Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/uFxKkTJ2FS-YadWkkiFDxhg46zw.roa
File: uFxKkTJ2FS-YadWkkiFDxhg46zw.roa (raw, json)
Hash identifier: CKurhe6gxcartqAcpNhLJ0w752vEmApcJaVpSiuG5Lk=
Subject key identifier: B8:5C:4A:91:32:76:15:2F:98:69:D5:A4:92:21:43:C6:18:38:EB:3C
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019427479BAE390032FDBA58AF0D2130F315
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/uFxKkTJ2FS-YadWkkiFDxhg46zw.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 2.189.58.0/24 maxlen: 24
2.189.242.0/23 maxlen: 23
2.189.242.0/24 maxlen: 24
2.189.243.0/24 maxlen: 24
2.189.254.0/23 maxlen: 23
2.189.254.0/24 maxlen: 24
2.189.255.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9b:ae:39:00:32:fd:ba:58:af:0d:21:30:f3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b85c4a913276152f9869d5a4922143c61838eb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:33:d3:1b:42:4a:91:02:a2:72:09:69:25:
a5:f2:55:54:b7:b5:c2:3c:04:cf:83:0e:cc:b5:62:
6e:09:bc:67:2f:f4:b3:b3:17:f7:4e:ff:ef:54:bd:
36:fa:8e:36:27:dc:58:63:39:ad:5f:d9:94:a6:50:
4f:f2:49:b0:00:95:81:aa:97:26:4a:3d:f2:d1:c6:
70:06:0e:8e:48:56:ae:8a:f4:61:55:ef:36:03:20:
98:bc:d1:c7:08:6a:5f:c5:2e:23:7e:04:8c:21:a5:
7c:5f:56:52:80:54:eb:96:23:31:00:bf:d4:f9:04:
f7:1f:30:b1:f0:59:ae:b8:8c:e1:84:64:98:7d:74:
02:df:b8:c6:82:8c:5d:37:38:9c:cf:4b:9d:c5:17:
f7:66:4b:eb:f9:5f:aa:40:80:6a:1d:de:f6:1d:2e:
ad:8d:91:0c:bf:b5:c7:76:43:65:98:f7:82:26:59:
ae:bc:8c:8f:a5:55:d0:7b:c1:af:28:3f:b0:53:0d:
61:6f:67:02:b9:06:51:be:35:e5:0a:10:44:8a:ab:
0d:36:c3:fd:58:f3:44:41:46:50:6f:ab:33:2d:03:
4c:67:4c:19:ea:11:f8:ee:65:19:cb:b9:f3:b4:23:
79:33:26:a5:e3:79:24:0f:d8:ab:63:ca:62:13:25:
e1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5C:4A:91:32:76:15:2F:98:69:D5:A4:92:21:43:C6:18:38:EB:3C
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/uFxKkTJ2FS-YadWkkiFDxhg46zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.58.0/24
2.189.242.0/23
2.189.254.0/23
78.39.47.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:8f:4a:86:82:99:16:ee:cd:59:4b:22:f7:a1:20:f1:cb:d8:
96:3a:d5:01:d2:34:4a:da:dc:bd:0e:0b:1a:fe:34:9c:be:e3:
4f:d6:58:fb:fd:ae:51:ad:6a:5b:a8:db:b7:a8:a8:bd:fd:32:
70:8b:9e:3d:33:30:6c:cb:0e:d6:bb:3e:3c:ee:e2:14:ce:ea:
48:1a:32:4d:22:52:83:5f:aa:78:d9:15:ac:91:40:ca:17:d4:
ea:97:4e:92:d9:f0:a9:e8:d6:16:1b:98:f5:5a:a3:40:f9:52:
78:f1:7b:26:64:00:bc:02:5f:bb:60:71:c9:43:aa:02:b4:e6:
47:50:ee:13:39:db:b1:9e:7b:46:3a:c4:47:75:19:47:22:c0:
8a:9f:2d:b8:4b:7e:c4:56:65:91:26:81:9e:37:cf:cc:87:1f:
d8:a5:92:42:29:50:fd:de:4a:28:73:7e:7a:21:83:22:e7:14:
1f:bd:07:5e:7a:25:d5:c8:63:ea:fa:52:52:6d:46:b3:72:4b:
ee:a0:b5:79:4d:94:c6:58:33:3c:64:de:06:78:75:58:01:c9:
e1:ac:66:0d:a4:e3:5c:bd:66:c5:d6:80:ba:ed:cf:ec:72:ed:
21:18:0b:44:c7:98:1d:f0:9f:b1:84:5e:86:48:ef:e0:06:c7:
0c:0b:ff:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnR5uuOQAy/bpYrw0hMPMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVjNGE5MTMyNzYxNTJmOTg2OWQ1YTQ5MjIxNDNjNjE4MzhlYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrEz0xtCSpEConIJaSWl8lVUt7XC
PATPgw7MtWJuCbxnL/Szsxf3Tv/vVL02+o42J9xYYzmtX9mUplBP8kmwAJWBqpcm
Sj3y0cZwBg6OSFauivRhVe82AyCYvNHHCGpfxS4jfgSMIaV8X1ZSgFTrliMxAL/U
+QT3HzCx8FmuuIzhhGSYfXQC37jGgoxdNzicz0udxRf3Zkvr+V+qQIBqHd72HS6t
jZEMv7XHdkNlmPeCJlmuvIyPpVXQe8GvKD+wUw1hb2cCuQZRvjXlChBEiqsNNsP9
WPNEQUZQb6szLQNMZ0wZ6hH47mUZy7nztCN5Myal43kkD9irY8piEyXhLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLhcSpEydhUvmGnVpJIhQ8YYOOs8MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvdUZ4S2tUSjJGUy1ZYWRXa2tpRkR4aGc0Nnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAr06AwQB
Ar3yAwQBAr3+AwQATicvMA0GCSqGSIb3DQEBCwUAA4IBAQAtj0qGgpkW7s1ZSyL3
oSDxy9iWOtUB0jRK2ty9Dgsa/jScvuNP1lj7/a5RrWpbqNu3qKi9/TJwi549MzBs
yw7Wuz487uIUzupIGjJNIlKDX6p42RWskUDKF9Tql06S2fCp6NYWG5j1WqNA+VJ4
8XsmZAC8Al+7YHHJQ6oCtOZHUO4TOduxnntGOsRHdRlHIsCKny24S37EVmWRJoGe
N8/Mhx/YpZJCKVD93kooc356IYMi5xQfvQdeeiXVyGPq+lJSbUazckvuoLV5TZTG
WDM8ZN4GeHVYAcnhrGYNpONcvWbF1oC67c/scu0hGAtEx5gd8J+xhF6GSO/gBscM
C//p
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:28:01 2025 by rpki-client