Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/2u_bcZkkSvx-ZcsdCRFCGyh5HjM.roa
File: 2u_bcZkkSvx-ZcsdCRFCGyh5HjM.roa (raw, json)
Hash identifier: 7lJhGCJBImviva4lcJI32wc+2zEbO+nn7NwKLsiaeHg=
Subject key identifier: DA:EF:DB:71:99:24:4A:FC:7E:65:CB:1D:09:11:42:1B:28:79:1E:33
Certificate issuer: /CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Certificate serial: 019428235FB1A1E58734FD2ED32AD7A935B1
Authority key identifier: C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/2u_bcZkkSvx-ZcsdCRFCGyh5HjM.roa
Signing time: Thu 02 Jan 2025 17:49:54 +0000
ROA not before: Thu 02 Jan 2025 17:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47951
IP address blocks: 194.104.137.0/24 maxlen: 24
2a11:5fc0::/29 maxlen: 29
2a11:5fc0::/32 maxlen: 32
2a11:5fc1::/32 maxlen: 32
2a11:5fc2::/32 maxlen: 32
2a11:5fc3::/32 maxlen: 32
2a11:5fc4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:5f:b1:a1:e5:87:34:fd:2e:d3:2a:d7:a9:35:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35adeebc28d7e27fd9eb9efb23551dae20b1d0f
Validity
Not Before: Jan 2 17:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daefdb7199244afc7e65cb1d0911421b28791e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:62:4b:5e:1b:42:f6:a5:00:e1:fa:61:47:
de:df:17:a5:6f:24:e3:81:d3:31:e9:7b:77:0e:27:
52:f9:3d:3f:b3:ba:2c:a3:af:8f:6f:21:12:8d:6e:
60:cb:1c:72:80:71:42:b5:e2:9a:a3:5d:a0:21:ab:
e9:89:db:b5:9a:14:cb:e0:c9:8d:b1:9a:ee:61:62:
83:ec:90:e4:08:d5:95:9e:bf:a7:b2:0f:b7:2d:f4:
57:70:4d:62:b5:13:2d:36:d2:75:21:fd:9a:45:9a:
a4:55:8f:8b:ff:39:08:9b:1f:b3:e8:b3:38:8d:73:
50:c1:c0:11:8e:ae:42:62:fa:cd:26:23:d8:f9:8e:
d6:a9:c9:59:01:a0:4d:be:6e:0b:b1:85:2a:65:52:
d8:46:7a:1f:4f:3f:25:f8:45:15:ff:f0:78:28:1b:
f6:39:e6:2a:a1:af:ee:fc:4c:de:10:a1:f2:02:98:
31:56:0a:f6:0d:27:3e:e9:b7:ed:cd:6b:0d:7c:bb:
c4:76:03:64:57:7e:10:3f:8a:f1:cd:78:43:bf:fb:
3f:4d:cc:53:b2:99:c6:da:6f:a2:7c:f0:cb:93:a0:
cf:3f:9f:93:d8:a6:57:60:19:e2:40:9a:f7:d9:9b:
d4:2b:5f:6b:b8:49:80:04:e1:23:cc:66:36:e2:31:
a0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EF:DB:71:99:24:4A:FC:7E:65:CB:1D:09:11:42:1B:28:79:1E:33
X509v3 Authority Key Identifier:
keyid:C3:5A:DE:EB:C2:8D:7E:27:FD:9E:B9:EF:B2:35:51:DA:E2:0B:1D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1re68KNfif9nrnvsjVR2uILHQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/2u_bcZkkSvx-ZcsdCRFCGyh5HjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/839d1c-4db3-45cc-b04f-b55d7d7f2c48/1/w1re68KNfif9nrnvsjVR2uILHQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.137.0/24
