Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/uzaT_8pYRSOjnRLn-VDCRDMHjkw.roa
File: uzaT_8pYRSOjnRLn-VDCRDMHjkw.roa (raw, json)
Hash identifier: BTL6zzsEp/zMhbPEtqOYQnpjz6sJkx1lWw25F56hHZw=
Subject key identifier: BB:36:93:FF:CA:58:45:23:A3:9D:12:E7:F9:50:C2:44:33:07:8E:4C
Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial: 0194214412D28CE40B2DB4B2FD5957D72D39
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/uzaT_8pYRSOjnRLn-VDCRDMHjkw.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12874
IP address blocks: 2.224.0.0/13 maxlen: 13
2.232.0.0/13 maxlen: 13
37.186.192.0/18 maxlen: 18
62.101.64.0/19 maxlen: 19
62.101.96.0/19 maxlen: 19
62.101.124.0/22 maxlen: 22
81.208.0.0/18 maxlen: 18
81.208.64.0/18 maxlen: 18
83.103.0.0/17 maxlen: 17
83.103.0.0/18 maxlen: 18
83.103.64.0/18 maxlen: 18
85.18.0.0/16 maxlen: 16
85.18.0.0/17 maxlen: 17
85.18.128.0/17 maxlen: 17
89.96.0.0/15 maxlen: 15
89.96.0.0/16 maxlen: 16
89.97.0.0/16 maxlen: 16
92.223.128.0/17 maxlen: 17
93.32.0.0/12 maxlen: 12
93.32.0.0/13 maxlen: 13
93.32.0.0/14 maxlen: 14
93.32.0.0/15 maxlen: 15
93.33.0.0/16 maxlen: 16
93.34.0.0/15 maxlen: 15
93.36.0.0/14 maxlen: 14
93.36.0.0/15 maxlen: 15
93.37.0.0/17 maxlen: 17
93.37.128.0/17 maxlen: 17
93.38.0.0/15 maxlen: 15
93.39.0.0/16 maxlen: 16
93.40.0.0/13 maxlen: 13
93.40.0.0/14 maxlen: 14
93.40.0.0/15 maxlen: 15
93.40.128.0/18 maxlen: 18
93.40.192.0/18 maxlen: 18
93.41.0.0/16 maxlen: 16
93.42.0.0/15 maxlen: 15
93.42.0.0/16 maxlen: 16
93.43.0.0/16 maxlen: 16
93.44.0.0/14 maxlen: 14
93.44.0.0/15 maxlen: 15
93.46.0.0/15 maxlen: 15
93.48.0.0/13 maxlen: 13
93.56.0.0/14 maxlen: 14
93.60.0.0/15 maxlen: 15
93.62.0.0/15 maxlen: 15
151.0.128.0/17 maxlen: 17
185.7.112.0/22 maxlen: 22
213.140.0.0/20 maxlen: 20
213.140.16.0/20 maxlen: 20
213.156.32.0/20 maxlen: 20
213.156.48.0/20 maxlen: 20
2001:b00::/29 maxlen: 29
2001:b00:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:12:d2:8c:e4:0b:2d:b4:b2:fd:59:57:d7:2d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb3693ffca584523a39d12e7f950c24433078e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:96:b4:bc:c4:0f:65:bd:ed:12:aa:5d:2f:72:
48:d6:6d:36:17:f6:15:68:86:5d:ce:2c:f6:42:c2:
46:86:56:b7:96:c7:50:34:8d:d3:86:fd:21:6b:c5:
e7:76:b1:df:27:c5:58:84:6a:67:9c:1b:9f:24:bd:
f2:9f:eb:b0:b5:30:6a:58:8d:ab:d1:f6:af:33:9a:
0c:0c:0a:2c:14:75:31:f3:3f:1b:f2:6d:36:fe:c8:
96:3b:af:34:11:57:4e:cf:b7:61:c0:3f:95:ec:ca:
c5:d5:c2:2e:22:a1:ed:18:d1:68:8b:e8:48:78:0d:
1b:4d:13:49:ba:a1:b5:54:b4:35:b8:d1:0e:71:f8:
f4:57:d1:53:ca:76:45:f9:85:4c:d0:12:39:54:c1:
d9:5f:42:02:da:87:2a:c4:54:00:bd:25:00:48:33:
42:f7:4f:00:d0:e2:24:dd:2e:02:73:77:d9:8c:44:
5f:20:ac:4c:18:ae:d0:57:78:bc:6c:b5:b9:d6:80:
45:c4:1a:7d:01:92:ee:d8:3b:af:f2:58:2c:6e:64:
51:a3:d6:80:0b:91:b7:46:12:03:19:6c:a9:86:76:
