Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/Uua6yM2rrGnji--Kv2Pn_xDUCUQ.roa
File: Uua6yM2rrGnji--Kv2Pn_xDUCUQ.roa (raw, json)
Hash identifier: kXckJ9Wq2st2kAYy1iDEHvhVUEJf4YmXaasq7C+0rWM=
Subject key identifier: 52:E6:BA:C8:CD:AB:AC:69:E3:8B:EF:8A:BF:63:E7:FF:10:D4:09:44
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019427B6242A26B162342E53ECDB8834219F
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/Uua6yM2rrGnji--Kv2Pn_xDUCUQ.roa
Signing time: Thu 02 Jan 2025 15:50:35 +0000
ROA not before: Thu 02 Jan 2025 15:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199799
IP address blocks: 185.45.96.0/24 maxlen: 24
2a04:a180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:24:2a:26:b1:62:34:2e:53:ec:db:88:34:21:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Jan 2 15:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52e6bac8cdabac69e38bef8abf63e7ff10d40944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:06:a3:ec:6a:06:83:67:cf:77:cb:1e:c5:06:
17:fa:32:10:e6:fa:ce:94:d5:15:07:c8:6e:96:b4:
4b:ff:2e:99:b7:06:31:6f:06:e3:a6:b4:98:13:fa:
d2:64:91:2c:46:7c:85:2d:06:26:03:b4:1d:f0:82:
9c:ae:dc:c9:83:16:4b:88:32:18:2b:10:5a:7a:35:
9b:d1:68:a8:93:51:4b:1a:55:5a:d7:3f:d9:29:c8:
b4:32:1e:2d:9f:c4:f6:06:7d:93:08:1d:e8:fc:75:
81:3b:81:a7:26:39:ce:70:46:a4:f9:c2:05:40:74:
f4:33:f5:0c:12:be:4a:2b:cb:a0:a6:69:33:ca:ff:
c0:84:72:57:19:30:84:3a:f9:9f:25:6c:c9:b3:1c:
6f:18:26:4d:8a:a5:6b:99:69:c4:08:f4:ac:6c:60:
47:a4:0b:ea:9f:80:6d:be:d2:31:ec:f5:e5:0b:78:
10:12:e3:af:d7:b3:77:fa:03:e1:1e:db:e1:f6:3c:
b3:c4:f0:cf:2f:44:b8:e4:5b:cf:b4:d9:3f:ae:86:
f7:4d:db:e4:e7:f6:49:fc:a9:53:8b:99:66:99:3c:
37:75:96:46:ca:a4:e5:87:a0:ed:e6:c7:83:13:76:
06:fb:04:50:30:5d:d2:4a:57:5c:1b:f3:b6:b1:70:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E6:BA:C8:CD:AB:AC:69:E3:8B:EF:8A:BF:63:E7:FF:10:D4:09:44
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/Uua6yM2rrGnji--Kv2Pn_xDUCUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.96.0/24
IPv6:
2a04:a180::/32
Signature Algorithm: sha256WithRSAEncryption
94:54:b9:06:bf:d0:74:5f:1c:8e:f4:7d:e7:a9:6d:09:bb:17:
af:06:66:ad:22:57:77:21:52:15:23:43:76:38:31:fb:c2:5c:
1b:44:92:09:53:97:77:c3:ef:72:bd:d8:d1:f1:b8:f8:aa:be:
92:7c:ad:53:61:43:a0:ea:21:a3:8e:77:f2:ba:d5:dc:5c:7c:
a9:4c:47:30:7f:66:05:66:be:43:82:ac:61:34:6c:e2:22:f1:
27:f7:66:be:28:a0:a1:aa:0f:df:61:67:a9:0f:f7:e5:63:8c:
97:1c:0f:e5:e7:b4:33:97:93:be:46:40:8a:9d:2f:d9:02:96:
98:60:ac:91:f0:07:58:f5:d1:13:9e:13:1e:c6:3d:59:13:9d:
2c:15:65:3c:05:c8:d8:f9:27:4e:e6:3f:f8:47:ae:cd:05:d3:
cb:cd:0c:6f:66:f3:e6:a0:be:4b:42:a9:fb:8e:3e:fb:db:b9:
54:af:ff:20:2e:08:ee:30:da:ea:ae:19:0d:d8:e7:31:60:0a:
2e:c0:62:a0:ff:f4:d2:e7:f7:16:2e:4f:ab:37:24:fe:87:88:
af:20:14:6f:13:2f:2b:07:4f:fd:7e:28:d3:e8:88:3f:a0:30:
f9:8d:e2:98:18:b4:41:6b:d5:76:4a:23:ea:13:0a:f2:7d:46:
3f:b4:a5:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntiQqJrFiNC5T7NuINCGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjUwMTAyMTU1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU2YmFjOGNkYWJhYzY5ZTM4YmVmOGFiZjYzZTdmZjEwZDQwOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gaj7GoGg2fPd8sexQYX+jIQ5vrO
lNUVB8hulrRL/y6ZtwYxbwbjprSYE/rSZJEsRnyFLQYmA7Qd8IKcrtzJgxZLiDIY
KxBaejWb0Wiok1FLGlVa1z/ZKci0Mh4tn8T2Bn2TCB3o/HWBO4GnJjnOcEak+cIF
QHT0M/UMEr5KK8ugpmkzyv/AhHJXGTCEOvmfJWzJsxxvGCZNiqVrmWnECPSsbGBH
pAvqn4BtvtIx7PXlC3gQEuOv17N3+gPhHtvh9jyzxPDPL0S45FvPtNk/rob3Tdvk
5/ZJ/KlTi5lmmTw3dZZGyqTlh6Dt5seDE3YG+wRQMF3SSldcG/O2sXDzWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFLmusjNq6xp44vvir9j5/8Q1AlEMB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvVXVhNnlNMnJyR25qaS0tS3YyUG5feERVQ1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuS1gMA0E
AgACMAcDBQAqBKGAMA0GCSqGSIb3DQEBCwUAA4IBAQCUVLkGv9B0XxyO9H3nqW0J
uxevBmatIld3IVIVI0N2ODH7wlwbRJIJU5d3w+9yvdjR8bj4qr6SfK1TYUOg6iGj
jnfyutXcXHypTEcwf2YFZr5DgqxhNGziIvEn92a+KKChqg/fYWepD/flY4yXHA/l
57Qzl5O+RkCKnS/ZApaYYKyR8AdY9dETnhMexj1ZE50sFWU8BcjY+SdO5j/4R67N
BdPLzQxvZvPmoL5LQqn7jj7727lUr/8gLgjuMNrqrhkN2OcxYAouwGKg//TS5/cW
Lk+rNyT+h4ivIBRvEy8rB0/9fijT6Ig/oDD5jeKYGLRBa9V2SiPqEwryfUY/tKWV
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:59 2025 by rpki-client