Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/UqrTwR3mWPPHx5reK2r30AZfypc.roa
File: UqrTwR3mWPPHx5reK2r30AZfypc.roa (raw, json)
Hash identifier: St5DBCKbBaKTs6kDikN1cSMylNB9EQ6HknsZnw2fcYo=
Subject key identifier: 52:AA:D3:C1:1D:E6:58:F3:C7:C7:9A:DE:2B:6A:F7:D0:06:5F:CA:97
Certificate issuer: /CN=c83670987d01d41ee2b564698c8271f50dee4ce1
Certificate serial: 0194236A3567F51BA01B56DF200027842F77
Authority key identifier: C8:36:70:98:7D:01:D4:1E:E2:B5:64:69:8C:82:71:F5:0D:EE:4C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDZwmH0B1B7itWRpjIJx9Q3uTOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/UqrTwR3mWPPHx5reK2r30AZfypc.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212097
IP address blocks: 62.133.36.0/22 maxlen: 22
62.133.36.0/24 maxlen: 24
62.133.37.0/24 maxlen: 24
62.133.38.0/24 maxlen: 24
62.133.39.0/24 maxlen: 24
185.230.102.0/24 maxlen: 24
193.46.32.0/22 maxlen: 22
193.46.32.0/24 maxlen: 24
193.46.33.0/24 maxlen: 24
193.46.34.0/24 maxlen: 24
193.46.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:35:67:f5:1b:a0:1b:56:df:20:00:27:84:2f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c83670987d01d41ee2b564698c8271f50dee4ce1
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52aad3c11de658f3c7c79ade2b6af7d0065fca97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a3:fc:e3:4b:17:44:1a:52:d3:fb:14:c4:0d:
10:c5:28:03:12:ca:53:eb:16:79:ca:72:60:17:73:
93:2c:d9:17:95:04:e5:44:0c:3c:4d:e9:d4:e2:7b:
99:3e:e0:69:8a:73:08:2f:e5:65:41:80:7c:70:0e:
07:1e:48:f5:02:70:f1:92:79:0b:95:67:50:b5:5e:
9c:ee:db:ac:4c:a6:a2:4f:ef:49:78:de:5b:3d:67:
da:ca:45:5c:bd:39:5f:cd:a9:00:dc:7d:d9:81:e5:
42:67:a1:09:44:06:2e:a6:07:ee:f5:6b:fd:d9:aa:
e5:8c:21:6a:f6:60:78:8e:70:95:dd:ea:78:01:b3:
31:1b:9b:0b:99:06:d2:c6:07:41:95:bb:f4:8c:73:
37:d0:47:f8:2d:59:18:c2:83:89:1d:d9:84:88:73:
6f:e6:51:ca:34:24:4b:76:0b:b9:df:4a:cc:31:8a:
02:c9:09:11:72:67:02:9d:e9:07:ed:84:7d:f5:4d:
db:c2:7f:63:8a:5c:2c:d1:58:7c:0b:5e:c3:88:3b:
95:77:58:45:f3:fb:f7:e4:3b:08:2a:bd:39:ab:ab:
23:ed:60:4b:ac:22:fb:8c:9e:e9:eb:3a:33:c0:5f:
48:6a:75:75:16:08:1c:ea:ca:50:4f:54:1c:70:bd:
53:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AA:D3:C1:1D:E6:58:F3:C7:C7:9A:DE:2B:6A:F7:D0:06:5F:CA:97
X509v3 Authority Key Identifier:
keyid:C8:36:70:98:7D:01:D4:1E:E2:B5:64:69:8C:82:71:F5:0D:EE:4C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDZwmH0B1B7itWRpjIJx9Q3uTOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/UqrTwR3mWPPHx5reK2r30AZfypc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/618d5e-3f28-418d-bf4f-2a60cc98a8d3/1/yDZwmH0B1B7itWRpjIJx9Q3uTOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.36.0/22
