Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/uyTAYMzc27HPC3St2DUdxuZl0vQ.roa
File: uyTAYMzc27HPC3St2DUdxuZl0vQ.roa (raw, json)
Hash identifier: nhOGHiWnpfS9y1HiircEbA65FySC+R6VBPodKzedGIA=
Subject key identifier: BB:24:C0:60:CC:DC:DB:B1:CF:0B:74:AD:D8:35:1D:C6:E6:65:D2:F4
Certificate issuer: /CN=2becef943d34c80e0a0fd81426e6136b31508fee
Certificate serial: 019422FB844B84807C016A2AD07A0A7A7652
Authority key identifier: 2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/uyTAYMzc27HPC3St2DUdxuZl0vQ.roa
Signing time: Wed 01 Jan 2025 17:48:16 +0000
ROA not before: Wed 01 Jan 2025 17:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198404
IP address blocks: 185.195.176.0/24 maxlen: 24
185.195.177.0/24 maxlen: 24
185.195.178.0/24 maxlen: 24
185.195.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:84:4b:84:80:7c:01:6a:2a:d0:7a:0a:7a:76:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2becef943d34c80e0a0fd81426e6136b31508fee
Validity
Not Before: Jan 1 17:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb24c060ccdcdbb1cf0b74add8351dc6e665d2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:12:a6:36:e9:ee:b3:9b:53:c6:ee:5a:13:
19:b9:55:47:0f:66:ee:ef:9a:35:09:26:1e:8a:f2:
4f:08:01:6f:1b:5a:6b:57:07:d2:df:7d:fc:11:e8:
0c:c2:fa:99:b7:d8:9a:67:94:c5:53:eb:46:9b:eb:
4e:03:8e:e5:e9:75:50:a8:95:b8:b1:27:db:88:3e:
79:72:91:e7:1f:25:10:16:55:52:42:22:e1:30:c9:
e6:d6:0a:88:cf:9c:4b:15:1a:e1:2a:84:50:f6:b5:
a1:54:85:54:7d:4a:a1:37:3a:91:34:7c:6f:d7:9e:
8a:05:f8:55:3c:ca:1e:89:4b:69:24:43:83:fa:f4:
bf:37:57:a3:a7:24:fc:be:ef:84:8a:df:5f:a7:36:
e6:9f:c8:45:52:60:32:ea:8f:50:24:34:28:5b:56:
65:57:41:3e:32:82:b9:2b:58:4f:2f:71:7f:e7:08:
ed:1c:80:06:de:97:9c:e3:81:75:d2:09:0a:db:09:
21:0f:d1:64:e6:c4:69:e0:1a:d8:d8:08:c5:76:51:
fb:90:cf:d4:c4:7c:f6:a0:d7:7b:bc:35:b7:5c:b2:
4b:e0:cf:69:2e:3d:8e:be:cd:5c:63:e0:d5:ec:74:
d1:d0:6f:3e:d6:60:58:4f:77:08:75:45:cf:a2:20:
71:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:24:C0:60:CC:DC:DB:B1:CF:0B:74:AD:D8:35:1D:C6:E6:65:D2:F4
X509v3 Authority Key Identifier:
keyid:2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/uyTAYMzc27HPC3St2DUdxuZl0vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/K-zvlD00yA4KD9gUJuYTazFQj-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8d:08:e5:3a:cc:35:81:58:a5:72:44:a1:de:47:bf:79:a4:
40:b7:44:36:a9:5e:da:4d:ec:e5:b4:f2:6f:06:69:f8:6d:cc:
51:27:75:ec:ec:90:11:6d:7f:dc:78:e3:61:57:02:a8:3e:90:
31:86:92:d5:6e:fa:71:59:8a:9c:49:f0:c0:87:d9:86:f8:59:
bb:88:aa:72:10:5c:68:20:59:22:b8:c7:03:85:16:fd:de:61:
68:48:43:bb:f0:28:68:b2:6f:85:d7:02:76:cf:6f:18:03:92:
19:6a:ee:b5:77:b5:99:71:84:62:16:af:f1:a6:20:10:5f:b1:
5e:97:f3:4e:e5:70:4e:9f:44:83:63:36:8b:41:de:15:5a:ca:
49:8c:f9:e7:8a:cd:84:19:58:0b:64:38:00:02:e4:2b:57:3d:
93:92:d3:89:92:af:80:fa:58:0a:3a:ca:24:69:67:44:68:04:
b2:4b:eb:e2:a5:f7:99:45:7a:9e:e5:cb:9f:af:80:84:c1:f0:
f9:af:a7:44:95:c9:36:ab:6a:9e:82:8f:72:ef:40:d0:d6:f4:
5e:6e:8c:06:5c:0b:b6:c7:56:46:e6:5b:62:c4:d1:d2:3c:da:
af:1a:41:15:3a:9e:73:f3:c4:4e:e7:b1:ea:10:eb:54:47:1b:
15:22:e0:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4RLhIB8AWoq0HoKenZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZWNlZjk0M2QzNGM4MGUwYTBmZDgxNDI2ZTYxMzZiMzE1
MDhmZWUwHhcNMjUwMTAxMTc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjI0YzA2MGNjZGNkYmIxY2YwYjc0YWRkODM1MWRjNmU2NjVkMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssQSpjbp7rObU8buWhMZuVVHD2bu
75o1CSYeivJPCAFvG1prVwfS3338EegMwvqZt9iaZ5TFU+tGm+tOA47l6XVQqJW4
sSfbiD55cpHnHyUQFlVSQiLhMMnm1gqIz5xLFRrhKoRQ9rWhVIVUfUqhNzqRNHxv
156KBfhVPMoeiUtpJEOD+vS/N1ejpyT8vu+Eit9fpzbmn8hFUmAy6o9QJDQoW1Zl
V0E+MoK5K1hPL3F/5wjtHIAG3pec44F10gkK2wkhD9Fk5sRp4BrY2AjFdlH7kM/U
xHz2oNd7vDW3XLJL4M9pLj2Ovs1cY+DV7HTR0G8+1mBYT3cIdUXPoiBxbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLskwGDM3Nuxzwt0rdg1HcbmZdL0MB8GA1UdIwQY
MBaAFCvs75Q9NMgOCg/YFCbmE2sxUI/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEt
NDQ5MTI0YWNlMDI2LzEvdXlUQVlNemMyN0hQQzNTdDJEVWR4dVpsMHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEtNDQ5MTI0YWNlMDI2
LzEvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucOwMA0G
CSqGSIb3DQEBCwUAA4IBAQBLjQjlOsw1gVilckSh3ke/eaRAt0Q2qV7aTezltPJv
Bmn4bcxRJ3Xs7JARbX/ceONhVwKoPpAxhpLVbvpxWYqcSfDAh9mG+Fm7iKpyEFxo
IFkiuMcDhRb93mFoSEO78Chosm+F1wJ2z28YA5IZau61d7WZcYRiFq/xpiAQX7Fe
l/NO5XBOn0SDYzaLQd4VWspJjPnnis2EGVgLZDgAAuQrVz2TktOJkq+A+lgKOsok
aWdEaASyS+vipfeZRXqe5cufr4CEwfD5r6dElck2q2qego9y70DQ1vRebowGXAu2
x1ZG5ltixNHSPNqvGkEVOp5z88RO57HqEOtURxsVIuAU
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:46:24 2025 by rpki-client