Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UgagA4LzI8gkGSGNBuf9Np2MhUc.roa
File: UgagA4LzI8gkGSGNBuf9Np2MhUc.roa (raw, json)
Hash identifier: PVo8RbjRw+XDwi2izGwNSTeVInBU6Ee1UgtO/8GkhXw=
Subject key identifier: 52:06:A0:03:82:F3:23:C8:24:19:21:8D:06:E7:FD:36:9D:8C:85:47
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 01872CF299A9B62C31F2019859CEFDD137A2
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UgagA4LzI8gkGSGNBuf9Np2MhUc.roa
Signing time: Wed 29 Mar 2023 10:38:29 +0000
ROA not before: Wed 29 Mar 2023 10:38:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 188.241.249.0/24 maxlen: 32
185.66.136.0/22 maxlen: 32
92.255.64.0/24 maxlen: 32
119.12.192.0/21 maxlen: 32
92.255.83.0/24 maxlen: 32
92.255.82.0/24 maxlen: 32
92.255.81.0/24 maxlen: 32
92.114.81.0/24 maxlen: 32
180.235.160.0/20 maxlen: 32
89.40.81.0/24 maxlen: 32
110.238.192.0/19 maxlen: 32
92.114.60.0/22 maxlen: 32
94.177.14.0/23 maxlen: 32
91.92.216.0/23 maxlen: 32
91.92.218.0/24 maxlen: 32
188.241.15.0/24 maxlen: 32
5.62.152.0/21 maxlen: 32
93.113.52.0/23 maxlen: 32
188.241.56.0/23 maxlen: 32
91.92.178.0/23 maxlen: 32
94.139.224.0/20 maxlen: 32
89.38.234.0/24 maxlen: 32
92.255.0.0/24 maxlen: 32
193.56.26.0/23 maxlen: 32
188.211.24.0/23 maxlen: 32
86.106.176.0/23 maxlen: 32
176.223.104.0/22 maxlen: 32
94.139.60.0/23 maxlen: 32
91.92.22.0/23 maxlen: 32
94.176.0.0/23 maxlen: 32
180.149.16.0/20 maxlen: 32
193.142.103.0/24 maxlen: 32
188.240.48.0/23 maxlen: 32
91.92.138.0/24 maxlen: 32
193.200.104.0/23 maxlen: 32
94.176.132.0/23 maxlen: 32
176.223.182.0/23 maxlen: 32
188.212.136.0/21 maxlen: 32
188.94.84.0/22 maxlen: 32
89.104.122.0/23 maxlen: 32
31.14.26.0/24 maxlen: 32
110.239.212.0/22 maxlen: 32
110.239.208.0/22 maxlen: 32
110.239.216.0/21 maxlen: 32
89.223.22.0/23 maxlen: 32
180.149.0.0/20 maxlen: 32
91.192.212.0/22 maxlen: 32
93.115.4.0/23 maxlen: 32
77.81.92.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:f2:99:a9:b6:2c:31:f2:01:98:59:ce:fd:d1:37:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Mar 29 10:38:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5206a00382f323c82419218d06e7fd369d8c8547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2f:d6:c3:bc:64:9c:ee:7a:b7:8d:93:f9:00:
7d:4a:bf:8b:07:de:58:62:46:ee:b5:8b:e3:e6:78:
b8:75:ff:ac:be:0c:c9:13:37:b1:b7:35:19:f1:7f:
82:59:bb:8e:9d:8b:4a:13:ff:61:9e:26:ac:41:8b:
ce:17:f7:f0:32:94:64:eb:99:bb:ff:c1:18:93:2b:
c0:99:04:e4:de:f9:3a:6a:2a:6a:e5:f9:81:4e:c6:
c0:72:44:bb:2d:6c:a0:1f:da:d1:98:97:56:32:30:
88:09:3a:c1:45:1f:97:e9:b5:80:f7:e1:33:c5:3a:
40:32:bd:b8:41:c5:0b:76:26:8a:08:57:67:8c:78:
4c:d7:12:8a:7b:7f:32:05:68:b7:57:7a:a7:85:06:
20:d8:19:27:ba:3c:49:dd:f4:22:9c:7f:5d:dd:42:
f6:21:ba:47:25:28:a3:71:89:d1:ee:52:c5:03:77:
da:14:1f:3a:76:55:b2:82:c9:41:48:64:32:21:74:
31:4d:55:39:60:cf:4f:a6:02:7c:16:8f:b5:9f:62:
89:98:75:a4:5b:1f:2f:3b:ef:90:30:13:d5:99:9c:
af:de:08:82:29:be:5d:dd:96:f4:93:4f:c5:14:a1:
35:3f:fb:f7:60:44:e8:a5:bb:a2:a8:0a:bb:91:09:
34:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:06:A0:03:82:F3:23:C8:24:19:21:8D:06:E7:FD:36:9D:8C:85:47
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/UgagA4LzI8gkGSGNBuf9Np2MhUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.152.0/21
