Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/UQ_3RuYAdJoYpjdqceJNmc5aoug.roa
File: UQ_3RuYAdJoYpjdqceJNmc5aoug.roa (raw, json)
Hash identifier: q3FXkXKtZ8hFVmAvp+UOJxjM7FKEfq7BOOg+5WvlLx0=
Subject key identifier: 51:0F:F7:46:E6:00:74:9A:18:A6:37:6A:71:E2:4D:99:CE:5A:A2:E8
Certificate issuer: /CN=ed3ff7836530d1c474f4d088b6b36224fbf6982d
Certificate serial: 019422FB46CF3B9005CF73B1A0F1DD1ED5E6
Authority key identifier: ED:3F:F7:83:65:30:D1:C4:74:F4:D0:88:B6:B3:62:24:FB:F6:98:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7T_3g2Uw0cR09NCItrNiJPv2mC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/UQ_3RuYAdJoYpjdqceJNmc5aoug.roa
Signing time: Wed 01 Jan 2025 17:48:00 +0000
ROA not before: Wed 01 Jan 2025 17:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.88.28.0/24 maxlen: 24
45.88.29.0/24 maxlen: 24
45.88.30.0/24 maxlen: 24
45.88.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:46:cf:3b:90:05:cf:73:b1:a0:f1:dd:1e:d5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed3ff7836530d1c474f4d088b6b36224fbf6982d
Validity
Not Before: Jan 1 17:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=510ff746e600749a18a6376a71e24d99ce5aa2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:43:61:0e:74:1e:a0:4e:f2:a9:99:4b:06:
b4:39:b7:bf:ac:8b:fc:13:55:3a:70:ba:fc:16:35:
da:b3:5c:4f:c5:c5:53:de:88:1c:92:e6:1c:3a:c3:
45:c1:8b:0f:ac:3c:ee:18:95:37:26:94:65:b6:11:
fd:bc:99:8f:d0:a8:f0:81:b9:30:4f:81:bb:2e:b4:
ca:39:d6:37:89:12:7c:2a:a3:cb:e1:f3:6f:e6:87:
22:d3:1e:b4:fa:88:7a:26:f1:23:94:44:fc:ce:db:
e4:a3:4c:32:34:94:a7:85:bd:95:f1:b0:51:82:40:
8b:7e:fe:aa:61:f7:05:c4:6a:97:b5:1e:26:09:11:
de:a4:4a:c3:06:81:78:be:a5:5b:8a:c6:75:a0:6f:
b8:4a:10:5e:d7:fb:8a:ec:9f:37:6b:5c:99:82:e9:
96:b4:9c:48:f0:dc:62:76:c5:aa:4f:70:03:16:28:
3b:27:f2:bc:a7:81:44:7f:b9:42:f6:ca:71:72:90:
ea:e9:26:6b:a8:1b:2f:59:ae:2a:a7:1f:94:b0:1c:
7f:32:d4:dd:66:c1:81:33:5e:24:cf:c6:b5:79:5e:
10:e6:2e:8b:f6:61:00:a8:d9:19:37:34:55:b8:9a:
e0:39:fe:d9:47:cf:19:88:ae:b3:38:ad:6c:9e:e6:
e5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0F:F7:46:E6:00:74:9A:18:A6:37:6A:71:E2:4D:99:CE:5A:A2:E8
X509v3 Authority Key Identifier:
keyid:ED:3F:F7:83:65:30:D1:C4:74:F4:D0:88:B6:B3:62:24:FB:F6:98:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7T_3g2Uw0cR09NCItrNiJPv2mC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/UQ_3RuYAdJoYpjdqceJNmc5aoug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/7T_3g2Uw0cR09NCItrNiJPv2mC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.28.0/22
