Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/upmvRKLP0ZU9huQZm3R45yCba8w.roa
File: upmvRKLP0ZU9huQZm3R45yCba8w.roa (raw, json)
Hash identifier: Ze4hSd6gSnJhj9RVYqePJmO26WqF9E8nQZjA9SW32Gg=
Subject key identifier: BA:99:AF:44:A2:CF:D1:95:3D:86:E4:19:9B:74:78:E7:20:9B:6B:CC
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 0194221F681FD8BCFA5E539E60F277A1351D
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/upmvRKLP0ZU9huQZm3R45yCba8w.roa
Signing time: Wed 01 Jan 2025 13:47:51 +0000
ROA not before: Wed 01 Jan 2025 13:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2647
IP address blocks: 57.68.0.0/15 maxlen: 32
57.68.10.0/24 maxlen: 24
57.70.0.0/16 maxlen: 32
57.74.29.0/24 maxlen: 24
57.77.0.0/16 maxlen: 32
57.100.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:68:1f:d8:bc:fa:5e:53:9e:60:f2:77:a1:35:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 1 13:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba99af44a2cfd1953d86e4199b7478e7209b6bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:5a:f3:03:9b:fa:d0:bb:f1:6f:2b:05:fd:
41:fb:7f:13:88:68:1f:4e:48:39:3b:5c:38:b6:99:
9b:3c:9b:ab:8f:58:d6:0d:0b:66:6e:11:50:55:86:
55:d5:25:23:28:fb:69:51:ee:db:e7:fd:54:a1:0c:
87:85:7c:ef:1c:15:0c:46:c1:01:43:fc:d6:65:d0:
47:85:90:5c:0f:46:07:be:25:82:b7:e8:af:26:4c:
41:e1:69:8c:0f:5d:10:bd:da:a4:51:a2:1a:4a:2d:
d6:19:54:22:2e:43:a2:29:3a:cd:3d:2f:d0:62:cf:
e3:e6:8b:dc:c3:64:03:c5:e2:ed:5e:ca:a2:ec:cc:
fd:af:0d:18:ea:e7:98:f4:5d:b4:ae:93:e1:b1:31:
50:5a:c6:4b:1b:7d:ba:39:8f:67:1a:f2:3c:8d:ae:
92:2c:23:d3:cb:9d:0e:ef:c9:ff:00:d0:29:ba:b9:
ab:39:96:1a:7b:d6:c1:0e:14:69:f0:d3:9c:ff:e5:
06:87:39:cf:00:65:e7:f2:a2:b5:9d:17:0f:8b:ff:
4c:9b:fc:e8:c3:ad:c2:82:43:5d:c3:37:96:65:25:
3a:5c:6c:fa:f6:94:4b:8f:56:c3:31:da:98:f4:c5:
5c:7f:e3:4c:c9:24:3e:54:bc:1b:4e:a8:2e:fc:0c:
1d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:99:AF:44:A2:CF:D1:95:3D:86:E4:19:9B:74:78:E7:20:9B:6B:CC
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/upmvRKLP0ZU9huQZm3R45yCba8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.74.29.0/24
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:ac:1d:29:dc:2e:98:2f:e9:70:1b:c6:9c:38:19:c0:98:6b:
96:63:a8:77:74:e9:aa:d2:d5:59:d9:8d:06:d0:19:90:53:97:
ef:4a:4f:60:82:28:b5:cb:ec:45:7b:18:c2:95:50:45:55:dd:
da:d6:1f:9a:dc:0f:38:85:7d:85:09:93:7c:e9:ea:b5:5c:a0:
93:39:ab:23:79:1b:5f:ed:c4:90:7f:28:0e:5e:44:ab:16:6d:
74:1d:de:f9:1b:a2:51:e7:d2:9d:5b:e7:31:ea:dd:0f:53:03:
cc:33:5a:0b:e4:5a:69:fb:d0:0d:40:1e:f4:e2:c9:df:54:eb:
50:65:54:fe:3e:b2:c5:f8:3c:d2:27:24:94:0d:5a:38:f5:90:
af:4c:d9:c8:9c:20:bb:16:46:0c:5f:f9:95:c1:6d:e8:59:6f:
94:a6:f7:24:6d:93:73:70:62:26:55:f2:d5:95:43:b9:d1:13:
21:e5:b0:83:a8:b7:d8:3c:cf:64:1a:03:3f:b5:67:1a:7b:40:
dd:c0:13:66:38:65:f5:06:18:13:de:83:62:87:47:9d:b3:c2:
ca:c2:37:01:2a:8a:7f:33:c4:32:e3:6d:2d:e0:33:b6:30:c0:
08:04:55:d5:24:75:81:8b:e7:26:93:d9:ab:ec:a4:a9:a7:c7:
8b:35:05:89
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQiH2gf2Lz6XlOeYPJ3oTUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjUwMTAxMTM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk5YWY0NGEyY2ZkMTk1M2Q4NmU0MTk5Yjc0NzhlNzIwOWI2YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL5a8wOb+tC78W8rBf1B+38TiGgf
Tkg5O1w4tpmbPJurj1jWDQtmbhFQVYZV1SUjKPtpUe7b5/1UoQyHhXzvHBUMRsEB
Q/zWZdBHhZBcD0YHviWCt+ivJkxB4WmMD10QvdqkUaIaSi3WGVQiLkOiKTrNPS/Q
Ys/j5ovcw2QDxeLtXsqi7Mz9rw0Y6ueY9F20rpPhsTFQWsZLG326OY9nGvI8ja6S
LCPTy50O78n/ANApurmrOZYae9bBDhRp8NOc/+UGhznPAGXn8qK1nRcPi/9Mm/zo
w63CgkNdwzeWZSU6XGz69pRLj1bDMdqY9MVcf+NMySQ+VLwbTqgu/AwdRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLqZr0Siz9GVPYbkGZt0eOcgm2vMMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvdXBtdlJLTFAwWlU5aHVRWm0zUjQ1eUNiYTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAoDAwI5RAMD
ADlGAwQAOUodAwMAOU0DAwA5ZDANBgkqhkiG9w0BAQsFAAOCAQEAyqwdKdwumC/p
cBvGnDgZwJhrlmOod3TpqtLVWdmNBtAZkFOX70pPYIIotcvsRXsYwpVQRVXd2tYf
mtwPOIV9hQmTfOnqtVygkzmrI3kbX+3EkH8oDl5EqxZtdB3e+RuiUefSnVvnMerd
D1MDzDNaC+RaafvQDUAe9OLJ31TrUGVU/j6yxfg80icklA1aOPWQr0zZyJwguxZG
DF/5lcFt6FlvlKb3JG2Tc3BiJlXy1ZVDudETIeWwg6i32DzPZBoDP7VnGntA3cAT
Zjhl9QYYE96DYodHnbPCysI3ASqKfzPEMuNtLeAztjDACARV1SR1gYvnJpPZq+yk
qafHizUFiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:09:19 2025 by rpki-client