Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UJVJt5_Arh5oP7MnvKcbCGODOc4.roa
File: UJVJt5_Arh5oP7MnvKcbCGODOc4.roa (raw, json)
Hash identifier: cSJe9mPxkDM+ny/+GoKSWRH8dkU4qbTNsxlZ1deFGeo=
Subject key identifier: 50:95:49:B7:9F:C0:AE:1E:68:3F:B3:27:BC:A7:1B:08:63:83:39:CE
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 019421440C27C95BB9699AC0B2AED2B68F1D
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UJVJt5_Arh5oP7MnvKcbCGODOc4.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 394094
IP address blocks: 31.25.199.0/24 maxlen: 24
185.106.241.0/24 maxlen: 24
185.106.243.0/24 maxlen: 24
2a06:4101::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0c:27:c9:5b:b9:69:9a:c0:b2:ae:d2:b6:8f:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=509549b79fc0ae1e683fb327bca71b08638339ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:c9:ba:d2:47:c9:7a:81:7e:3f:04:b9:e6:
8d:f3:3c:b7:ec:68:a1:d9:97:3e:1a:b2:60:69:ee:
19:54:91:68:e4:6b:f0:db:2b:4c:c5:80:85:c1:1c:
35:a1:ca:75:92:f9:05:fa:61:2a:45:9d:23:6d:ba:
01:48:43:61:a6:20:f7:07:1b:d5:40:95:59:32:81:
89:88:c2:55:81:ad:40:12:5e:f3:99:7d:97:08:38:
98:8e:57:fa:d1:e3:dd:e2:43:68:03:82:44:0e:4d:
ff:eb:94:91:16:92:20:1a:74:7d:78:23:d9:a3:68:
ea:c1:25:6b:47:fa:9f:80:70:c8:5f:84:c6:3a:78:
db:b2:b2:51:4a:cf:4e:40:08:ef:7c:13:d2:b8:53:
9d:ec:1d:8f:b8:a0:ee:8c:df:4d:76:74:99:cf:bb:
7b:51:94:74:b4:84:4b:a6:93:43:5c:46:99:eb:a7:
6c:e8:54:31:fd:20:be:ec:8c:08:0c:ea:96:a2:07:
61:36:d7:ce:d4:c2:03:6c:27:6f:f3:ac:a4:ef:b3:
ed:42:1d:09:7f:86:5a:b7:62:1b:0b:0d:6f:9e:da:
3f:e8:55:be:0d:c4:53:de:bf:a4:e5:2c:36:13:c5:
fd:5d:e1:e7:c8:e1:14:0a:14:f8:81:2d:10:2b:47:
cd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:95:49:B7:9F:C0:AE:1E:68:3F:B3:27:BC:A7:1B:08:63:83:39:CE
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/UJVJt5_Arh5oP7MnvKcbCGODOc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.199.0/24
185.106.241.0/24
185.106.243.0/24
IPv6:
2a06:4101::/32
Signature Algorithm: sha256WithRSAEncryption
48:a9:63:6f:4c:94:c3:f9:4a:c6:1e:e6:3a:07:ad:8c:cc:fa:
a0:14:59:89:85:90:05:33:ff:40:56:e9:53:a7:61:53:af:40:
c4:70:b6:c1:88:a2:88:5c:11:eb:f9:ea:05:53:ec:6e:2d:bb:
32:a8:f9:2d:ef:40:d7:bd:04:8e:18:40:cc:0a:f8:39:69:fb:
ca:c0:bb:f1:e3:cc:82:5c:75:b8:03:0f:e6:ae:20:e0:c0:fa:
0e:19:b4:e5:0e:d1:ff:d6:96:d4:02:dd:61:6a:63:bb:33:8d:
71:ac:c2:1e:ce:10:eb:d0:5a:9e:66:70:13:8b:c7:c6:cc:4d:
09:08:7d:12:98:9d:16:65:41:f6:fa:56:9b:ce:19:c0:17:66:
4f:97:0d:da:15:a2:db:22:e5:2c:a0:1c:8d:d5:fe:07:f6:c1:
20:85:1e:86:b7:c5:16:cb:c2:01:89:c6:4a:3e:d6:4a:b1:f8:
eb:4d:f4:b0:a7:98:24:79:ed:39:14:c4:4b:91:e0:16:5f:52:
c8:a6:17:fe:67:43:09:9a:45:85:37:3e:5d:71:d4:cf:8e:9d:
86:8d:5a:bb:ce:94:f7:5b:02:27:e4:b4:43:6e:86:45:d4:09:
5c:30:17:15:bf:f2:dd:91:c3:4e:c3:f1:05:6b:be:7c:1b:eb:
2a:4a:c5:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhRAwnyVu5aZrAsq7Sto8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk1NDliNzlmYzBhZTFlNjgzZmIzMjdiY2E3MWIwODYzODMzOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy7JutJHyXqBfj8EueaN8zy37Gih
2Zc+GrJgae4ZVJFo5Gvw2ytMxYCFwRw1ocp1kvkF+mEqRZ0jbboBSENhpiD3BxvV
QJVZMoGJiMJVga1AEl7zmX2XCDiYjlf60ePd4kNoA4JEDk3/65SRFpIgGnR9eCPZ
o2jqwSVrR/qfgHDIX4TGOnjbsrJRSs9OQAjvfBPSuFOd7B2PuKDujN9NdnSZz7t7
UZR0tIRLppNDXEaZ66ds6FQx/SC+7IwIDOqWogdhNtfO1MIDbCdv86yk77PtQh0J
f4Zat2IbCw1vnto/6FW+DcRT3r+k5Sw2E8X9XeHnyOEUChT4gS0QK0fNnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFCVSbefwK4eaD+zJ7ynGwhjgznOMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvVUpWSnQ1X0FyaDVvUDdNbnZLY2JDR09ET2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAHxnHAwQA
uWrxAwQAuWrzMA0EAgACMAcDBQAqBkEBMA0GCSqGSIb3DQEBCwUAA4IBAQBIqWNv
TJTD+UrGHuY6B62MzPqgFFmJhZAFM/9AVulTp2FTr0DEcLbBiKKIXBHr+eoFU+xu
LbsyqPkt70DXvQSOGEDMCvg5afvKwLvx48yCXHW4Aw/mriDgwPoOGbTlDtH/1pbU
At1hamO7M41xrMIezhDr0FqeZnATi8fGzE0JCH0SmJ0WZUH2+labzhnAF2ZPlw3a
FaLbIuUsoByN1f4H9sEghR6Gt8UWy8IBicZKPtZKsfjrTfSwp5gkee05FMRLkeAW
X1LIphf+Z0MJmkWFNz5dcdTPjp2GjVq7zpT3WwIn5LRDboZF1AlcMBcVv/LdkcNO
w/EFa758G+sqSsVh
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:46:15 2025 by rpki-client