Signature Algorithm: sha256WithRSAEncryption
56:d6:c2:72:66:03:e2:c7:e2:01:fd:b2:e7:bf:7f:f1:ba:79:
b1:8a:11:73:fa:99:84:9a:23:30:55:57:e5:76:e4:27:1f:2e:
02:bc:39:09:e1:d2:4e:f4:c7:2b:02:5f:e0:d7:27:93:30:36:
5e:c2:ea:9a:87:4b:ff:f5:66:db:6b:80:bd:be:55:91:5d:67:
da:40:fb:19:59:b6:bb:c0:13:24:4d:0a:b5:93:80:f1:09:76:
32:c6:69:6a:91:14:66:6b:a5:4c:32:ad:30:e8:28:d6:ea:74:
93:59:13:f6:6b:45:64:c6:2f:05:93:a8:99:0a:de:af:be:e8:
d5:30:44:d5:7e:8a:f6:ee:23:0d:20:39:2e:2d:8c:e7:4e:f4:
5c:b0:62:bd:4d:7b:4c:01:b3:cc:f3:86:aa:70:8e:6d:ab:e9:
72:a9:2d:b4:d5:85:ef:94:1a:94:68:af:69:9f:ea:12:16:da:
3c:7b:4a:07:54:2c:08:e4:c0:29:e1:4f:eb:51:c1:98:48:2f:
d1:d2:85:77:59:0a:1e:ac:2d:c0:b8:e0:be:77:0e:80:ae:54:
93:40:88:ea:ad:bd:b1:74:e3:02:19:d8:ef:68:0d:85:ff:3b:
4d:98:cb:81:f1:cd:f8:1e:84:d6:e6:55:6f:9f:b9:69:97:16:
e3:82:d1:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+0bPO5AFz3OxoPHdHtXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkM2ZmNzgzNjUzMGQxYzQ3NGY0ZDA4OGI2YjM2MjI0ZmJm
Njk4MmQwHhcNMjUwMTAxMTc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTBmZjc0NmU2MDA3NDlhMThhNjM3NmE3MWUyNGQ5OWNlNWFhMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/RDYQ50HqBO8qmZSwa0Obe/rIv8
E1U6cLr8FjXas1xPxcVT3ogckuYcOsNFwYsPrDzuGJU3JpRlthH9vJmP0Kjwgbkw
T4G7LrTKOdY3iRJ8KqPL4fNv5oci0x60+oh6JvEjlET8ztvko0wyNJSnhb2V8bBR
gkCLfv6qYfcFxGqXtR4mCRHepErDBoF4vqVbisZ1oG+4ShBe1/uK7J83a1yZgumW
tJxI8NxidsWqT3ADFig7J/K8p4FEf7lC9spxcpDq6SZrqBsvWa4qpx+UsBx/MtTd
ZsGBM14kz8a1eV4Q5i6L9mEAqNkZNzRVuJrgOf7ZR88ZiK6zOK1snublIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEP90bmAHSaGKY3anHiTZnOWqLoMB8GA1UdIwQY
MBaAFO0/94NlMNHEdPTQiLazYiT79pgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RfM2cyVXcwY1IwOU5DSXRyTmlKUHYybUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82YWRlOWItMzIxNi00ZmVmLTgwNDkt
ZjNlMjRlMDc1ZTM1LzEvVVFfM1J1WUFkSm9ZcGpkcWNlSk5tYzVhb3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82YWRlOWItMzIxNi00ZmVmLTgwNDktZjNlMjRlMDc1ZTM1
LzEvN1RfM2cyVXcwY1IwOU5DSXRyTmlKUHYybUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVgcMA0G
CSqGSIb3DQEBCwUAA4IBAQBW1sJyZgPix+IB/bLnv3/xunmxihFz+pmEmiMwVVfl
duQnHy4CvDkJ4dJO9McrAl/g1yeTMDZewuqah0v/9Wbba4C9vlWRXWfaQPsZWba7
wBMkTQq1k4DxCXYyxmlqkRRma6VMMq0w6CjW6nSTWRP2a0Vkxi8Fk6iZCt6vvujV
METVfor27iMNIDkuLYznTvRcsGK9TXtMAbPM84aqcI5tq+lyqS201YXvlBqUaK9p
n+oSFto8e0oHVCwI5MAp4U/rUcGYSC/R0oV3WQoerC3AuOC+dw6ArlSTQIjqrb2x
dOMCGdjvaA2F/ztNmMuB8c34HoTW5lVvn7lplxbjgtGb
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:30:08 2025 by rpki-client