Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/uTaWQEqkT3VDsjoAhq5gw8mVwOQ.roa
File: uTaWQEqkT3VDsjoAhq5gw8mVwOQ.roa (raw, json)
Hash identifier: xB2IQW+JC30VMfZ+n3Kl+A7lkKJJ7MAH//Df7ex6gzs=
Subject key identifier: B9:36:96:40:4A:A4:4F:75:43:B2:3A:00:86:AE:60:C3:C9:95:C0:E4
Certificate issuer: /CN=8acdb281fb65f028b7cdcab9c4706ea7c4594022
Certificate serial: 019423D6E844E1E1BCB82B065AAA48EAF332
Authority key identifier: 8A:CD:B2:81:FB:65:F0:28:B7:CD:CA:B9:C4:70:6E:A7:C4:59:40:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is2ygftl8Ci3zcq5xHBup8RZQCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/uTaWQEqkT3VDsjoAhq5gw8mVwOQ.roa
Signing time: Wed 01 Jan 2025 21:47:54 +0000
ROA not before: Wed 01 Jan 2025 21:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47655
IP address blocks: 176.111.72.0/21 maxlen: 21
176.111.72.0/24 maxlen: 24
176.111.73.0/24 maxlen: 24
176.111.74.0/24 maxlen: 24
194.152.34.0/23 maxlen: 23
194.152.35.0/24 maxlen: 24
2001:67c:2760::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e8:44:e1:e1:bc:b8:2b:06:5a:aa:48:ea:f3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acdb281fb65f028b7cdcab9c4706ea7c4594022
Validity
Not Before: Jan 1 21:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b93696404aa44f7543b23a0086ae60c3c995c0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:61:ca:01:5e:ef:19:f1:1d:91:ef:cc:e1:8d:
1a:9f:54:7b:24:51:3a:7e:81:55:08:30:d1:bc:3f:
fa:d5:e8:a2:5b:05:cd:2b:a7:1f:e8:3c:c4:38:9a:
31:39:63:65:0e:7e:40:da:a2:be:1d:6b:6c:fd:81:
55:b3:e6:1b:96:2d:84:dc:98:ba:c8:af:df:22:fe:
cc:4c:09:ee:fe:bf:f1:5b:32:d9:3c:09:f8:a7:fe:
ea:92:d7:5c:c3:d2:87:29:d8:04:b3:6e:f7:33:50:
79:ed:bf:b2:ae:5d:39:50:69:1e:b8:09:8c:17:d7:
5c:be:fb:0c:cc:62:bc:69:06:9d:2f:21:f6:75:ae:
67:89:a0:22:63:82:47:70:e9:b8:4b:8e:c8:dd:f2:
81:0c:14:08:aa:76:77:8d:ff:04:ae:e4:d8:7a:58:
1c:31:3b:0a:cf:df:89:ed:c9:ba:b8:85:67:13:9e:
13:78:2f:98:ce:8a:a2:40:dc:af:29:83:2b:76:50:
ef:53:45:93:94:27:e2:99:9e:5f:51:65:15:90:35:
f5:d8:25:b4:cf:55:aa:1f:f7:b2:2c:f7:a5:31:62:
a3:cb:03:9d:45:32:30:08:21:87:d7:c3:10:49:fc:
90:2b:6e:e4:ee:f3:42:92:bb:82:52:8f:7a:b4:b6:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:36:96:40:4A:A4:4F:75:43:B2:3A:00:86:AE:60:C3:C9:95:C0:E4
X509v3 Authority Key Identifier:
keyid:8A:CD:B2:81:FB:65:F0:28:B7:CD:CA:B9:C4:70:6E:A7:C4:59:40:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is2ygftl8Ci3zcq5xHBup8RZQCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/uTaWQEqkT3VDsjoAhq5gw8mVwOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f7a6a3-71f3-4482-b0c5-fac346400369/1/is2ygftl8Ci3zcq5xHBup8RZQCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.72.0/21