31.14.26.0/24
77.81.92.0/22
86.106.176.0/23
89.38.234.0/24
89.40.81.0/24
89.104.122.0/23
89.223.22.0/23
91.92.22.0/23
91.92.138.0/24
91.92.178.0/23
91.92.216.0-91.92.218.255
91.192.212.0/22
92.114.60.0/22
92.114.81.0/24
92.255.0.0/24
92.255.64.0/24
92.255.81.0-92.255.83.255
93.113.52.0/23
93.115.4.0/23
94.139.60.0/23
94.139.224.0/20
94.176.0.0/23
94.176.132.0/23
94.177.14.0/23
110.238.192.0/19
110.239.208.0/20
119.12.192.0/21
176.223.104.0/22
176.223.182.0/23
180.149.0.0/19
180.235.160.0/20
185.66.136.0/22
188.94.84.0/22
188.211.24.0/23
188.212.136.0/21
188.240.48.0/23
188.241.15.0/24
188.241.56.0/23
188.241.249.0/24
193.56.26.0/23
193.142.103.0/24
193.200.104.0/23
Signature Algorithm: sha256WithRSAEncryption
28:60:f7:fc:3f:9b:89:2c:7a:8d:07:7d:55:10:82:cd:a1:77:
24:a1:42:a5:38:5f:8b:7f:f8:29:c5:39:ec:90:42:0e:79:9f:
27:3f:3f:4e:6b:c7:8b:68:83:06:fd:4d:e9:c8:0c:a1:98:7b:
92:00:fd:88:8c:3d:93:23:33:e4:fd:aa:89:ad:a0:c4:67:cc:
d4:66:69:6e:c8:ed:ad:fb:e2:df:70:c2:9e:9f:0d:da:31:c6:
f6:91:b4:73:03:ed:1a:c5:48:a4:68:f2:9b:8d:a7:51:fc:b8:
d7:0a:61:4f:2d:98:a2:0b:a2:84:e2:ef:17:ea:f7:ac:a5:63:
41:1b:a3:7d:83:13:ca:9e:fc:13:e1:b6:40:a0:3d:b2:7e:76:
e1:2e:37:91:d1:3e:65:e3:16:86:9b:3c:cc:07:de:54:e1:b0:
cb:05:68:fe:a2:6f:91:92:a5:d0:48:0e:9a:ff:21:79:5f:6b:
3b:2b:d3:c5:ab:c4:ab:07:6a:23:6e:fa:d9:91:fa:ed:8f:18:
9d:82:0c:82:66:27:5b:22:ae:05:36:26:49:2a:73:19:a2:42:
5e:35:ec:91:81:5d:61:48:99:46:df:65:ea:e7:df:7f:be:93:
84:74:55:7d:82:87:54:85:a2:8f:c6:63:0f:e8:32:58:7f:32:
31:b1:d6:e1
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYcs8pmptiwx8gGYWc790TeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwMzI5MTAzODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA2YTAwMzgyZjMyM2M4MjQxOTIxOGQwNmU3ZmQzNjlkOGM4NTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy/Ww7xknO56t42T+QB9Sr+LB95Y
YkbutYvj5ni4df+svgzJEzextzUZ8X+CWbuOnYtKE/9hniasQYvOF/fwMpRk65m7
/8EYkyvAmQTk3vk6aipq5fmBTsbAckS7LWygH9rRmJdWMjCICTrBRR+X6bWA9+Ez
xTpAMr24QcULdiaKCFdnjHhM1xKKe38yBWi3V3qnhQYg2BknujxJ3fQinH9d3UL2
IbpHJSijcYnR7lLFA3faFB86dlWygslBSGQyIXQxTVU5YM9PpgJ8Fo+1n2KJmHWk
Wx8vO++QMBPVmZyv3giCKb5d3Zb0k0/FFKE1P/v3YETopbuiqAq7kQk0RwIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFFIGoAOC8yPIJBkhjQbn/TadjIVHMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvVWdhZ0E0THpJOGdrR1NHTkJ1ZjlOcDJNaFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAwU+mAMEAB8OGgMEAk1RXAMEAVZqsAMEAFkm6gMEAFkoUQMEAVloegMEAVnf
FgMEAVtcFgMEAFtcigMEAVtcsjAMAwQDW1zYAwQAW1zaAwQCW8DUAwQCXHI8AwQA
XHJRAwQAXP8AAwQAXP9AMAwDBABc/1EDBAJc/1ADBAFdcTQDBAFdcwQDBAFeizwD
BARei+ADBAFesAADBAFesIQDBAFesQ4DBAVu7sADBARu79ADBAN3DMADBAKw32gD
BAGw37YDBAW0lQADBAS066ADBAK5QogDBAK8XlQDBAG80xgDBAO81IgDBAG88DAD
BAC88Q8DBAG88TgDBAC88fkDBAHBOBoDBADBjmcDBAHByGgwDQYJKoZIhvcNAQEL
BQADggEBAChg9/w/m4kseo0HfVUQgs2hdyShQqU4X4t/+CnFOeyQQg55nyc/P05r
x4togwb9TenIDKGYe5IA/YiMPZMjM+T9qomtoMRnzNRmaW7I7a374t9wwp6fDdox
xvaRtHMD7RrFSKRo8puNp1H8uNcKYU8tmKILooTi7xfq96ylY0Ebo32DE8qe/BPh
tkCgPbJ+duEuN5HRPmXjFoabPMwH3lThsMsFaP6ib5GSpdBIDpr/IXlfazsr08Wr
xKsHaiNu+tmR+u2PGJ2CDIJmJ1sirgU2JkkqcxmiQl417JGBXWFImUbfZern33++
k4R0VX2Ch1SFoo/GYw/oMlh/MjGx1uE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:47:53 2025 by rpki-client