c:9a:06:44:b6:77:b4:17:df:
09:4d:81:8b:ef:01:af:74:6a:07:66:61:ed:8b:2c:
40:39:14:a2:f6:7e:65:8f:c6:7d:ba:ae:77:28:cd:
00:fc:ca:ca:ea:9e:00:c6:c2:4a:85:91:b4:15:a4:
7f:b5:20:1a:38:d1:f3:3b:cb:ac:6b:4d:5b:85:0f:
84:6e:13:c4:19:4d:f9:90:5c:0e:86:60:c2:6e:cd:
e0:75:32:95:35:71:0f:45:70:72:f2:92:0c:09:85:
e2:66:d6:4d:72:f1:57:2b:19:5b:32:b6:6f:20:46:
a8:c0:fe:e0:7b:74:61:ee:1a:d0:aa:a8:96:97:69:
60:ad:b2:65:c9:12:82:0d:14:7d:1e:b5:9b:9c:a7:
5f:40:9e:81:f1:98:d7:72:6b:8f:02:e8:b2:11:42:
55:da:6e:a5:b9:ad:4b:48:ea:5a:c5:33:ae:e1:2e:
0c:f9:23:73:32:57:90:48:22:8b:06:1a:ff:72:b1:
33:54:a5:af:e5:87:50:48:8f:b0:3d:7f:c9:e6:08:
bc:0e:73:85:35:f2:14:e1:9a:97:7c:0d:17:74:af:
e8:d9:69:4c:2f:11:a5:a4:d1:e4:c4:40:44:8b:41:
02:82:e0:aa:01:80:0f:c3:1a:c0:c3:7b:25:25:ff:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:CE:9D:C3:45:D0:6C:54:CF:4D:2E:79:BE:7F:C0:58:71:08:E3:2A
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/UM6dw0XQbFTPTS55vn_AWHEI4yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.171.0/24
Signature Algorithm: sha256WithRSAEncryption
81:e0:73:6d:ef:32:fa:ab:11:6f:17:f9:68:cb:08:64:2e:ff:
de:33:90:03:e5:b7:7e:25:b2:28:64:05:8b:0b:28:23:c0:19:
8b:fe:31:b7:78:e9:64:82:21:bb:87:9b:88:f4:78:38:39:85:
a7:05:15:a0:8b:76:69:44:15:7d:d4:12:01:8d:e8:8f:31:3a:
08:88:36:0a:b3:2c:76:77:31:2b:c2:f0:52:ea:e9:38:0b:d9:
f1:1e:45:e4:ea:70:6a:f8:d5:67:d3:99:49:6b:5b:7e:1a:2f:
93:90:03:26:1d:b6:e4:2a:b8:63:3f:9f:39:7d:5c:87:fb:4f:
eb:39:fe:a8:97:28:84:b1:7c:46:f7:3a:09:b7:66:5a:b8:4d:
e4:65:65:81:f6:e6:9e:67:a3:a5:97:0c:d2:c8:df:f1:9f:4c:
ad:68:41:4f:af:c0:40:1a:3d:6b:c7:b9:d6:15:18:d2:f2:00:
d6:f4:6c:18:60:01:ce:22:83:20:13:f3:5f:42:42:40:ba:78:
2b:19:25:ad:b3:b6:3a:cc:e4:4b:df:c1:dd:2c:a1:6d:d3:07:
6b:06:47:ba:e5:be:0a:5a:21:11:04:6e:1a:10:1e:5e:c1:84:
65:81:e8:9b:29:f8:e5:cf:7a:3b:7a:c8:70:d9:1d:4a:4c:02:
f7:5f:ec:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSAMel3Q6+sbMj0lBF+XAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGNlOWRjMzQ1ZDA2YzU0Y2Y0ZDJlNzliZTdmYzA1ODcxMDhlMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4Jep2B8mgZEtne0F98JTYGL7wGv
dGoHZmHtiyxAORSi9n5lj8Z9uq53KM0A/MrK6p4AxsJKhZG0FaR/tSAaONHzO8us
a01bhQ+EbhPEGU35kFwOhmDCbs3gdTKVNXEPRXBy8pIMCYXiZtZNcvFXKxlbMrZv
IEaowP7ge3Rh7hrQqqiWl2lgrbJlyRKCDRR9HrWbnKdfQJ6B8ZjXcmuPAuiyEUJV
2m6lua1LSOpaxTOu4S4M+SNzMleQSCKLBhr/crEzVKWv5YdQSI+wPX/J5gi8DnOF
NfIU4ZqXfA0XdK/o2WlMLxGlpNHkxEBEi0ECguCqAYAPwxrAw3slJf/3rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDOncNF0GxUz00ueb5/wFhxCOMqMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvVU02ZHcwWFFiRlRQVFM1NXZuX0FXSEVJNHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVWrMA0G
CSqGSIb3DQEBCwUAA4IBAQCB4HNt7zL6qxFvF/loywhkLv/eM5AD5bd+JbIoZAWL
CygjwBmL/jG3eOlkgiG7h5uI9Hg4OYWnBRWgi3ZpRBV91BIBjeiPMToIiDYKsyx2
dzErwvBS6uk4C9nxHkXk6nBq+NVn05lJa1t+Gi+TkAMmHbbkKrhjP585fVyH+0/r
Of6olyiEsXxG9zoJt2ZauE3kZWWB9uaeZ6OllwzSyN/xn0ytaEFPr8BAGj1rx7nW
FRjS8gDW9GwYYAHOIoMgE/NfQkJAungrGSWts7Y6zORL38HdLKFt0wdrBke65b4K
WiERBG4aEB5ewYRlgeibKfjlz3o7eshw2R1KTAL3X+zr
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:16:02 2025 by rpki-client