be:e1:e5:75:a3:bf:1f:9f:67:cc:ac:71:ae:c0:20:
76:0a:0d:b7:2e:5c:50:ca:67:cc:9b:24:84:b1:40:
f5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:36:93:FF:CA:58:45:23:A3:9D:12:E7:F9:50:C2:44:33:07:8E:4C
X509v3 Authority Key Identifier:
keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/uzaT_8pYRSOjnRLn-VDCRDMHjkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.224.0.0/12
37.186.192.0/18
62.101.64.0/18
81.208.0.0/17
83.103.0.0/17
85.18.0.0/16
89.96.0.0/15
92.223.128.0/17
93.32.0.0/11
151.0.128.0/17
185.7.112.0/22
213.140.0.0/19
213.156.32.0/19
IPv6:
2001:b00::/29
Signature Algorithm: sha256WithRSAEncryption
06:0a:b6:98:59:ab:ad:e0:10:21:a4:c7:d5:b8:3b:bf:37:c4:
97:0b:c4:f3:3e:36:63:e4:38:81:0d:b1:0d:a0:ae:b1:dd:75:
ca:75:35:fb:ca:c5:46:6c:e3:22:ad:db:55:35:91:b7:a7:a8:
e8:0a:7d:c3:79:b5:4b:7b:d1:9a:af:53:0b:1c:d0:7d:c4:43:
ea:36:df:39:c5:b4:91:e5:90:81:4e:ef:50:00:ae:f0:e1:22:
cd:fc:a2:b9:1b:c4:c7:f7:85:52:13:a3:76:65:44:b3:93:dd:
9e:4c:59:fd:00:c9:f8:28:41:27:68:c8:ae:31:4d:98:f0:52:
93:21:61:43:b2:6a:6c:05:2d:88:f9:08:84:eb:c4:41:ae:fc:
e0:7b:42:e6:b8:77:98:1c:9d:2c:f2:95:ee:cb:cd:80:1d:b0:
14:f6:05:9c:5d:f7:7d:aa:d0:87:77:b9:95:3e:94:ea:56:39:
36:d5:50:f6:bd:30:42:fc:d0:93:a0:95:39:39:e3:f1:ba:78:
7f:a9:9e:16:96:68:c5:45:7f:86:7b:48:3b:9a:4f:d3:70:d9:
07:02:2b:70:4e:65:08:1e:cc:93:80:79:42:06:54:79:ef:88:
b5:5b:a6:42:4f:ca:90:a5:3e:2d:ef:d3:f0:ba:13:f7:0a:b6:
2f:c9:13:38
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQhRBLSjOQLLbSy/VlX1y05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM2OTNmZmNhNTg0NTIzYTM5ZDEyZTdmOTUwYzI0NDMzMDc4ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35a0vMQPZb3tEqpdL3JI1m02F/YV
aIZdziz2QsJGhla3lsdQNI3Thv0ha8XndrHfJ8VYhGpnnBufJL3yn+uwtTBqWI2r
0favM5oMDAosFHUx8z8b8m02/siWO680EVdOz7dhwD+V7MrF1cIuIqHtGNFoi+hI
eA0bTRNJuqG1VLQ1uNEOcfj0V9FTynZF+YVM0BI5VMHZX0IC2ocqxFQAvSUASDNC
908A0OIk3S4Cc3fZjERfIKxMGK7QV3i8bLW51oBFxBp9AZLu2Duv8lgsbmRRo9aA
C5G3RhIDGWyphna+4eV1o78fn2fMrHGuwCB2Cg23LlxQymfMmySEsUD1jQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLs2k//KWEUjo50S5/lQwkQzB45MMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvdXphVF84cFlSU09qblJMbi1WRENSRE1Iamt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwMEAuADBAYl
usADBAY+ZUADBAdR0AADBAdTZwADAwBVEgMDAVlgAwQHXN+AAwMFXSADBAeXAIAD
BAK5B3ADBAXVjAADBAXVnCAwDQQCAAIwBwMFAyABCwAwDQYJKoZIhvcNAQELBQAD
ggEBAAYKtphZq63gECGkx9W4O783xJcLxPM+NmPkOIENsQ2grrHddcp1NfvKxUZs
4yKt21U1kbenqOgKfcN5tUt70ZqvUwsc0H3EQ+o23znFtJHlkIFO71AArvDhIs38
orkbxMf3hVITo3ZlRLOT3Z5MWf0AyfgoQSdoyK4xTZjwUpMhYUOyamwFLYj5CITr
xEGu/OB7Qua4d5gcnSzyle7LzYAdsBT2BZxd932q0Id3uZU+lOpWOTbVUPa9MEL8
0JOglTk54/G6eH+pnhaWaMVFf4Z7SDuaT9Nw2QcCK3BOZQgezJOAeUIGVHnviLVb
pkJPypClPi3v0/C6E/cKti/JEzg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:53 2025 by rpki-client