Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uQFzdhpRFzGF_FvB1gtLF1qf6o4.roa
File: uQFzdhpRFzGF_FvB1gtLF1qf6o4.roa (raw, json)
Hash identifier: lWGYSOtE6Az9hbcNIfYRkGphnFIi2Rei4X5IsCv7eJc=
Subject key identifier: B9:01:73:76:1A:51:17:31:85:FC:5B:C1:D6:0B:4B:17:5A:9F:EA:8E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194F11F32C936C1C31C89E80F9F7C2DDAF2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uQFzdhpRFzGF_FvB1gtLF1qf6o4.roa
Signing time: Mon 10 Feb 2025 18:29:01 +0000
ROA not before: Mon 10 Feb 2025 18:29:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.100.0/22 maxlen: 24
64.188.120.0/22 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:1f:32:c9:36:c1:c3:1c:89:e8:0f:9f:7c:2d:da:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 10 18:29:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b90173761a51173185fc5bc1d60b4b175a9fea8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a8:e5:44:f3:9e:d3:cb:75:9a:3d:20:b0:6e:
81:51:0f:f1:6b:33:cd:19:6a:43:15:cf:41:02:76:
5b:8b:31:05:56:bb:94:6b:03:d6:13:34:e6:2b:40:
5a:76:bc:b9:12:98:05:b2:42:d7:e9:cc:db:f2:95:
c7:f3:b0:63:96:da:63:2e:9d:f5:26:af:70:37:ea:
35:00:32:3c:1c:70:de:80:2e:52:0a:8c:1c:c2:12:
52:09:4a:b0:e4:07:71:2c:b4:15:87:5c:a2:32:e0:
14:e5:7f:dd:32:bd:be:19:f9:25:97:34:82:a7:2d:
3d:c5:70:2e:9b:83:c8:af:29:d5:41:8a:32:f6:cf:
0e:80:7a:8c:9c:d5:54:f7:45:a5:dd:45:6a:c5:3b:
ac:8b:98:a6:50:e9:49:4b:0b:c9:17:df:53:4c:1f:
27:4b:4e:d1:53:77:b7:2a:5a:60:53:e0:d3:bf:9c:
9e:2c:22:eb:a6:ee:d1:cf:29:d7:06:92:a7:b6:d3:
1e:bb:b2:e7:a8:af:df:69:9c:ec:3d:77:ed:f6:6b:
b1:26:ea:29:0b:ee:11:ff:fe:33:56:5a:d3:38:43:
e8:69:6a:7e:f0:a0:4a:c8:a4:da:64:cd:1d:5d:4b:
df:e5:b9:fb:41:a0:d9:35:23:bf:7b:ef:8d:02:7d:
1f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:01:73:76:1A:51:17:31:85:FC:5B:C1:D6:0B:4B:17:5A:9F:EA:8E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uQFzdhpRFzGF_FvB1gtLF1qf6o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.100.0/22
64.188.120.0/21
185.216.104.0/22
193.23.192.0/19
Signature Algorithm: sha256WithRSAEncryption
b8:e3:a4:c6:0b:11:4a:1d:90:d9:17:66:01:d7:64:97:64:98:
44:ca:ef:83:85:19:65:06:6e:c3:d9:f7:fc:4b:6f:18:7f:39:
10:b0:5d:d5:1c:0b:8f:09:26:bf:8d:10:c7:d5:64:2e:38:cf:
8f:f8:77:5a:3a:8e:d7:f4:8f:93:3f:0e:fe:54:a2:f4:08:fd:
ea:3f:56:8f:cf:b1:7f:73:27:c8:9c:81:c5:75:22:24:55:69:
d3:04:c3:d4:74:d8:de:6a:b7:1d:6b:bf:00:bf:2f:c7:ad:23:
9c:b6:21:e5:ee:92:a2:16:8a:c8:e5:df:1a:3d:68:57:c2:50:
5c:dd:83:4d:2d:00:50:39:62:49:2d:49:ee:1e:f2:c2:9e:44:
32:14:9a:bc:eb:de:0d:41:3e:ba:90:74:08:76:0d:7e:e7:48:
c5:55:15:87:2f:b8:a6:2b:2e:ad:52:15:42:70:90:9f:4f:11:
4c:57:11:8f:83:c4:9f:5b:e6:cd:e0:cb:dc:6c:bc:61:4c:09:
3e:07:f8:08:e6:60:81:98:91:cf:b4:8a:a3:03:ec:03:57:e8:
54:b1:8e:e3:a4:ea:64:de:82:d1:d3:62:85:b8:34:26:20:f0:
ce:34:bb:08:a6:df:23:72:e0:39:d1:05:93:91:41:9a:39:5a:
05:76:a9:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTxHzLJNsHDHInoD598LdryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEwMTgyOTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTAxNzM3NjFhNTExNzMxODVmYzViYzFkNjBiNGIxNzVhOWZlYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqjlRPOe08t1mj0gsG6BUQ/xazPN
GWpDFc9BAnZbizEFVruUawPWEzTmK0Badry5EpgFskLX6czb8pXH87BjltpjLp31
Jq9wN+o1ADI8HHDegC5SCowcwhJSCUqw5AdxLLQVh1yiMuAU5X/dMr2+GfkllzSC
py09xXAum4PIrynVQYoy9s8OgHqMnNVU90Wl3UVqxTusi5imUOlJSwvJF99TTB8n
S07RU3e3KlpgU+DTv5yeLCLrpu7RzynXBpKnttMeu7LnqK/faZzsPXft9muxJuop
C+4R//4zVlrTOEPoaWp+8KBKyKTaZM0dXUvf5bn7QaDZNSO/e++NAn0fcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLkBc3YaURcxhfxbwdYLSxdan+qOMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdVFGemRocFJGekdGX0Z2QjFndExGMXFmNm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLxkAwQD
QLx4AwQCudhoAwQFwRfAMA0GCSqGSIb3DQEBCwUAA4IBAQC446TGCxFKHZDZF2YB
12SXZJhEyu+DhRllBm7D2ff8S28YfzkQsF3VHAuPCSa/jRDH1WQuOM+P+HdaOo7X
9I+TPw7+VKL0CP3qP1aPz7F/cyfInIHFdSIkVWnTBMPUdNjearcda78Avy/HrSOc
tiHl7pKiForI5d8aPWhXwlBc3YNNLQBQOWJJLUnuHvLCnkQyFJq8694NQT66kHQI
dg1+50jFVRWHL7imKy6tUhVCcJCfTxFMVxGPg8SfW+bN4MvcbLxhTAk+B/gI5mCB
mJHPtIqjA+wDV+hUsY7jpOpk3oLR02KFuDQmIPDONLsIpt8jcuA50QWTkUGaOVoF
dqlM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:59 2025 by rpki-client