Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ac86da-cdaa-4afc-8d4a-bfa872c2f392/1/uMaOUumndZxKeHpsLiDjyBlhUEc.roa
File: uMaOUumndZxKeHpsLiDjyBlhUEc.roa (raw, json)
Hash identifier: Vgb/fd+KM9R/ibiYhniBySYsrSRU1XkwhrI3i4xQXFQ=
Subject key identifier: B8:C6:8E:52:E9:A7:75:9C:4A:78:7A:6C:2E:20:E3:C8:19:61:50:47
Certificate issuer: /CN=6f7be3ad1f7c5950cd46d48bb1f7ea7750afa81e
Certificate serial: 0194258EB9318E20C5B79B1F48211D5060D2
Authority key identifier: 6F:7B:E3:AD:1F:7C:59:50:CD:46:D4:8B:B1:F7:EA:77:50:AF:A8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3vjrR98WVDNRtSLsffqd1CvqB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ac86da-cdaa-4afc-8d4a-bfa872c2f392/1/uMaOUumndZxKeHpsLiDjyBlhUEc.roa
Signing time: Thu 02 Jan 2025 05:48:18 +0000
ROA not before: Thu 02 Jan 2025 05:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20643
IP address blocks: 185.112.28.0/22 maxlen: 22
2a06:6240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:b9:31:8e:20:c5:b7:9b:1f:48:21:1d:50:60:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f7be3ad1f7c5950cd46d48bb1f7ea7750afa81e
Validity
Not Before: Jan 2 05:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8c68e52e9a7759c4a787a6c2e20e3c819615047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1e:94:8c:14:34:c5:d5:b5:a5:89:e0:7a:0c:
38:a2:35:81:c9:de:91:8c:ff:a0:1d:b6:38:a9:3a:
ea:34:5a:76:39:ca:29:e6:b4:3a:e6:da:0f:a0:a8:
e1:03:7a:d5:73:8d:13:88:da:fd:27:e9:b0:46:f4:
f4:fa:d9:27:0b:5f:27:67:ee:ae:2e:ab:e4:e7:34:
a8:59:9f:c5:25:00:86:66:da:93:10:19:91:16:d8:
a7:cb:41:d7:f2:28:f4:f5:95:57:95:25:54:8a:f4:
b6:fe:b2:2a:62:48:d3:6e:e6:58:e9:cb:43:28:d0:
f4:cd:d5:98:95:6d:5b:65:72:2d:c1:97:4b:4f:6b:
cb:c5:af:d0:ae:c7:f8:21:4f:47:f7:09:0c:80:4b:
af:43:f9:d2:51:33:34:f6:23:a1:93:98:62:fe:8d:
6e:21:f2:30:d8:0b:20:9d:e2:43:11:c3:3c:cb:7f:
12:1d:56:94:87:54:2b:7f:db:66:0b:5a:12:67:a4:
0a:56:16:08:02:21:5f:43:df:90:80:9d:71:b2:19:
aa:d8:c3:68:a5:c3:5a:61:bc:70:73:9b:af:c9:6f:
9c:3d:f9:89:29:10:1e:41:cc:4e:29:0d:cd:2e:19:
67:a2:d8:81:82:e0:c4:44:08:d2:0a:19:a0:7a:19:
a6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C6:8E:52:E9:A7:75:9C:4A:78:7A:6C:2E:20:E3:C8:19:61:50:47
X509v3 Authority Key Identifier:
keyid:6F:7B:E3:AD:1F:7C:59:50:CD:46:D4:8B:B1:F7:EA:77:50:AF:A8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3vjrR98WVDNRtSLsffqd1CvqB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ac86da-cdaa-4afc-8d4a-bfa872c2f392/1/uMaOUumndZxKeHpsLiDjyBlhUEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ac86da-cdaa-4afc-8d4a-bfa872c2f392/1/b3vjrR98WVDNRtSLsffqd1CvqB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.28.0/22
