Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UDFLFmV2aTNJd0EGZTvfdoryUPM.roa
File: UDFLFmV2aTNJd0EGZTvfdoryUPM.roa (raw, json)
Hash identifier: 0ToE7ww3xVFhZt1bdPCEkXUTnrCz/Fco08xI8mcdCCU=
Subject key identifier: 50:31:4B:16:65:76:69:33:49:77:41:06:65:3B:DF:76:8A:F2:50:F3
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F6167E10DA8FB21B79E7A766DB42
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UDFLFmV2aTNJd0EGZTvfdoryUPM.roa
Signing time: Tue 02 Jan 2024 02:31:26 +0000
ROA not before: Tue 02 Jan 2024 02:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
193.234.94.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f6:16:7e:10:da:8f:b2:1b:79:e7:a7:66:db:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50314b166576693349774106653bdf768af250f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:d8:c2:e3:4e:49:98:d1:59:42:cb:d3:91:
55:fa:84:8f:fc:c6:53:8d:0f:36:33:d3:bb:83:94:
f3:63:6d:a3:14:4d:81:e3:0c:3e:85:3e:0c:f7:28:
db:c4:88:1a:e2:13:8e:16:8b:4e:14:93:08:4e:bb:
5c:a3:a6:8d:b8:48:5a:74:5b:da:db:45:b8:b3:fe:
23:cd:d1:ef:a5:4b:4a:67:44:7d:4f:ee:f4:c0:18:
b0:6d:5b:e9:52:c5:97:3f:5a:f8:e3:4b:e6:96:8d:
78:0a:34:02:5d:a8:60:08:ec:7b:42:a6:11:3d:04:
8b:e0:b8:73:13:87:fd:95:8b:dc:de:8d:2a:06:6e:
84:dd:fa:6b:ef:ac:8f:4f:74:c2:d6:71:dc:af:b6:
32:9f:db:1e:83:fa:a7:49:a9:12:ae:3f:67:10:98:
43:35:7f:df:c6:58:ad:82:28:84:c1:49:db:84:de:
93:1c:01:c7:b2:3d:8b:83:37:74:0e:6b:77:06:62:
ee:35:0c:b4:61:92:2c:fc:43:2f:7b:5d:c7:b0:53:
3b:02:3c:45:95:9b:6e:b0:12:c7:5c:79:92:91:28:
e9:d3:ba:47:08:1f:9f:8b:cb:15:6c:55:67:ff:23:
ef:4f:96:c5:04:0b:1c:cb:17:d1:28:9d:a5:c8:93:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:31:4B:16:65:76:69:33:49:77:41:06:65:3B:DF:76:8A:F2:50:F3
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UDFLFmV2aTNJd0EGZTvfdoryUPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ee:c2:71:ec:08:28:d2:dc:90:f1:01:a0:1e:6d:19:00:07:
b3:4b:99:31:7b:38:7c:86:6e:91:53:3c:27:5c:8d:4b:8c:f9:
57:f4:4c:63:46:9c:ab:df:21:b9:b1:59:d8:ed:e4:d7:c5:1c:
82:53:9c:7e:9d:77:87:5f:88:d8:11:70:fb:dc:89:83:e1:ea:
d0:5a:d5:ab:d7:3e:c6:13:f6:07:b1:89:a5:7e:a5:4b:f0:83:
67:7e:d5:33:98:f1:d1:e2:e1:1c:2c:f7:1e:73:c3:3f:db:af:
86:bb:b3:ad:4a:f2:3d:66:54:c6:09:18:cb:bc:3b:56:67:ed:
78:3a:e6:95:81:95:df:98:53:3a:e5:6e:0d:06:57:04:5a:a8:
32:f3:c2:05:fc:51:7c:e4:42:f5:72:68:12:ad:9f:f2:af:2e:
a6:62:7c:c9:0c:a3:ac:71:ee:e6:70:b3:99:0c:57:09:d1:8f:
3f:d8:29:95:f7:b9:64:e2:54:7c:c3:53:73:dd:d5:8c:1b:27:
ac:da:c8:b5:59:76:4c:96:42:54:85:1b:23:89:bd:e1:99:07:
a4:5f:2f:74:db:3c:3e:4f:eb:6d:ee:1b:6b:75:50:36:18:84:
6f:16:4c:ad:28:73:d9:2d:a1:9c:44:bb:35:d5:12:51:dc:89:
2e:92:e4:c5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzIAvYWfhDaj7IbeeenZttCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDMxNGIxNjY1NzY2OTMzNDk3NzQxMDY2NTNiZGY3NjhhZjI1MGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8nYwuNOSZjRWULL05FV+oSP/MZT
jQ82M9O7g5TzY22jFE2B4ww+hT4M9yjbxIga4hOOFotOFJMITrtco6aNuEhadFva
20W4s/4jzdHvpUtKZ0R9T+70wBiwbVvpUsWXP1r440vmlo14CjQCXahgCOx7QqYR
PQSL4LhzE4f9lYvc3o0qBm6E3fpr76yPT3TC1nHcr7Yyn9seg/qnSakSrj9nEJhD
NX/fxlitgiiEwUnbhN6THAHHsj2Lgzd0Dmt3BmLuNQy0YZIs/EMve13HsFM7AjxF
lZtusBLHXHmSkSjp07pHCB+fi8sVbFVn/yPvT5bFBAscyxfRKJ2lyJOr1wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFFAxSxZldmkzSXdBBmU733aK8lDzMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVURGTEZtVjJhVE5KZDBFR1pUdmZkb3J5VVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADA
RwADBADApQMDBAHApYYDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB6gMDBADB
6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADCRLUDBAHCRwADBAHCZxADBADC
Z18DBADCZ5EDBADCZ8UDBADChKQDBADChKYDBADChLowDQYJKoZIhvcNAQELBQAD
ggEBABXuwnHsCCjS3JDxAaAebRkAB7NLmTF7OHyGbpFTPCdcjUuM+Vf0TGNGnKvf
IbmxWdjt5NfFHIJTnH6dd4dfiNgRcPvciYPh6tBa1avXPsYT9gexiaV+pUvwg2d+
1TOY8dHi4Rws9x5zwz/br4a7s61K8j1mVMYJGMu8O1Zn7Xg65pWBld+YUzrlbg0G
VwRaqDLzwgX8UXzkQvVyaBKtn/KvLqZifMkMo6xx7uZws5kMVwnRjz/YKZX3uWTi
VHzDU3Pd1YwbJ6zayLVZdkyWQlSFGyOJveGZB6RfL3TbPD5P623uG2t1UDYYhG8W
TK0oc9ktoZxEuzXVElHciS6S5MU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:20 2025 by rpki-client