Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UbBowgJO64AbNJQONn43HBBmUMs.roa
File: UbBowgJO64AbNJQONn43HBBmUMs.roa (raw, json)
Hash identifier: aEgbNonS/d/Sk1EKZEDiv5UeXQ2Ujam6n98rqCde7Bw=
Subject key identifier: 51:B0:68:C2:02:4E:EB:80:1B:34:94:0E:36:7E:37:1C:10:66:50:CB
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CBBB5DA933A2498E6D60F32F0E315
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UbBowgJO64AbNJQONn43HBBmUMs.roa
Signing time: Wed 01 Jan 2025 01:48:24 +0000
ROA not before: Wed 01 Jan 2025 01:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203534
IP address blocks: 45.131.172.0/22 maxlen: 24
185.131.184.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:bb:b5:da:93:3a:24:98:e6:d6:0f:32:f0:e3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51b068c2024eeb801b34940e367e371c106650cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:ea:7f:f4:43:65:34:d3:c3:01:90:14:d5:
be:ea:35:71:e3:4e:a7:72:75:33:06:90:d0:be:b9:
cc:c8:88:28:9b:60:4e:5a:6f:6e:0e:ac:33:8d:06:
fb:a2:fa:9e:63:d1:ee:7a:23:0d:59:48:fb:ca:e6:
5c:4a:16:e0:66:b2:a1:0d:b7:8f:08:f5:3f:5c:75:
e2:a8:d2:9b:9e:f3:ed:db:3e:74:95:4c:2d:41:08:
78:8a:6b:af:3b:9a:ca:08:21:8f:e7:79:d5:29:72:
e0:74:2b:61:a3:f6:92:d7:8c:33:5a:75:53:db:99:
f2:42:9b:75:32:8c:99:78:77:65:e1:d5:a1:f1:cc:
f4:58:96:92:2c:80:ad:76:51:de:ae:07:f4:02:4d:
27:16:2a:39:4d:65:1d:20:83:38:56:ae:c5:e4:3d:
bb:65:30:42:20:7c:81:74:a4:5c:d1:33:92:33:da:
9d:af:cd:40:a0:d2:d5:2d:b4:63:ca:bb:bf:b1:92:
6b:be:5a:5b:37:9a:a0:c0:2c:40:fa:5f:db:91:44:
dc:25:c1:57:37:e8:79:e9:0b:c4:29:c0:2a:d8:78:
1e:18:9d:73:0c:86:08:f6:d1:94:5b:31:db:dc:2b:
be:e4:6d:67:73:e1:c5:c3:cc:d9:04:ba:7b:8a:94:
b2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B0:68:C2:02:4E:EB:80:1B:34:94:0E:36:7E:37:1C:10:66:50:CB
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UbBowgJO64AbNJQONn43HBBmUMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.172.0/22
185.131.184.0/22
Signature Algorithm: sha256WithRSAEncryption
22:b7:83:36:44:da:15:5a:23:25:9b:45:67:ac:3a:e0:0e:c9:
54:ff:18:c1:3b:66:e7:bf:04:ac:de:b0:2f:68:ba:d5:bf:b4:
ce:f4:fc:87:d1:a0:72:0c:1b:87:a4:cb:21:54:57:3c:b8:bf:
37:77:98:bc:26:7a:20:74:74:ec:7c:04:72:1f:f7:53:5b:b0:
e5:7e:51:18:44:ec:79:2d:50:40:83:f2:9c:00:10:e5:7b:b4:
86:64:3d:aa:ea:85:63:4f:50:e2:a1:56:eb:ff:be:5b:a0:89:
d7:9e:ca:d2:6a:4f:a5:e4:df:de:e4:d3:86:0c:0b:70:46:7c:
c6:15:b4:6f:89:b0:45:2c:1d:d4:ca:d8:c6:be:2f:c0:5c:e0:
de:31:ad:38:ab:49:3e:14:37:7f:19:f3:03:6c:02:5e:31:73:
81:00:6b:cd:01:c9:51:51:f0:4e:0e:a3:9d:7f:11:39:f8:54:
9e:a4:f1:bd:7d:9d:c6:01:3c:c6:64:53:13:54:c8:a0:b5:53:
35:24:14:ca:ca:76:98:eb:e8:25:46:62:27:f6:ee:6c:32:94:
e2:fe:8b:8f:16:5b:95:fe:0e:61:a2:6d:1a:78:44:2d:0c:07:
f8:0a:66:ba:5d:9a:dc:55:5b:aa:21:c5:a7:ca:07:d1:3d:77:
56:f5:32:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjLu12pM6JJjm1g8y8OMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIwNjhjMjAyNGVlYjgwMWIzNDk0MGUzNjdlMzcxYzEwNjY1MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmvqf/RDZTTTwwGQFNW+6jVx406n
cnUzBpDQvrnMyIgom2BOWm9uDqwzjQb7ovqeY9HueiMNWUj7yuZcShbgZrKhDbeP
CPU/XHXiqNKbnvPt2z50lUwtQQh4imuvO5rKCCGP53nVKXLgdCtho/aS14wzWnVT
25nyQpt1MoyZeHdl4dWh8cz0WJaSLICtdlHergf0Ak0nFio5TWUdIIM4Vq7F5D27
ZTBCIHyBdKRc0TOSM9qdr81AoNLVLbRjyru/sZJrvlpbN5qgwCxA+l/bkUTcJcFX
N+h56QvEKcAq2HgeGJ1zDIYI9tGUWzHb3Cu+5G1nc+HFw8zZBLp7ipSyDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFGwaMICTuuAGzSUDjZ+NxwQZlDLMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvVWJCb3dnSk82NEFiTkpRT05uNDNIQkJtVU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYOsAwQC
uYO4MA0GCSqGSIb3DQEBCwUAA4IBAQAit4M2RNoVWiMlm0VnrDrgDslU/xjBO2bn
vwSs3rAvaLrVv7TO9PyH0aByDBuHpMshVFc8uL83d5i8JnogdHTsfARyH/dTW7Dl
flEYROx5LVBAg/KcABDle7SGZD2q6oVjT1DioVbr/75boInXnsrSak+l5N/e5NOG
DAtwRnzGFbRvibBFLB3UytjGvi/AXODeMa04q0k+FDd/GfMDbAJeMXOBAGvNAclR
UfBODqOdfxE5+FSepPG9fZ3GATzGZFMTVMigtVM1JBTKynaY6+glRmIn9u5sMpTi
/ouPFluV/g5hom0aeEQtDAf4Cma6XZrcVVuqIcWnygfRPXdW9TI7
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:10 2025 by rpki-client