194.152.34.0/23
IPv6:
2001:67c:2760::/48
Signature Algorithm: sha256WithRSAEncryption
0b:17:e9:86:a4:90:48:47:b1:8c:91:1a:8d:91:ae:26:4b:46:
48:75:16:65:de:3d:55:27:73:01:85:51:d7:53:16:e9:07:4d:
ff:30:6e:78:9a:09:73:e6:75:74:33:be:45:19:20:96:db:d9:
74:8e:0c:3b:7c:cc:3d:70:8a:b2:66:c1:e1:db:72:fa:bb:d1:
c9:49:c1:8a:05:a7:0a:b2:4b:cf:6b:6b:59:28:26:56:53:90:
2c:e0:80:2a:cc:2f:4b:20:6d:e1:cb:58:ca:f9:8d:ab:2c:78:
2f:8a:fb:cf:2b:79:2b:fb:1c:f2:6d:d5:e1:a3:1e:35:b0:ce:
b0:a7:f4:29:c8:ce:a1:9b:64:09:ca:49:f7:2c:92:a1:ae:8e:
7f:59:7e:b8:a1:ad:24:17:b9:e3:f2:8e:d5:e6:45:b9:7b:0e:
cc:35:6c:ed:5d:49:d1:51:eb:73:4d:97:78:82:e3:b3:c2:e0:
1e:53:a4:02:1e:c8:cb:be:81:23:b4:db:c6:35:c4:50:e5:ee:
4c:1b:9b:46:3f:24:98:57:2e:10:3c:c6:db:00:2c:62:9b:4a:
28:47:a5:b4:cf:c8:8d:03:d3:80:b4:c5:dd:c3:93:61:e5:a9:
92:8f:87:4a:35:c3:62:73:a5:b1:ac:4a:69:49:cc:ea:11:00:
c5:dc:07:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQj1uhE4eG8uCsGWqpI6vMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhY2RiMjgxZmI2NWYwMjhiN2NkY2FiOWM0NzA2ZWE3YzQ1
OTQwMjIwHhcNMjUwMTAxMjE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTM2OTY0MDRhYTQ0Zjc1NDNiMjNhMDA4NmFlNjBjM2M5OTVjMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2HKAV7vGfEdke/M4Y0an1R7JFE6
foFVCDDRvD/61eiiWwXNK6cf6DzEOJoxOWNlDn5A2qK+HWts/YFVs+Ybli2E3Ji6
yK/fIv7MTAnu/r/xWzLZPAn4p/7qktdcw9KHKdgEs273M1B57b+yrl05UGkeuAmM
F9dcvvsMzGK8aQadLyH2da5niaAiY4JHcOm4S47I3fKBDBQIqnZ3jf8EruTYelgc
MTsKz9+J7cm6uIVnE54TeC+YzoqiQNyvKYMrdlDvU0WTlCfimZ5fUWUVkDX12CW0
z1WqH/eyLPelMWKjywOdRTIwCCGH18MQSfyQK27k7vNCkruCUo96tLaSvQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLk2lkBKpE91Q7I6AIauYMPJlcDkMB8GA1UdIwQY
MBaAFIrNsoH7ZfAot83KucRwbqfEWUAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXMyeWdmdGw4Q2kzemNxNXhIQnVwOFJaUUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mN2E2YTMtNzFmMy00NDgyLWIwYzUt
ZmFjMzQ2NDAwMzY5LzEvdVRhV1FFcWtUM1ZEc2pvQWhxNWd3OG1Wd09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mN2E2YTMtNzFmMy00NDgyLWIwYzUtZmFjMzQ2NDAwMzY5
LzEvaXMyeWdmdGw4Q2kzemNxNXhIQnVwOFJaUUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDsG9IAwQB
wpgiMA8EAgACMAkDBwAgAQZ8J2AwDQYJKoZIhvcNAQELBQADggEBAAsX6YakkEhH
sYyRGo2RriZLRkh1FmXePVUncwGFUddTFukHTf8wbniaCXPmdXQzvkUZIJbb2XSO
DDt8zD1wirJmweHbcvq70clJwYoFpwqyS89ra1koJlZTkCzggCrML0sgbeHLWMr5
jasseC+K+88reSv7HPJt1eGjHjWwzrCn9CnIzqGbZAnKSfcskqGujn9ZfrihrSQX
uePyjtXmRbl7Dsw1bO1dSdFR63NNl3iC47PC4B5TpAIeyMu+gSO028Y1xFDl7kwb
m0Y/JJhXLhA8xtsALGKbSihHpbTPyI0D04C0xd3Dk2HlqZKPh0o1w2JzpbGsSmlJ
zOoRAMXcB/c=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:06 2025 by rpki-client