Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uKSMxqWFBai51Y0xb3ycexFXE4o.roa
File: uKSMxqWFBai51Y0xb3ycexFXE4o.roa (raw, json)
Hash identifier: 0nfagPbfafluR8jQM3HUZJUgsdNIIplMw4jgV15i4W4=
Subject key identifier: B8:A4:8C:C6:A5:85:05:A8:B9:D5:8D:31:6F:7C:9C:7B:11:57:13:8A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0195D0F063FACEC5B6AF787C036EB5F999FA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uKSMxqWFBai51Y0xb3ycexFXE4o.roa
Signing time: Wed 26 Mar 2025 05:32:49 +0000
ROA not before: Wed 26 Mar 2025 05:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.97.0/24 maxlen: 24
77.111.102.0/23 maxlen: 24
85.208.10.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
194.36.32.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d0:f0:63:fa:ce:c5:b6:af:78:7c:03:6e:b5:f9:99:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 26 05:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8a48cc6a58505a8b9d58d316f7c9c7b1157138a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:ff:9e:ba:1a:69:79:45:bb:8a:b0:24:38:
65:45:95:9c:92:c0:18:62:d3:da:ae:c6:3b:8c:d5:
ff:2e:4e:57:b6:be:2c:74:23:5e:32:cd:e4:77:be:
11:07:2a:77:b7:3e:31:e9:39:aa:93:74:2b:74:9a:
68:7e:5b:ae:b7:2b:eb:e4:a4:d9:21:91:d5:e6:6c:
5b:34:9d:45:db:46:db:c1:0e:65:ed:55:27:75:b4:
e1:b8:8a:84:02:33:6f:4f:6e:04:1b:4a:42:97:d2:
39:c6:fe:99:0a:f4:ad:47:5e:c1:18:4b:59:c1:be:
4b:ab:53:7f:e8:6b:62:66:cf:e4:03:3a:ed:63:0e:
41:6e:e7:b7:86:ee:c1:4f:b3:ce:9b:8b:f1:35:ae:
3d:5c:8d:b4:00:a4:b2:9c:55:7c:ae:8b:b3:16:c6:
79:fa:bd:19:fb:ca:36:6e:fb:48:34:c0:1d:f5:de:
1d:10:56:45:27:3d:e7:05:89:20:5c:ad:c5:1c:be:
53:01:00:f6:e0:7b:09:b9:52:b1:4c:ab:91:3f:d3:
63:d5:0d:c8:80:63:55:4a:5e:3e:42:c4:6b:c3:a3:
2e:71:f4:32:a3:66:b0:20:13:11:7d:70:0f:a9:d3:
c3:a6:e5:74:62:f0:28:94:d5:d9:92:b3:92:49:89:
35:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A4:8C:C6:A5:85:05:A8:B9:D5:8D:31:6F:7C:9C:7B:11:57:13:8A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uKSMxqWFBai51Y0xb3ycexFXE4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.231.0/24
14.102.234.0/24
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
85.208.10.0/24
94.229.212.0/24
94.229.220.0/24
94.229.223.0/24
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:0f:2a:01:44:8f:e1:e7:37:bf:c6:1b:16:78:a2:90:59:e3:
f2:b5:e4:b5:73:0b:16:aa:6c:a4:2a:cb:c1:bb:d6:25:df:7d:
a8:a2:84:1b:b0:a2:8c:6f:e8:f7:f4:04:9a:94:a2:c0:b2:17:
d9:a8:4f:6a:0a:c7:4f:a2:65:d8:73:fb:ae:29:11:03:aa:f1:
c9:fd:85:71:27:47:d1:4e:36:e7:a1:6f:f9:14:c1:b6:f4:28:
01:ad:1c:bd:e0:0e:20:b3:e7:8c:dc:d9:57:39:6c:b6:3f:6f:
a6:29:bf:82:a3:92:6d:3c:a8:a4:b2:99:87:50:aa:21:df:24:
14:19:ea:2e:84:ce:92:74:bb:37:d0:3b:30:20:5d:e8:f5:c9:
28:c9:68:4e:62:9d:6a:42:42:51:73:ca:12:7f:13:08:a0:df:
55:fe:a1:4c:aa:fc:d6:59:29:80:cf:07:9d:86:e9:a6:6e:89:
35:9f:0c:ca:a2:55:9e:8b:d0:e4:2c:bd:db:08:c0:bb:ed:ce:
d0:26:b1:d0:50:84:d9:8a:f3:a9:45:d5:39:be:cd:91:cd:3e:
a5:22:60:da:ff:c1:15:36:90:2f:44:2a:7a:7b:08:6b:e4:0c:
6f:79:98:3e:68:34:fc:6e:e9:53:fa:d6:cf:95:f8:22:60:19:
c8:9c:84:20
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZXQ8GP6zsW2r3h8A261+Zn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMzI2MDUzMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE0OGNjNmE1ODUwNWE4YjlkNThkMzE2ZjdjOWM3YjExNTcxMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8X/nroaaXlFu4qwJDhlRZWcksAY
YtParsY7jNX/Lk5Xtr4sdCNeMs3kd74RByp3tz4x6Tmqk3QrdJpofluutyvr5KTZ
IZHV5mxbNJ1F20bbwQ5l7VUndbThuIqEAjNvT24EG0pCl9I5xv6ZCvStR17BGEtZ
wb5Lq1N/6GtiZs/kAzrtYw5Bbue3hu7BT7POm4vxNa49XI20AKSynFV8rouzFsZ5
+r0Z+8o2bvtINMAd9d4dEFZFJz3nBYkgXK3FHL5TAQD24HsJuVKxTKuRP9Nj1Q3I
gGNVSl4+QsRrw6MucfQyo2awIBMRfXAPqdPDpuV0YvAolNXZkrOSSYk1IQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLikjMalhQWoudWNMW98nHsRVxOKMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdUtTTXhxV0ZCYWk1MVkweGIzeWNleEZYRTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBDmbiAwQA
DmbnAwQADmbqAwQALZeMAwQCTW9gAwQBTW9mAwQAVdAKAwQAXuXUAwQAXuXcAwQA
XuXfAwQBwiQgMA0GCSqGSIb3DQEBCwUAA4IBAQBqDyoBRI/h5ze/xhsWeKKQWePy
teS1cwsWqmykKsvBu9Yl332oooQbsKKMb+j39ASalKLAshfZqE9qCsdPomXYc/uu
KREDqvHJ/YVxJ0fRTjbnoW/5FMG29CgBrRy94A4gs+eM3NlXOWy2P2+mKb+Co5Jt
PKikspmHUKoh3yQUGeouhM6SdLs30DswIF3o9ckoyWhOYp1qQkJRc8oSfxMIoN9V
/qFMqvzWWSmAzwedhummbok1nwzKolWei9DkLL3bCMC77c7QJrHQUITZivOpRdU5
vs2RzT6lImDa/8EVNpAvRCp6ewhr5AxveZg+aDT8bulT+tbPlfgiYBnInIQg
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:37 2025 by rpki-client