Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uUxMhGvNgAOBQND1-zZ8O3UwIV8.roa
File: uUxMhGvNgAOBQND1-zZ8O3UwIV8.roa (raw, json)
Hash identifier: 9qPDyukZNWiwM/CWPfWgni/WxyaDL69tbN0N0T1hAWM=
Subject key identifier: B9:4C:4C:84:6B:CD:80:03:81:40:D0:F5:FB:36:7C:3B:75:30:21:5F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802D7EB4F26D85D1F3DDFD72C8D84FD
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uUxMhGvNgAOBQND1-zZ8O3UwIV8.roa
Signing time: Tue 02 Jan 2024 02:31:18 +0000
ROA not before: Tue 02 Jan 2024 02:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 194.132.108.0/23 maxlen: 23
193.183.3.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.68.56.0/23 maxlen: 23
192.71.158.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
192.71.97.0/24 maxlen: 24
192.36.37.0/24 maxlen: 24
193.234.220.0/23 maxlen: 23
193.181.0.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
192.71.41.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d7:eb:4f:26:d8:5d:1f:3d:df:d7:2c:8d:84:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b94c4c846bcd80038140d0f5fb367c3b7530215f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5f:08:23:8f:a8:22:80:33:1a:8b:92:f6:36:
c4:46:5d:67:38:48:e6:e6:ed:2a:3d:74:d9:88:da:
26:64:6a:1d:70:3a:30:4a:62:6a:97:c2:5e:24:50:
11:06:04:79:9c:1f:89:5b:6e:ca:b4:9f:4e:ec:b2:
8f:2a:20:5d:d1:5f:4e:a3:4f:ce:b6:5d:2c:90:82:
0d:ed:d0:b2:e6:1a:d7:a1:54:af:72:dc:68:9a:ff:
81:c2:7f:c1:4e:05:b8:30:59:1c:63:6e:a1:cd:07:
85:7b:8a:ad:80:0e:da:c6:37:ca:dd:25:11:95:06:
d7:82:43:66:f8:0e:70:10:d1:db:d0:a5:79:c4:54:
e0:64:b5:ff:82:28:5e:86:c5:03:57:37:2f:3e:d8:
48:ae:56:c7:53:b2:ae:53:53:c5:5d:99:3a:4b:be:
42:07:25:f5:74:49:ec:82:81:5e:7b:56:9d:14:e6:
81:17:27:a8:77:f6:fd:a1:92:e0:ec:d1:51:ee:aa:
0e:3c:fb:14:55:35:2d:14:15:77:3a:53:47:27:3d:
55:46:a7:02:92:33:18:3b:e9:c9:0c:42:ed:13:f6:
a2:af:dd:6b:6d:6b:74:de:43:9a:19:c6:8c:a5:45:
80:9c:04:5b:e2:e8:0f:da:56:d4:26:f9:bd:4b:dd:
8e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4C:4C:84:6B:CD:80:03:81:40:D0:F5:FB:36:7C:3B:75:30:21:5F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uUxMhGvNgAOBQND1-zZ8O3UwIV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/23
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
Signature Algorithm: sha256WithRSAEncryption
22:73:34:cc:c6:b2:dd:60:5a:b8:ae:b7:1c:46:f1:ed:b1:aa:
a9:b2:19:28:e4:64:af:02:5b:39:b9:78:a4:c8:4f:54:ac:a1:
7a:2f:c4:a0:6d:00:48:ca:b6:6f:84:9e:83:8c:fb:72:cd:66:
e6:9d:e7:50:03:4a:96:73:2f:cf:7c:1a:9f:c4:6e:04:ab:c8:
d4:91:2e:61:9b:ff:d6:72:e3:d9:0f:3c:4f:9d:aa:63:0b:f5:
a1:ae:ce:ef:64:6c:09:03:46:83:bf:8a:c8:49:51:12:1b:3b:
5e:66:49:77:ab:2f:0d:0a:1d:5a:f5:f2:9d:43:c5:ee:76:78:
d6:4c:f3:da:f3:cb:a4:5b:36:d7:e7:bc:75:75:ed:e1:eb:90:
de:1d:d2:a2:77:5e:bc:fd:68:e7:2e:1d:50:33:78:5e:a2:c8:
b8:63:20:1e:63:92:b6:98:2a:2d:56:94:cb:5e:97:52:2a:82:
82:3a:ca:ff:7c:52:08:61:3f:d1:fa:42:f5:68:ff:9b:53:15:
37:d2:f0:81:84:d5:6d:b0:a2:ec:4d:dd:51:80:58:b9:db:e9:
b8:79:ee:3e:43:12:0d:fa:ef:6f:bc:33:01:a8:9f:88:8e:51:
ab:fa:75:56:e6:92:1c:10:a3:49:de:ae:d5:cc:24:ed:58:ee:
14:51:a3:55
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYzIAtfrTybYXR8939csjYT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRjNGM4NDZiY2Q4MDAzODE0MGQwZjVmYjM2N2MzYjc1MzAyMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh18II4+oIoAzGouS9jbERl1nOEjm
5u0qPXTZiNomZGodcDowSmJql8JeJFARBgR5nB+JW27KtJ9O7LKPKiBd0V9Oo0/O
tl0skIIN7dCy5hrXoVSvctxomv+Bwn/BTgW4MFkcY26hzQeFe4qtgA7axjfK3SUR
lQbXgkNm+A5wENHb0KV5xFTgZLX/gihehsUDVzcvPthIrlbHU7KuU1PFXZk6S75C
ByX1dEnsgoFee1adFOaBFyeod/b9oZLg7NFR7qoOPPsUVTUtFBV3OlNHJz1VRqcC
kjMYO+nJDELtE/air91rbWt03kOaGcaMpUWAnARb4ugP2lbUJvm9S92OZwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFLlMTIRrzYADgUDQ9fs2fDt1MCFfMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdVV4TWhHdk5nQU9CUU5EMS16WjhPM1V3SVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBADA
JCUDBADARwUDBAHARygDBADAR2EDBADAR54DBADAeWUDBADAeawDBADAecADBADA
pUEDBADApVYDBADAsKEDBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHB
t1wDBADBt2gDBADBt3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBAHCRDgDBADC
RGMDBADCRH4DBADCR1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwwDQYJKoZIhvcN
AQELBQADggEBACJzNMzGst1gWriutxxG8e2xqqmyGSjkZK8CWzm5eKTIT1SsoXov
xKBtAEjKtm+EnoOM+3LNZuad51ADSpZzL898Gp/EbgSryNSRLmGb/9Zy49kPPE+d
qmML9aGuzu9kbAkDRoO/ishJURIbO15mSXerLw0KHVr18p1Dxe52eNZM89rzy6Rb
NtfnvHV17eHrkN4d0qJ3Xrz9aOcuHVAzeF6iyLhjIB5jkraYKi1WlMtel1IqgoI6
yv98UghhP9H6QvVo/5tTFTfS8IGE1W2wouxN3VGAWLnb6bh57j5DEg3672+8MwGo
n4iOUav6dVbmkhwQo0nertXMJO1Y7hRRo1U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:28 2025 by rpki-client