Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/01000b-aa96-4bc6-8cc1-af07a9e87fc0/1/UJGm2ryO8HuvxtqrnMckm6HvQuw.roa
File: UJGm2ryO8HuvxtqrnMckm6HvQuw.roa (raw, json)
Hash identifier: LmIHTI0l7Czq42uu144MFysAfpmWgQRM3SWHkhVtvVI=
Subject key identifier: 50:91:A6:DA:BC:8E:F0:7B:AF:C6:DA:AB:9C:C7:24:9B:A1:EF:42:EC
Certificate issuer: /CN=e05a2dacf5dd4e9bfa2d2d9b2d3c3f9678745841
Certificate serial: 019426D9D9B297CF0819423B3DA4898FAABB
Authority key identifier: E0:5A:2D:AC:F5:DD:4E:9B:FA:2D:2D:9B:2D:3C:3F:96:78:74:58:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FotrPXdTpv6LS2bLTw_lnh0WEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/01000b-aa96-4bc6-8cc1-af07a9e87fc0/1/UJGm2ryO8HuvxtqrnMckm6HvQuw.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60390
IP address blocks: 185.31.180.0/22 maxlen: 23
2a00:bf60::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d9:b2:97:cf:08:19:42:3b:3d:a4:89:8f:aa:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e05a2dacf5dd4e9bfa2d2d9b2d3c3f9678745841
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5091a6dabc8ef07bafc6daab9cc7249ba1ef42ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5d:e7:c8:b4:04:13:01:0c:44:79:fa:d2:c2:
ca:d8:90:1b:7a:fe:32:d9:e8:ed:d0:93:ea:2c:e4:
d1:9b:e4:e7:af:7b:99:10:9c:73:5b:db:fc:e0:bf:
8a:ae:f6:c0:a5:52:60:1b:7c:86:9f:e9:58:30:2e:
16:14:4c:30:a9:5c:f9:5f:be:21:e7:9c:56:18:93:
8c:00:78:4e:64:c0:17:f4:c3:06:fd:94:86:b3:d5:
30:c8:7e:e0:52:96:d4:88:e1:90:a9:de:b1:9f:82:
99:b5:74:a1:49:cc:2e:14:d0:23:3c:ab:43:df:12:
c8:f1:a3:d6:53:6e:02:35:19:0a:da:06:b6:2c:94:
35:93:67:d9:2c:3e:6d:44:bf:76:b5:26:88:07:4a:
ae:dc:dc:0f:c5:be:7d:ff:6f:32:f3:56:b6:a8:a4:
e8:f3:32:29:4e:af:42:29:c2:84:57:a7:67:06:80:
b0:e8:62:95:4e:11:8d:8d:a4:67:83:bd:49:70:7c:
da:8b:02:f0:9b:b3:96:81:02:0a:a2:f9:e9:bd:b4:
78:a9:87:02:cd:60:dd:3e:24:fe:6e:01:b7:20:8e:
d9:0e:0e:35:51:17:da:c5:a9:45:5a:42:75:f0:eb:
5a:f5:cf:ae:5a:3e:d3:3b:7a:67:7b:41:a1:28:16:
de:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:91:A6:DA:BC:8E:F0:7B:AF:C6:DA:AB:9C:C7:24:9B:A1:EF:42:EC
X509v3 Authority Key Identifier:
keyid:E0:5A:2D:AC:F5:DD:4E:9B:FA:2D:2D:9B:2D:3C:3F:96:78:74:58:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FotrPXdTpv6LS2bLTw_lnh0WEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/01000b-aa96-4bc6-8cc1-af07a9e87fc0/1/UJGm2ryO8HuvxtqrnMckm6HvQuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/01000b-aa96-4bc6-8cc1-af07a9e87fc0/1/4FotrPXdTpv6LS2bLTw_lnh0WEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.180.0/22
IPv6:
