Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/1-UA0EVNZJEavCWur-G2JsGlXO6k.roa
File: 1-UA0EVNZJEavCWur-G2JsGlXO6k.roa (raw, json)
Hash identifier: JOPcsO22HBQN0uoLyQiWx2hknip4M0L5K0Lv0R0amuk=
Subject key identifier: F9:40:34:11:53:59:24:46:AF:09:6B:AB:F8:6D:89:B0:69:57:3B:A9
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 019372D4359FC7E10F924EE5720030E16980
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/1-UA0EVNZJEavCWur-G2JsGlXO6k.roa
Signing time: Thu 28 Nov 2024 12:52:10 +0000
ROA not before: Thu 28 Nov 2024 12:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12085
IP address blocks: 137.174.152.0/21 maxlen: 24
155.204.0.0/22 maxlen: 24
155.204.112.0/21 maxlen: 24
155.204.128.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:d4:35:9f:c7:e1:0f:92:4e:e5:72:00:30:e1:69:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Nov 28 12:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f940341153592446af096babf86d89b069573ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:5a:17:80:14:28:1d:cd:a0:aa:01:6a:d3:
2c:36:c0:d8:28:03:fc:c2:d5:1a:2c:93:b4:ba:9d:
89:7a:05:fd:82:cc:e6:e5:25:f4:a4:4a:3e:96:27:
7a:4c:f8:c1:92:f1:e6:5c:3a:b9:07:23:e5:e7:2a:
3e:22:f3:38:8a:15:0d:69:86:30:e0:33:fd:fd:04:
76:36:a3:e6:69:ad:fc:ad:a8:cc:74:3b:73:10:b2:
6d:26:3a:f1:3f:f5:a0:9f:d8:54:e5:c9:1f:87:86:
79:55:24:9a:82:32:c4:ce:f4:8a:14:89:b3:d6:99:
68:1c:a7:19:8b:a5:07:9d:4d:a7:ba:fd:ef:fc:9c:
47:98:81:af:97:96:b8:b7:d6:9f:7d:9a:85:2a:35:
e3:44:cb:67:b0:68:dd:ee:8f:ef:b9:70:79:c1:42:
65:66:c7:84:59:03:d5:90:14:4c:18:aa:96:d0:97:
78:5a:91:cc:6c:b8:34:16:bd:60:48:c4:9d:0c:7e:
1f:50:54:e1:2d:d0:d1:48:0e:17:75:06:77:25:ec:
f7:b8:f5:13:82:1a:34:0a:65:9c:b3:f7:e3:89:46:
71:1c:84:f4:f1:67:8c:f0:c5:a0:97:6b:fc:5e:d5:
fa:b8:6c:e5:af:d2:51:39:c6:2e:59:8a:84:5a:1b:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:40:34:11:53:59:24:46:AF:09:6B:AB:F8:6D:89:B0:69:57:3B:A9
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/1-UA0EVNZJEavCWur-G2JsGlXO6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.152.0/21
155.204.0.0/22
155.204.112.0/21
155.204.128.0/21
Signature Algorithm: sha256WithRSAEncryption
26:10:89:1a:79:18:65:2a:fb:31:39:c9:15:21:21:2d:83:ea:
2c:1e:63:15:27:e1:3a:48:d9:41:42:62:a7:49:c1:96:26:c3:
9d:07:aa:61:4c:b6:dd:24:8a:d0:d5:5a:ba:d9:f9:c2:63:d6:
31:2f:c9:e5:e2:e2:4f:eb:8a:b3:7d:b7:14:24:71:e5:b7:5c:
02:59:0e:cc:dd:f2:6b:67:3a:95:83:7c:42:d5:bc:45:e0:b3:
d8:95:c6:a3:8d:07:04:32:fb:61:ae:51:da:fb:74:19:15:5e:
3a:fd:e0:b6:eb:de:30:5b:4c:df:51:0a:45:8c:51:46:19:4f:
6a:4f:96:f8:e4:62:aa:cd:77:96:58:2c:c9:f8:70:b6:3f:5b:
0a:5e:2e:0a:f0:56:cf:62:72:fb:be:99:d6:44:81:48:e0:ff:
5e:ab:ef:45:c5:ec:96:9a:bd:22:91:89:36:ba:66:4c:f0:35:
21:1c:ae:ee:47:25:a2:ce:7e:be:99:9e:76:3d:dd:78:78:3f:
7f:7a:a7:45:9f:01:19:5c:19:54:9b:5d:45:25:6d:22:7d:59:
3a:d9:58:07:a0:ae:b0:54:9e:5d:ff:65:0b:c2:fc:a7:75:b1:
50:52:9a:6f:35:fd:d5:66:d1:38:15:f0:4a:85:be:00:05:b9:
48:1c:8a:60
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZNy1DWfx+EPkk7lcgAw4WmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQxMTI4MTI1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQwMzQxMTUzNTkyNDQ2YWYwOTZiYWJmODZkODliMDY5NTczYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG9aF4AUKB3NoKoBatMsNsDYKAP8
wtUaLJO0up2JegX9gszm5SX0pEo+lid6TPjBkvHmXDq5ByPl5yo+IvM4ihUNaYYw
4DP9/QR2NqPmaa38rajMdDtzELJtJjrxP/Wgn9hU5ckfh4Z5VSSagjLEzvSKFImz
1ploHKcZi6UHnU2nuv3v/JxHmIGvl5a4t9affZqFKjXjRMtnsGjd7o/vuXB5wUJl
ZseEWQPVkBRMGKqW0Jd4WpHMbLg0Fr1gSMSdDH4fUFThLdDRSA4XdQZ3Jez3uPUT
gho0CmWcs/fjiUZxHIT08WeM8MWgl2v8XtX6uGzlr9JROcYuWYqEWhsJ8wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPlANBFTWSRGrwlrq/htibBpVzupMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvMS1VQTBFVk5aSkVhdkNXdXItRzJKc0dsWE82ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvZTNmYjdkLWRkNGItNGQ4NS1iMDhlLTU5MWNhZjUzNmVj
Yy8xL0lxWFlRRlBpc01NVHJ4NDdwUkFrWnFYM2xuZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA4mumAME
ApvMAAMEA5vMcAMEA5vMgDANBgkqhkiG9w0BAQsFAAOCAQEAJhCJGnkYZSr7MTnJ
FSEhLYPqLB5jFSfhOkjZQUJip0nBlibDnQeqYUy23SSK0NVautn5wmPWMS/J5eLi
T+uKs323FCRx5bdcAlkOzN3ya2c6lYN8QtW8ReCz2JXGo40HBDL7Ya5R2vt0GRVe
Ov3gtuveMFtM31EKRYxRRhlPak+W+ORiqs13llgsyfhwtj9bCl4uCvBWz2Jy+76Z
1kSBSOD/XqvvRcXslpq9IpGJNrpmTPA1IRyu7kclos5+vpmedj3deHg/f3qnRZ8B
GVwZVJtdRSVtIn1ZOtlYB6CusFSeXf9lC8L8p3WxUFKabzX91WbROBXwSoW+AAW5
SByKYA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:59 2025 by rpki-client