Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/bUAq5GQJvIKf75XsHcELwq-TDAs.roa
File: bUAq5GQJvIKf75XsHcELwq-TDAs.roa (raw, json)
Hash identifier: v/ODgqD6E1LhEmbG5jDkQa3jWafQ2kLSKofmmG+VKzY=
Subject key identifier: 6D:40:2A:E4:64:09:BC:82:9F:EF:95:EC:1D:C1:0B:C2:AF:93:0C:0B
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348DCAAB78EDAF1C40AB052AFD8B5F5
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/bUAq5GQJvIKf75XsHcELwq-TDAs.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51820
IP address blocks: 138.188.138.0/24 maxlen: 24
138.188.136.0/24 maxlen: 24
195.65.47.0/24 maxlen: 24
194.209.67.0/24 maxlen: 24
193.5.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:dc:aa:b7:8e:da:f1:c4:0a:b0:52:af:d8:b5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d402ae46409bc829fef95ec1dc10bc2af930c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:d1:94:9f:04:af:1f:41:38:76:e5:d1:1b:
fb:02:f7:6a:71:c0:ae:09:50:8f:d8:3c:15:1f:75:
d0:c6:a8:18:f2:9c:7d:66:30:41:e1:28:91:78:6b:
a5:a6:42:a6:f9:5a:82:fd:06:15:eb:af:af:75:1c:
42:e3:50:9d:5e:2d:c7:0c:49:3f:f4:e3:a3:77:a3:
66:04:1d:28:4c:ad:47:21:ad:41:58:5b:27:34:bc:
cb:de:39:a7:e6:49:5d:8c:fb:85:b1:5b:79:dc:91:
74:b7:43:fc:19:b6:fe:21:00:2c:9f:21:a7:cf:01:
e0:42:a1:68:c2:db:04:88:e1:a7:84:2f:7c:ad:74:
44:fd:f1:d2:57:c9:8f:03:a3:05:b1:d4:c7:15:01:
0b:7c:8e:61:24:b7:36:ef:f7:f7:b9:eb:eb:9f:db:
5e:9a:10:c9:9d:b7:41:90:55:27:12:5b:e9:64:ee:
6c:32:d2:29:2a:6a:ab:62:04:7e:a7:03:3b:e3:09:
61:58:f4:0c:32:9f:db:03:a3:1d:61:a2:ce:99:82:
ac:e4:b9:79:ea:b8:78:b2:bb:9f:3f:3e:35:5e:a6:
82:04:f4:66:39:67:56:bf:58:08:be:65:f6:dd:36:
26:a3:cc:4c:e2:78:e2:5e:6d:f7:a1:fa:51:01:0c:
52:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:40:2A:E4:64:09:BC:82:9F:EF:95:EC:1D:C1:0B:C2:AF:93:0C:0B
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/bUAq5GQJvIKf75XsHcELwq-TDAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.188.136.0/24
138.188.138.0/24
193.5.63.0/24
194.209.67.0/24
195.65.47.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6e:46:37:70:96:94:35:d6:15:0b:c3:a6:64:e0:d0:cd:62:
17:0f:ed:b6:36:88:e1:ee:43:a3:6e:47:79:76:7b:7c:2c:d4:
3b:cb:78:7c:d6:5f:3f:70:2e:34:1a:6d:a9:ec:f8:50:72:78:
32:e1:d6:23:b3:cf:20:02:62:62:1c:da:90:ab:78:66:75:09:
64:6f:bb:68:74:b1:e7:33:38:83:dc:67:a2:3b:f5:b8:02:c5:
be:2f:03:61:a5:38:86:dc:3d:b5:64:a5:ec:71:38:92:b5:60:
4e:3a:86:ce:bb:6c:c3:96:f9:66:38:a9:ed:c2:03:3b:4a:80:
3c:b4:d5:17:7a:7d:9f:5b:4a:6e:03:53:48:82:d7:34:06:eb:
7e:c3:39:93:e5:e7:14:d8:f9:4f:c2:5a:e1:50:e9:36:70:df:
cd:94:0f:d0:e4:4d:c0:1f:98:30:5a:6b:b6:0e:cd:14:a5:21:
43:9e:2a:fc:c2:42:10:d7:b6:75:0d:9e:eb:85:87:e8:97:d5:
31:69:55:4c:95:e4:a9:cc:ed:4a:2f:0d:b1:34:db:d2:25:4d:
aa:8d:f5:b4:be:6a:fb:a8:c0:58:36:37:2f:1f:50:94:e0:05:
66:3e:be:12:2d:96:30:f3:60:6f:95:dd:75:fc:6e:70:76:7e:
b4:c4:51:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSNyqt47a8cQKsFKv2LX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQwMmFlNDY0MDliYzgyOWZlZjk1ZWMxZGMxMGJjMmFmOTMwYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6XRlJ8Erx9BOHbl0Rv7AvdqccCu
CVCP2DwVH3XQxqgY8px9ZjBB4SiReGulpkKm+VqC/QYV66+vdRxC41CdXi3HDEk/
9OOjd6NmBB0oTK1HIa1BWFsnNLzL3jmn5kldjPuFsVt53JF0t0P8Gbb+IQAsnyGn
zwHgQqFowtsEiOGnhC98rXRE/fHSV8mPA6MFsdTHFQELfI5hJLc27/f3uevrn9te
mhDJnbdBkFUnElvpZO5sMtIpKmqrYgR+pwM74wlhWPQMMp/bA6MdYaLOmYKs5Ll5
6rh4srufPz41XqaCBPRmOWdWv1gIvmX23TYmo8xM4njiXm33ofpRAQxSFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG1AKuRkCbyCn++V7B3BC8KvkwwLMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvYlVBcTVHUUp2SUtmNzVYc0hjRUx3cS1UREFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAiryIAwQA
iryKAwQAwQU/AwQAwtFDAwQAw0EvMA0GCSqGSIb3DQEBCwUAA4IBAQB4bkY3cJaU
NdYVC8OmZODQzWIXD+22Nojh7kOjbkd5dnt8LNQ7y3h81l8/cC40Gm2p7PhQcngy
4dYjs88gAmJiHNqQq3hmdQlkb7todLHnMziD3GeiO/W4AsW+LwNhpTiG3D21ZKXs
cTiStWBOOobOu2zDlvlmOKntwgM7SoA8tNUXen2fW0puA1NIgtc0But+wzmT5ecU
2PlPwlrhUOk2cN/NlA/Q5E3AH5gwWmu2Ds0UpSFDnir8wkIQ17Z1DZ7rhYfol9Ux
aVVMleSpzO1KLw2xNNvSJU2qjfW0vmr7qMBYNjcvH1CU4AVmPr4SLZYw82Bvld11
/G5wdn60xFF1
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:39 2025 by rpki-client