IPv6:
2a11:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
45:66:1a:96:fe:b0:d6:37:e4:77:3e:2c:4a:56:d1:e8:3a:f4:
6b:7e:68:b7:e2:6b:1d:26:4a:28:22:11:25:52:4b:93:29:cd:
a2:e3:1f:ac:b6:86:6d:cf:9a:db:73:e2:e2:02:db:05:fd:67:
15:5b:c5:14:1f:a9:91:97:20:58:ad:af:ff:c0:55:2b:f9:2e:
4a:2b:b8:2c:25:79:2a:da:7d:78:d5:73:df:c4:df:cf:30:71:
f1:9c:0e:f9:71:30:9f:1d:8d:ea:ae:82:f4:3f:d7:a6:ec:a7:
26:a1:a0:c5:9d:6b:89:7c:70:6a:35:db:5b:77:44:14:46:84:
4c:29:5d:63:83:93:14:b7:b5:6d:a4:6c:2b:90:1d:cd:b3:b2:
dd:6f:47:38:37:d3:98:a9:dc:88:40:7f:a8:c5:be:15:f0:bd:
0a:f3:44:cb:40:a8:a5:ff:38:9d:87:51:ee:bc:40:e1:76:2f:
6f:72:88:94:7d:47:b2:ef:bc:c1:8a:47:7e:81:c2:e4:a9:57:
c8:bb:a2:54:2a:a1:26:51:fe:9d:e6:d7:34:63:42:cb:a6:4b:
07:58:22:02:e2:a6:d2:4e:80:9f:be:6d:29:f7:02:96:f3:d1:
89:6d:77:58:5d:94:f3:1a:f5:d2:a6:0e:27:7e:c3:c9:18:05:
fe:1e:af:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI1+xoeWHNP0u0yrXqTWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWFkZWViYzI4ZDdlMjdmZDllYjllZmIyMzU1MWRhZTIw
YjFkMGYwHhcNMjUwMTAyMTc0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWVmZGI3MTk5MjQ0YWZjN2U2NWNiMWQwOTExNDIxYjI4NzkxZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw85iS14bQvalAOH6YUfe3xelbyTj
gdMx6Xt3DidS+T0/s7oso6+PbyESjW5gyxxygHFCteKao12gIavpidu1mhTL4MmN
sZruYWKD7JDkCNWVnr+nsg+3LfRXcE1itRMtNtJ1If2aRZqkVY+L/zkImx+z6LM4
jXNQwcARjq5CYvrNJiPY+Y7WqclZAaBNvm4LsYUqZVLYRnofTz8l+EUV//B4KBv2
OeYqoa/u/EzeEKHyApgxVgr2DSc+6bftzWsNfLvEdgNkV34QP4rxzXhDv/s/TcxT
spnG2m+ifPDLk6DPP5+T2KZXYBniQJr32ZvUK19ruEmABOEjzGY24jGgSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNrv23GZJEr8fmXLHQkRQhsoeR4zMB8GA1UdIwQY
MBaAFMNa3uvCjX4n/Z6577I1UdriCx0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYt
YjU1ZDdkN2YyYzQ4LzEvMnVfYmNaa2tTdngtWmNzZENSRkNHeWg1SGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84MzlkMWMtNGRiMy00NWNjLWIwNGYtYjU1ZDdkN2YyYzQ4
LzEvdzFyZTY4S05maWY5bnJudnNqVlIydUlMSFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmiJMA0E
AgACMAcDBQMqEV/AMA0GCSqGSIb3DQEBCwUAA4IBAQBFZhqW/rDWN+R3PixKVtHo
OvRrfmi34msdJkooIhElUkuTKc2i4x+stoZtz5rbc+LiAtsF/WcVW8UUH6mRlyBY
ra//wFUr+S5KK7gsJXkq2n141XPfxN/PMHHxnA75cTCfHY3qroL0P9em7KcmoaDF
nWuJfHBqNdtbd0QURoRMKV1jg5MUt7VtpGwrkB3Ns7Ldb0c4N9OYqdyIQH+oxb4V
8L0K80TLQKil/zidh1HuvEDhdi9vcoiUfUey77zBikd+gcLkqVfIu6JUKqEmUf6d
5tc0Y0LLpksHWCIC4qbSToCfvm0p9wKW89GJbXdYXZTzGvXSpg4nfsPJGAX+Hq9n
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:11 2025 by rpki-client