Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/UJ4AA8lthTvUaOv8y96F5tCFgzY.roa
File: UJ4AA8lthTvUaOv8y96F5tCFgzY.roa (raw, json)
Hash identifier: tgN2dNaoq5w5rynmNpRaU4NnYl8mkFWnYFqCjapx3rI=
Subject key identifier: 50:9E:00:03:C9:6D:85:3B:D4:68:EB:FC:CB:DE:85:E6:D0:85:83:36
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 01941F8C5BED4436ECB2AED2B452D2C1CC53
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/UJ4AA8lthTvUaOv8y96F5tCFgzY.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12847
IP address blocks: 194.125.240.0/24 maxlen: 24
212.93.96.0/19 maxlen: 19
212.93.96.0/24 maxlen: 24
212.93.98.0/24 maxlen: 24
212.93.124.0/23 maxlen: 23
212.93.126.0/24 maxlen: 24
2a03:ec00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5b:ed:44:36:ec:b2:ae:d2:b4:52:d2:c1:cc:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=509e0003c96d853bd468ebfccbde85e6d0858336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b4:a1:ac:f6:eb:b3:cb:e6:6e:b5:b1:62:18:
64:40:08:0b:69:26:e9:5e:e4:13:9a:8a:8f:c8:85:
1a:f2:d6:10:60:fc:67:71:34:b8:a4:e8:b7:1a:c6:
eb:57:92:96:30:14:f8:20:0a:fe:ad:cf:ff:95:22:
2d:23:0e:8e:5a:d4:ff:29:5c:bb:0c:e2:f7:2e:16:
58:5e:98:2c:f1:08:01:45:38:49:79:0a:b5:30:38:
1f:36:3d:c2:60:a6:eb:1b:04:95:ca:6c:62:66:86:
b3:c5:a6:b6:af:93:a0:65:ed:0d:98:c8:8b:d5:87:
4e:10:a9:58:70:67:ad:cd:cc:59:01:59:83:62:be:
28:95:48:11:fe:ca:07:6d:f4:c5:6a:54:82:80:85:
8a:57:7f:2b:f7:ac:1f:d6:a6:e8:63:fd:75:39:28:
fd:69:50:01:a9:23:f8:1e:e3:a1:c6:97:d7:f9:16:
73:25:2c:a7:2e:cc:58:42:6f:81:fb:22:83:49:70:
74:71:b2:3c:42:32:56:43:b8:f3:d9:ea:fc:90:e0:
b8:60:f3:f5:81:a0:ab:c0:3a:e1:08:b6:4c:10:de:
e8:67:f0:36:24:6f:30:25:04:48:63:a4:6e:4c:3d:
02:b4:11:de:e6:ec:2d:36:09:30:56:3e:f4:f7:a8:
81:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:9E:00:03:C9:6D:85:3B:D4:68:EB:FC:CB:DE:85:E6:D0:85:83:36
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/UJ4AA8lthTvUaOv8y96F5tCFgzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.240.0/24
212.93.96.0/19
IPv6:
2a03:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
90:bc:e5:13:bd:26:33:0d:11:6c:8a:38:6e:7b:1c:e6:dc:89:
65:3d:32:d2:32:25:cc:55:2a:f1:ec:d0:4a:31:c8:3e:88:7b:
30:34:49:9c:86:78:4e:ee:5e:85:8d:e0:f1:61:85:e4:b1:35:
5a:a7:2e:b2:f4:9b:d7:50:d5:e6:a8:20:6e:a3:6b:3f:58:81:
0b:2d:d9:eb:b3:4f:ed:e3:12:dd:5c:4c:89:8a:b9:d0:47:ba:
28:86:c7:cf:e4:91:2e:27:c7:06:ea:67:18:d6:cf:a1:9f:09:
74:02:de:c6:67:86:57:7e:c2:de:ba:5c:a8:5b:f2:8a:08:2c:
ac:4d:4d:fc:9b:7c:cb:19:66:f4:e2:1e:b0:b8:68:33:f8:60:
ae:b7:0d:8a:3a:26:63:b2:19:dc:92:2e:22:cd:c5:10:0e:ef:
6e:89:11:d8:4c:35:ed:38:33:d0:e1:8f:cb:d8:7a:45:af:e1:
96:7e:a7:ff:cf:1a:32:8c:a2:1d:d1:98:b1:1c:2c:5c:f4:60:
55:7b:a7:c7:c1:66:ec:35:30:d1:a8:44:d7:38:18:64:1a:c7:
77:04:75:bc:0c:8b:a7:c1:f0:43:d7:e9:9d:d0:b2:6a:d2:76:
4f:2c:35:72:f4:55:5c:0c:1e:43:b4:1b:35:ed:c4:4a:ed:42:
a3:fb:77:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjFvtRDbssq7StFLSwcxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5
ZTRlMjUwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDllMDAwM2M5NmQ4NTNiZDQ2OGViZmNjYmRlODVlNmQwODU4MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrShrPbrs8vmbrWxYhhkQAgLaSbp
XuQTmoqPyIUa8tYQYPxncTS4pOi3GsbrV5KWMBT4IAr+rc//lSItIw6OWtT/KVy7
DOL3LhZYXpgs8QgBRThJeQq1MDgfNj3CYKbrGwSVymxiZoazxaa2r5OgZe0NmMiL
1YdOEKlYcGetzcxZAVmDYr4olUgR/soHbfTFalSCgIWKV38r96wf1qboY/11OSj9
aVABqSP4HuOhxpfX+RZzJSynLsxYQm+B+yKDSXB0cbI8QjJWQ7jz2er8kOC4YPP1
gaCrwDrhCLZMEN7oZ/A2JG8wJQRIY6RuTD0CtBHe5uwtNgkwVj7096iB5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFCeAAPJbYU71Gjr/MvehebQhYM2MB8GA1UdIwQY
MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt
MmFmMDY3YTEzMGFhLzEvVUo0QUE4bHRoVHZVYU92OHk5NkY1dENGZ3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh
LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwn3wAwQF
1F1gMA0EAgACMAcDBQAqA+wAMA0GCSqGSIb3DQEBCwUAA4IBAQCQvOUTvSYzDRFs
ijhuexzm3IllPTLSMiXMVSrx7NBKMcg+iHswNEmchnhO7l6FjeDxYYXksTVapy6y
9JvXUNXmqCBuo2s/WIELLdnrs0/t4xLdXEyJirnQR7oohsfP5JEuJ8cG6mcY1s+h
nwl0At7GZ4ZXfsLeulyoW/KKCCysTU38m3zLGWb04h6wuGgz+GCutw2KOiZjshnc
ki4izcUQDu9uiRHYTDXtODPQ4Y/L2HpFr+GWfqf/zxoyjKId0ZixHCxc9GBVe6fH
wWbsNTDRqETXOBhkGsd3BHW8DIunwfBD1+md0LJq0nZPLDVy9FVcDB5DtBs17cRK
7UKj+3eE
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:02 2025 by rpki-client