2a00:bf60::/32
Signature Algorithm: sha256WithRSAEncryption
12:7d:f9:c9:d0:47:67:c8:ec:da:33:55:d4:c5:6c:1e:db:9f:
fa:a3:e0:b2:0d:a8:35:3c:29:ec:29:5a:d9:8f:2e:ef:3e:24:
f2:f7:19:b6:c6:f6:58:1e:ef:5c:d0:bf:4b:45:72:64:a8:a8:
2c:7a:01:ae:69:74:73:f4:a6:a0:d0:fa:78:f4:7e:01:df:ba:
59:e4:56:46:71:6d:77:77:85:d2:c1:8c:7f:c9:fa:24:84:f2:
1f:d4:af:41:86:38:3b:b8:e9:96:71:eb:8b:68:0a:0e:09:a9:
66:93:61:60:eb:ef:7e:ff:19:a0:fb:dc:c9:27:7d:f3:8b:86:
18:3d:48:99:df:0e:f6:80:c7:73:27:3f:bb:ff:65:0b:25:20:
1a:59:ed:d1:bc:b4:b6:5a:96:5e:48:e3:5c:30:8b:cd:14:ae:
4d:3e:f3:68:6b:fc:9b:7c:23:14:ca:95:1f:43:71:70:fe:d8:
f5:78:40:fb:12:a2:56:67:a5:02:34:c8:57:a7:05:f6:12:70:
4f:df:15:9f:34:ed:a0:2e:90:ca:b7:c2:09:9a:09:c1:e9:00:
cc:d0:45:3f:f4:fc:a0:e5:b4:7f:63:84:ea:b4:17:2b:71:13:
7a:8b:c1:52:97:66:2b:1f:54:47:f1:18:be:f2:a7:5f:86:3c:
33:bd:cc:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2dmyl88IGUI7PaSJj6q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNWEyZGFjZjVkZDRlOWJmYTJkMmQ5YjJkM2MzZjk2Nzg3
NDU4NDEwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDkxYTZkYWJjOGVmMDdiYWZjNmRhYWI5Y2M3MjQ5YmExZWY0MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV3nyLQEEwEMRHn60sLK2JAbev4y
2ejt0JPqLOTRm+Tnr3uZEJxzW9v84L+KrvbApVJgG3yGn+lYMC4WFEwwqVz5X74h
55xWGJOMAHhOZMAX9MMG/ZSGs9UwyH7gUpbUiOGQqd6xn4KZtXShScwuFNAjPKtD
3xLI8aPWU24CNRkK2ga2LJQ1k2fZLD5tRL92tSaIB0qu3NwPxb59/28y81a2qKTo
8zIpTq9CKcKEV6dnBoCw6GKVThGNjaRng71JcHzaiwLwm7OWgQIKovnpvbR4qYcC
zWDdPiT+bgG3II7ZDg41URfaxalFWkJ18Ota9c+uWj7TO3pne0GhKBbekQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFCRptq8jvB7r8baq5zHJJuh70LsMB8GA1UdIwQY
MBaAFOBaLaz13U6b+i0tmy08P5Z4dFhBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZvdHJQWGRUcHY2TFMyYkxUd19sbmgwV0VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wMTAwMGItYWE5Ni00YmM2LThjYzEt
YWYwN2E5ZTg3ZmMwLzEvVUpHbTJyeU84SHV2eHRxcm5NY2ttNkh2UXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wMTAwMGItYWE5Ni00YmM2LThjYzEtYWYwN2E5ZTg3ZmMw
LzEvNEZvdHJQWGRUcHY2TFMyYkxUd19sbmgwV0VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR+0MA0E
AgACMAcDBQAqAL9gMA0GCSqGSIb3DQEBCwUAA4IBAQASffnJ0EdnyOzaM1XUxWwe
25/6o+CyDag1PCnsKVrZjy7vPiTy9xm2xvZYHu9c0L9LRXJkqKgsegGuaXRz9Kag
0Pp49H4B37pZ5FZGcW13d4XSwYx/yfokhPIf1K9Bhjg7uOmWceuLaAoOCalmk2Fg
6+9+/xmg+9zJJ33zi4YYPUiZ3w72gMdzJz+7/2ULJSAaWe3RvLS2WpZeSONcMIvN
FK5NPvNoa/ybfCMUypUfQ3Fw/tj1eED7EqJWZ6UCNMhXpwX2EnBP3xWfNO2gLpDK
t8IJmgnB6QDM0EU/9Pyg5bR/Y4TqtBcrcRN6i8FSl2YrH1RH8Ri+8qdfhjwzvcx8
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:58:34 2025 by rpki-client