Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/0UPggsXGkTuuC9Xh-r7ucS0s3D4.roa
File: 0UPggsXGkTuuC9Xh-r7ucS0s3D4.roa (raw, json)
Hash identifier: BaiSknaLrtrRfkG8QbIqZETexkpP/4Cmqojn/rd3s0g=
Subject key identifier: D1:43:E0:82:C5:C6:91:3B:AE:0B:D5:E1:FA:BE:EE:71:2D:2C:DC:3E
Certificate issuer: /CN=cc215f58159ec576a2022776ea64f61c5bb00194
Certificate serial: 019424B3AB8A1302790E8650E9D1563C1D87
Authority key identifier: CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/0UPggsXGkTuuC9Xh-r7ucS0s3D4.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12564
IP address blocks: 185.181.148.0/22 maxlen: 22
185.181.148.0/24 maxlen: 24
185.181.149.0/24 maxlen: 24
185.181.150.0/24 maxlen: 24
185.181.151.0/24 maxlen: 24
212.122.160.0/19 maxlen: 19
212.122.160.0/24 maxlen: 24
212.122.161.0/24 maxlen: 24
212.122.162.0/24 maxlen: 24
212.122.163.0/24 maxlen: 24
212.122.167.0/24 maxlen: 24
212.122.168.0/24 maxlen: 24
212.122.169.0/24 maxlen: 24
212.122.170.0/24 maxlen: 24
212.122.171.0/24 maxlen: 24
212.122.172.0/24 maxlen: 24
212.122.173.0/24 maxlen: 24
212.122.174.0/24 maxlen: 24
212.122.175.0/24 maxlen: 24
212.122.176.0/24 maxlen: 24
212.122.177.0/24 maxlen: 24
212.122.178.0/24 maxlen: 24
212.122.179.0/24 maxlen: 24
212.122.180.0/24 maxlen: 24
212.122.181.0/24 maxlen: 24
212.122.182.0/24 maxlen: 24
212.122.183.0/24 maxlen: 24
212.122.184.0/24 maxlen: 24
212.122.185.0/24 maxlen: 24
212.122.186.0/24 maxlen: 24
212.122.187.0/24 maxlen: 24
212.122.188.0/24 maxlen: 24
212.122.189.0/24 maxlen: 24
212.122.190.0/24 maxlen: 24
212.122.191.0/24 maxlen: 24
2a04:43c0::/29 maxlen: 29
2a04:43c1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ab:8a:13:02:79:0e:86:50:e9:d1:56:3c:1d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc215f58159ec576a2022776ea64f61c5bb00194
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d143e082c5c6913bae0bd5e1fabeee712d2cdc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:26:4e:b6:95:0e:a3:28:70:67:b2:f9:e9:
64:c1:23:09:f7:d0:98:55:1d:65:5e:2c:94:58:aa:
72:dc:50:3e:4e:34:af:5c:98:33:dd:56:95:68:33:
72:74:c1:c8:a7:4e:37:4c:88:57:3f:bc:eb:27:33:
7b:3a:44:52:1c:4c:12:0c:81:db:f6:1d:3a:fa:f1:
a2:c0:b4:ae:7a:46:eb:f8:84:f4:28:d2:2d:73:cd:
4f:fd:a2:09:37:36:e0:6a:e8:63:ab:a0:86:b5:19:
f1:a2:95:13:35:5b:18:95:57:65:81:36:87:85:0a:
28:df:22:7e:43:05:49:af:a6:26:59:89:44:c9:8c:
fc:09:45:19:5f:a6:55:58:f0:5a:e7:59:24:f5:26:
cc:73:83:a3:d8:76:b1:74:78:75:d6:83:2f:89:dd:
91:98:71:69:e6:a6:fc:42:49:81:e0:e5:98:f5:b0:
92:61:60:50:8c:ee:0a:db:bc:ec:98:32:79:9a:0d:
46:8a:e8:4e:2a:1e:34:01:37:f6:a7:9f:34:d2:c3:
76:63:cb:cb:cc:b7:37:49:29:3e:ea:bf:22:b1:07:
40:a2:81:e5:b1:9b:4c:15:f7:96:db:48:b2:30:9e:
1a:97:25:7d:48:b1:a0:e3:b8:f5:46:28:62:d8:31:
18:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:43:E0:82:C5:C6:91:3B:AE:0B:D5:E1:FA:BE:EE:71:2D:2C:DC:3E
X509v3 Authority Key Identifier:
keyid:CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/0UPggsXGkTuuC9Xh-r7ucS0s3D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.148.0/22
212.122.160.0/19
IPv6:
2a04:43c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:b1:04:4c:79:ea:da:d4:ce:79:09:0d:0c:f5:da:60:a0:85:
1a:a8:e2:6c:3c:dc:e9:56:ae:fd:d8:0a:4e:38:02:2c:38:3f:
b4:0f:85:5a:59:a2:3f:b3:3f:92:01:65:c5:5f:4b:39:7a:d7:
48:7a:3b:30:63:eb:3f:d4:0f:53:29:3c:0f:69:31:e1:0f:cb:
a1:04:fd:8a:ea:93:b6:0b:83:94:41:b3:70:c3:56:1e:59:5f:
58:09:69:2d:6e:04:5c:2f:16:0e:73:26:6e:19:8e:34:41:51:
45:fb:23:07:59:5e:2c:68:fa:a7:cd:44:a9:9f:55:23:17:fa:
e3:3d:aa:00:fd:47:1e:d4:d4:15:e9:ae:25:11:02:20:e6:9b:
2b:ca:85:54:bb:23:ab:5a:e4:38:a4:d2:19:69:21:f3:bd:98:
03:16:10:10:02:3b:29:1a:b2:9d:cd:6d:f5:a4:b6:fe:cf:f6:
26:a2:b0:f0:30:02:47:bd:18:99:d5:bc:4e:b5:9f:a5:65:a1:
12:1c:bc:a0:0d:67:83:83:83:98:ba:90:22:57:5c:ad:b9:dd:
d5:9c:71:de:c1:12:82:8f:30:f0:dc:04:8b:bf:61:1f:2a:3a:
b6:24:43:a7:64:4b:97:76:a8:f2:ee:48:05:63:b0:9b:07:87:
1e:6f:85:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks6uKEwJ5DoZQ6dFWPB2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjE1ZjU4MTU5ZWM1NzZhMjAyMjc3NmVhNjRmNjFjNWJi
MDAxOTQwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQzZTA4MmM1YzY5MTNiYWUwYmQ1ZTFmYWJlZWU3MTJkMmNkYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/omTraVDqMocGey+elkwSMJ99CY
VR1lXiyUWKpy3FA+TjSvXJgz3VaVaDNydMHIp043TIhXP7zrJzN7OkRSHEwSDIHb
9h06+vGiwLSuekbr+IT0KNItc81P/aIJNzbgauhjq6CGtRnxopUTNVsYlVdlgTaH
hQoo3yJ+QwVJr6YmWYlEyYz8CUUZX6ZVWPBa51kk9SbMc4Oj2HaxdHh11oMvid2R
mHFp5qb8QkmB4OWY9bCSYWBQjO4K27zsmDJ5mg1GiuhOKh40ATf2p5800sN2Y8vL
zLc3SSk+6r8isQdAooHlsZtMFfeW20iyMJ4alyV9SLGg47j1Rihi2DEYnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNFD4ILFxpE7rgvV4fq+7nEtLNw+MB8GA1UdIwQY
MBaAFMwhX1gVnsV2ogIndupk9hxbsAGUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAt
ODQzZWVlZTBhMjYwLzEvMFVQZ2dzWEdrVHV1QzlYaC1yN3VjUzBzM0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAtODQzZWVlZTBhMjYw
LzEvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubWUAwQF
1HqgMA0EAgACMAcDBQMqBEPAMA0GCSqGSIb3DQEBCwUAA4IBAQAFsQRMeera1M55
CQ0M9dpgoIUaqOJsPNzpVq792ApOOAIsOD+0D4VaWaI/sz+SAWXFX0s5etdIejsw
Y+s/1A9TKTwPaTHhD8uhBP2K6pO2C4OUQbNww1YeWV9YCWktbgRcLxYOcyZuGY40
QVFF+yMHWV4saPqnzUSpn1UjF/rjPaoA/Uce1NQV6a4lEQIg5psryoVUuyOrWuQ4
pNIZaSHzvZgDFhAQAjspGrKdzW31pLb+z/YmorDwMAJHvRiZ1bxOtZ+lZaESHLyg
DWeDg4OYupAiV1ytud3VnHHewRKCjzDw3ASLv2EfKjq2JEOnZEuXdqjy7kgFY7Cb
B4ceb4UJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:38:30 2025 by rpki-client