Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ugNcS-7LgeRC9A60sUhVlOoxG2s.roa
File: ugNcS-7LgeRC9A60sUhVlOoxG2s.roa (raw, json)
Hash identifier: +c55MYtf2XQQ+uvKLcGp2362Yc4cTYDvnM+Zqyjsqzw=
Subject key identifier: BA:03:5C:4B:EE:CB:81:E4:42:F4:0E:B4:B1:48:55:94:EA:31:1B:6B
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 019422FC4D35B7B4DF03BE971D8C5402EA04
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ugNcS-7LgeRC9A60sUhVlOoxG2s.roa
Signing time: Wed 01 Jan 2025 17:49:07 +0000
ROA not before: Wed 01 Jan 2025 17:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
152.89.28.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:4d:35:b7:b4:df:03:be:97:1d:8c:54:02:ea:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 1 17:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba035c4beecb81e442f40eb4b1485594ea311b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:57:66:30:4a:a6:9d:1d:35:bd:d1:7a:fc:
21:2c:7d:f0:bc:65:30:16:92:da:40:b1:33:67:f1:
5d:d9:86:1a:b9:e7:1e:2c:43:ef:b4:03:bf:82:e3:
cd:f5:df:63:fc:03:9f:15:82:c8:5d:57:d5:fd:f9:
9a:fd:ef:fb:80:88:08:08:0a:8f:71:a1:1b:69:94:
ab:de:02:dd:6e:61:56:7c:95:4e:1a:bf:9a:f6:00:
6f:90:3b:04:20:64:11:a0:8b:e7:4f:9c:a2:c7:2a:
e1:ba:d4:9c:e9:6b:1c:d9:1b:91:ad:48:1a:13:58:
d1:af:43:5d:a9:22:a9:98:c4:74:84:bf:9f:1c:1c:
27:34:a3:33:6a:bf:6e:03:06:47:2b:64:85:ff:14:
97:db:dc:7a:92:8e:f3:04:4e:fe:73:ed:d3:a7:5d:
f3:58:6c:db:c1:50:1a:61:c8:d5:81:19:ef:6a:71:
fc:90:c2:77:e2:17:ee:59:29:32:4c:5e:f8:c7:fc:
3d:9b:7c:d8:cd:5c:fa:ec:1a:08:72:df:0d:ca:6d:
08:60:46:c2:76:ce:d6:56:f1:aa:c2:80:32:cf:25:
bd:f0:c0:6e:a3:13:87:10:83:d1:01:57:3f:38:a4:
63:94:b1:f7:c8:48:88:ee:be:aa:b3:3a:17:53:22:
2f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:03:5C:4B:EE:CB:81:E4:42:F4:0E:B4:B1:48:55:94:EA:31:1B:6B
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ugNcS-7LgeRC9A60sUhVlOoxG2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
152.89.28.0/22
193.135.151.0/24
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:54:10:00:5d:8c:c8:5d:96:de:18:3d:06:67:50:02:8a:4e:
9b:6d:98:f5:b0:57:84:83:13:69:28:ae:53:6c:e4:32:f0:f2:
8f:17:43:fc:22:78:47:34:97:6c:23:53:de:02:99:9b:43:97:
bd:3e:98:43:24:a8:68:bd:b1:12:b8:43:2c:c5:62:68:9f:2d:
7e:9e:bb:c1:46:98:e6:6b:9c:aa:d5:ed:23:f7:60:59:52:22:
e7:2c:c9:1c:2c:5e:5f:5c:ca:64:07:d2:1a:75:1f:50:c7:77:
5c:ab:28:ba:2d:f8:99:7d:09:70:57:f1:8a:d5:b3:8d:a0:09:
0f:f7:e0:1c:87:fc:1b:39:a8:cb:23:09:9e:4c:9d:48:51:75:
75:38:c4:9e:61:46:3f:da:90:4f:bd:80:6d:4b:aa:e3:27:4b:
79:35:a4:28:d0:85:c3:51:9e:76:ed:14:4f:4a:f3:58:9e:6e:
1f:43:ab:9d:c0:e9:8a:63:37:94:76:ad:94:5d:c4:65:f7:b8:
7f:b8:b6:8c:7a:f6:54:df:b6:3c:9d:ec:a4:20:bb:95:86:fe:
ba:80:78:6b:99:7c:0b:b1:00:2a:09:87:31:51:b6:af:3f:5e:
d4:b1:c8:15:b5:9f:a3:87:df:a2:03:ce:fe:5a:3f:cd:2e:d6:
60:17:77:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi/E01t7TfA76XHYxUAuoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMTAxMTc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTAzNWM0YmVlY2I4MWU0NDJmNDBlYjRiMTQ4NTU5NGVhMzExYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN9XZjBKpp0dNb3RevwhLH3wvGUw
FpLaQLEzZ/Fd2YYaueceLEPvtAO/guPN9d9j/AOfFYLIXVfV/fma/e/7gIgICAqP
caEbaZSr3gLdbmFWfJVOGr+a9gBvkDsEIGQRoIvnT5yixyrhutSc6Wsc2RuRrUga
E1jRr0NdqSKpmMR0hL+fHBwnNKMzar9uAwZHK2SF/xSX29x6ko7zBE7+c+3Tp13z
WGzbwVAaYcjVgRnvanH8kMJ34hfuWSkyTF74x/w9m3zYzVz67BoIct8Nym0IYEbC
ds7WVvGqwoAyzyW98MBuoxOHEIPRAVc/OKRjlLH3yEiI7r6qszoXUyIvzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLoDXEvuy4HkQvQOtLFIVZTqMRtrMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvdWdOY1MtN0xnZVJDOUE2MHNVaFZsT294RzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYoMAwQC
mFkcAwQAwYeXAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQArVBAAXYzIXZbeGD0G
Z1ACik6bbZj1sFeEgxNpKK5TbOQy8PKPF0P8InhHNJdsI1PeApmbQ5e9PphDJKho
vbESuEMsxWJony1+nrvBRpjma5yq1e0j92BZUiLnLMkcLF5fXMpkB9IadR9Qx3dc
qyi6LfiZfQlwV/GK1bONoAkP9+Ach/wbOajLIwmeTJ1IUXV1OMSeYUY/2pBPvYBt
S6rjJ0t5NaQo0IXDUZ527RRPSvNYnm4fQ6udwOmKYzeUdq2UXcRl97h/uLaMevZU
37Y8neykILuVhv66gHhrmXwLsQAqCYcxUbavP17UscgVtZ+jh9+iA87+Wj/NLtZg
F3eI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:04 2025 by rpki-client