IPv6:
2a06:6240::/29
Signature Algorithm: sha256WithRSAEncryption
29:26:df:fa:21:9c:fc:aa:b4:43:08:2d:b8:18:cc:b8:b9:69:
75:aa:27:c5:94:39:35:32:b3:65:72:eb:60:1e:5c:b7:01:54:
db:2b:39:19:11:af:eb:48:fb:0b:cb:a0:2a:85:5f:16:91:d8:
64:4c:48:92:35:54:16:0f:d7:88:1c:63:9a:4f:e6:33:5c:0b:
ef:e3:56:40:cc:b3:e4:da:3e:1c:e8:f4:7c:e2:7e:00:77:ad:
2a:73:76:37:7c:c5:e4:5a:d3:46:46:66:dc:98:af:dd:94:f3:
e8:a8:9d:06:8b:3a:31:89:b4:fe:ee:1e:c6:88:d2:5b:cc:35:
81:40:ff:ad:19:ed:21:ea:30:ac:1c:33:33:90:85:d2:51:d5:
e4:14:2d:8b:be:f9:42:15:b7:f3:4b:85:64:09:3f:e1:5e:02:
88:9e:6f:0a:d6:11:0b:6b:fe:d6:d3:9c:4c:dd:bb:da:16:af:
a6:38:d7:e1:13:cc:2f:5b:76:c7:80:28:7a:7e:92:1c:a5:70:
11:4b:31:e5:c2:fc:10:01:0d:21:79:59:d0:e3:0a:76:33:56:
2a:29:10:c4:72:8e:74:48:85:20:13:b3:6c:35:75:25:60:fb:
8d:2d:40:72:07:6f:e4:5c:36:03:31:e9:91:64:1a:73:93:51:
92:59:06:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljrkxjiDFt5sfSCEdUGDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmN2JlM2FkMWY3YzU5NTBjZDQ2ZDQ4YmIxZjdlYTc3NTBh
ZmE4MWUwHhcNMjUwMTAyMDU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM2OGU1MmU5YTc3NTljNGE3ODdhNmMyZTIwZTNjODE5NjE1MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh6UjBQ0xdW1pYngegw4ojWByd6R
jP+gHbY4qTrqNFp2Ocop5rQ65toPoKjhA3rVc40TiNr9J+mwRvT0+tknC18nZ+6u
Lqvk5zSoWZ/FJQCGZtqTEBmRFtiny0HX8ij09ZVXlSVUivS2/rIqYkjTbuZY6ctD
KND0zdWYlW1bZXItwZdLT2vLxa/Qrsf4IU9H9wkMgEuvQ/nSUTM09iOhk5hi/o1u
IfIw2AsgneJDEcM8y38SHVaUh1Qrf9tmC1oSZ6QKVhYIAiFfQ9+QgJ1xshmq2MNo
pcNaYbxwc5uvyW+cPfmJKRAeQcxOKQ3NLhlnotiBguDERAjSChmgehmmwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLjGjlLpp3WcSnh6bC4g48gZYVBHMB8GA1UdIwQY
MBaAFG97460ffFlQzUbUi7H36ndQr6geMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjN2anJSOThXVkROUnRTTHNmZnFkMUN2cUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYzg2ZGEtY2RhYS00YWZjLThkNGEt
YmZhODcyYzJmMzkyLzEvdU1hT1V1bW5kWnhLZUhwc0xpRGp5QmxoVUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYzg2ZGEtY2RhYS00YWZjLThkNGEtYmZhODcyYzJmMzky
LzEvYjN2anJSOThXVkROUnRTTHNmZnFkMUN2cUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXAcMA0E
AgACMAcDBQMqBmJAMA0GCSqGSIb3DQEBCwUAA4IBAQApJt/6IZz8qrRDCC24GMy4
uWl1qifFlDk1MrNlcutgHly3AVTbKzkZEa/rSPsLy6AqhV8WkdhkTEiSNVQWD9eI
HGOaT+YzXAvv41ZAzLPk2j4c6PR84n4Ad60qc3Y3fMXkWtNGRmbcmK/dlPPoqJ0G
izoxibT+7h7GiNJbzDWBQP+tGe0h6jCsHDMzkIXSUdXkFC2LvvlCFbfzS4VkCT/h
XgKInm8K1hELa/7W05xM3bvaFq+mONfhE8wvW3bHgCh6fpIcpXARSzHlwvwQAQ0h
eVnQ4wp2M1YqKRDEco50SIUgE7NsNXUlYPuNLUByB2/kXDYDMemRZBpzk1GSWQbC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:09 2025 by rpki-client