Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uCtRRjdg-t-cpgTw53BJqUy0QVI.roa
File: uCtRRjdg-t-cpgTw53BJqUy0QVI.roa (raw, json)
Hash identifier: 5Y9xVY/fbc1XmttV3yzfzuQbOTzp+eDp8bg7nqIAPqw=
Subject key identifier: B8:2B:51:46:37:60:FA:DF:9C:A6:04:F0:E7:70:49:A9:4C:B4:41:52
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3A900C80FC51E5C55AF5FE16DDE57
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uCtRRjdg-t-cpgTw53BJqUy0QVI.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 95.164.77.0/24 maxlen: 24
95.164.78.0/24 maxlen: 24
95.164.79.0/24 maxlen: 24
95.164.160.0/24 maxlen: 24
95.164.161.0/24 maxlen: 24
95.164.162.0/24 maxlen: 24
95.164.163.0/24 maxlen: 24
95.164.164.0/24 maxlen: 24
95.164.165.0/24 maxlen: 24
95.164.166.0/24 maxlen: 24
95.164.167.0/24 maxlen: 24
95.164.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:00:c8:0f:c5:1e:5c:55:af:5f:e1:6d:de:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b82b51463760fadf9ca604f0e77049a94cb44152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8e:48:e2:4d:d4:e3:fe:15:dc:b4:19:14:bd:
a5:98:83:ac:99:2a:71:55:65:b6:04:46:47:f5:64:
38:40:95:c4:51:6d:73:37:20:5f:80:be:0f:08:83:
33:b9:ab:95:16:c4:ac:4f:91:a6:66:26:bb:e8:0c:
c3:23:40:38:4f:3a:e2:11:27:54:79:cf:e4:4f:d3:
20:a7:ce:c2:92:17:37:64:54:32:98:95:e0:e9:e3:
9d:09:a2:c2:ff:da:e3:be:21:6e:04:13:7a:16:34:
cd:32:90:f6:4f:aa:2b:2b:fb:0a:c6:91:c9:62:19:
d0:67:51:fa:35:6c:cf:61:5a:b5:36:b4:94:52:42:
d0:7b:9f:1c:a0:0c:92:f9:65:a6:5c:8e:7f:5b:ab:
35:ae:4e:b7:1d:2a:c8:a1:17:21:40:d1:a7:58:f2:
83:18:33:6c:9f:a4:1b:a9:5f:4f:f4:ec:c1:0e:3e:
59:24:4d:4d:be:6b:1a:2b:d2:e0:66:17:19:0b:2a:
8f:a5:95:18:c3:c6:b0:35:3b:15:e8:c4:5e:41:5d:
2e:c1:9b:1a:5f:b5:b0:7d:89:6e:76:97:92:b9:9a:
3e:61:94:70:c9:a9:ce:7b:1e:1d:1a:4d:6b:b9:de:
11:fa:04:20:72:e7:56:a5:b1:47:83:f4:d9:7c:46:
99:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2B:51:46:37:60:FA:DF:9C:A6:04:F0:E7:70:49:A9:4C:B4:41:52
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/uCtRRjdg-t-cpgTw53BJqUy0QVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.77.0-95.164.79.255
95.164.160.0/21
95.164.224.0/22
Signature Algorithm: sha256WithRSAEncryption
99:e3:c1:5d:3f:11:5b:2a:2a:29:71:bb:fd:bd:83:e8:2c:d2:
72:0a:61:8f:da:e7:34:cd:55:89:d1:95:04:57:ab:6c:23:9a:
d2:69:70:0a:ac:e6:4f:8c:19:aa:11:b0:cb:3a:c4:b7:43:ee:
38:56:81:b5:49:cb:6b:12:79:03:6e:f2:03:6e:7e:04:16:b1:
20:be:1b:45:24:2c:be:59:46:77:ba:16:d7:7a:c5:5d:7e:83:
88:64:81:04:56:17:09:9c:e3:ae:d6:f3:72:89:c9:af:00:59:
82:ce:71:10:d7:de:5b:39:2e:2d:d5:f7:31:0d:ab:eb:53:4b:
a5:1f:db:ad:f4:32:78:c3:86:ea:e8:88:a6:97:64:cf:2e:e6:
3e:53:ac:92:de:71:26:e0:85:bb:3f:77:00:65:88:98:58:50:
c7:25:ec:e7:16:33:0d:8b:a0:0c:99:02:94:b8:e7:8f:67:ed:
e5:c9:05:fc:50:24:6e:29:67:e3:5b:a5:8a:e0:2c:fd:bb:e4:
4a:b7:79:43:c9:3c:5e:f0:c0:d5:01:c5:46:1d:1c:f6:0c:da:
cd:ba:70:e1:3e:5b:62:62:e4:fa:36:ad:23:90:3b:26:eb:4d:
48:4c:41:8d:0d:80:fb:9b:da:dd:0f:62:78:49:52:a6:4a:de:
a3:e0:a8:3d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQks6kAyA/FHlxVr1/hbd5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJiNTE0NjM3NjBmYWRmOWNhNjA0ZjBlNzcwNDlhOTRjYjQ0MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi45I4k3U4/4V3LQZFL2lmIOsmSpx
VWW2BEZH9WQ4QJXEUW1zNyBfgL4PCIMzuauVFsSsT5GmZia76AzDI0A4TzriESdU
ec/kT9Mgp87Ckhc3ZFQymJXg6eOdCaLC/9rjviFuBBN6FjTNMpD2T6orK/sKxpHJ
YhnQZ1H6NWzPYVq1NrSUUkLQe58coAyS+WWmXI5/W6s1rk63HSrIoRchQNGnWPKD
GDNsn6QbqV9P9OzBDj5ZJE1NvmsaK9LgZhcZCyqPpZUYw8awNTsV6MReQV0uwZsa
X7WwfYludpeSuZo+YZRwyanOex4dGk1rud4R+gQgcudWpbFHg/TZfEaZxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLgrUUY3YPrfnKYE8OdwSalMtEFSMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvdUN0UlJqZGctdC1jcGdUdzUzQkpxVXkwUVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABfpE0D
BARfpEADBANfpKADBAJfpOAwDQYJKoZIhvcNAQELBQADggEBAJnjwV0/EVsqKilx
u/29g+gs0nIKYY/a5zTNVYnRlQRXq2wjmtJpcAqs5k+MGaoRsMs6xLdD7jhWgbVJ
y2sSeQNu8gNufgQWsSC+G0UkLL5ZRne6Ftd6xV1+g4hkgQRWFwmc467W83KJya8A
WYLOcRDX3ls5Li3V9zENq+tTS6Uf2630MnjDhuroiKaXZM8u5j5TrJLecSbghbs/
dwBliJhYUMcl7OcWMw2LoAyZApS4549n7eXJBfxQJG4pZ+NbpYrgLP275Eq3eUPJ
PF7wwNUBxUYdHPYM2s26cOE+W2Ji5Po2rSOQOybrTUhMQY0NgPub2t0PYnhJUqZK
3qPgqD0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:37:32 2025 by rpki-client