185.230.102.0/24
193.46.32.0/22
Signature Algorithm: sha256WithRSAEncryption
55:0f:4c:02:1c:37:73:f7:e1:3e:25:67:62:f3:7d:2b:0d:91:
d7:ac:9a:41:f2:c1:e2:56:6a:62:17:ff:77:9b:94:0d:ff:a7:
be:04:c0:17:58:f3:66:f9:ba:d7:d5:ae:0a:d2:d0:64:66:74:
14:78:a7:82:d6:28:bb:17:c9:b2:0f:aa:91:e1:e6:52:8e:db:
0e:d8:03:95:14:5a:22:a3:9d:c2:50:d0:9f:e0:f4:70:5f:c7:
45:82:da:47:5e:98:36:72:76:5e:f6:e9:84:d6:40:3f:1d:91:
ca:d6:6d:3d:70:98:6c:a1:e0:f1:db:e1:64:13:8c:c6:5e:aa:
34:ff:b3:0d:36:f9:96:7a:08:f0:97:08:77:28:49:ae:43:dc:
88:6a:a7:a3:8d:42:cb:ff:c7:09:1b:65:44:14:71:28:6f:21:
96:39:7c:2d:d4:ea:82:4b:c8:fd:25:8f:a0:f1:1e:bb:a2:18:
dc:09:d8:d5:53:12:5a:c7:9f:3d:70:a9:4a:a4:aa:3f:a5:59:
2e:03:53:d4:70:cb:4a:e1:b2:15:f6:41:eb:f2:53:8d:63:4b:
c7:ab:ba:82:a4:b7:83:fb:14:5d:9a:42:bc:a3:a1:ea:79:66:
50:95:01:71:96:a8:c7:7f:1b:41:d0:a4:63:92:5a:f3:80:67:
71:fc:a4:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjajVn9RugG1bfIAAnhC93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MzY3MDk4N2QwMWQ0MWVlMmI1NjQ2OThjODI3MWY1MGRl
ZTRjZTEwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFhZDNjMTFkZTY1OGYzYzdjNzlhZGUyYjZhZjdkMDA2NWZjYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqP840sXRBpS0/sUxA0QxSgDEspT
6xZ5ynJgF3OTLNkXlQTlRAw8TenU4nuZPuBpinMIL+VlQYB8cA4HHkj1AnDxknkL
lWdQtV6c7tusTKaiT+9JeN5bPWfaykVcvTlfzakA3H3ZgeVCZ6EJRAYupgfu9Wv9
2arljCFq9mB4jnCV3ep4AbMxG5sLmQbSxgdBlbv0jHM30Ef4LVkYwoOJHdmEiHNv
5lHKNCRLdgu530rMMYoCyQkRcmcCnekH7YR99U3bwn9jilws0Vh8C17DiDuVd1hF
8/v35DsIKr05q6sj7WBLrCL7jJ7p6zozwF9IanV1Fggc6spQT1QccL1TbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFKq08Ed5ljzx8ea3itq99AGX8qXMB8GA1UdIwQY
MBaAFMg2cJh9AdQe4rVkaYyCcfUN7kzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveURad21IMEIxQjdpdFdScGpJSng5UTN1VE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82MThkNWUtM2YyOC00MThkLWJmNGYt
MmE2MGNjOThhOGQzLzEvVXFyVHdSM21XUFBIeDVyZUsycjMwQVpmeXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82MThkNWUtM2YyOC00MThkLWJmNGYtMmE2MGNjOThhOGQz
LzEveURad21IMEIxQjdpdFdScGpJSng5UTN1VE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPoUkAwQA
ueZmAwQCwS4gMA0GCSqGSIb3DQEBCwUAA4IBAQBVD0wCHDdz9+E+JWdi830rDZHX
rJpB8sHiVmpiF/93m5QN/6e+BMAXWPNm+brX1a4K0tBkZnQUeKeC1ii7F8myD6qR
4eZSjtsO2AOVFFoio53CUNCf4PRwX8dFgtpHXpg2cnZe9umE1kA/HZHK1m09cJhs
oeDx2+FkE4zGXqo0/7MNNvmWegjwlwh3KEmuQ9yIaqejjULL/8cJG2VEFHEobyGW
OXwt1OqCS8j9JY+g8R67ohjcCdjVUxJax589cKlKpKo/pVkuA1PUcMtK4bIV9kHr
8lONY0vHq7qCpLeD+xRdmkK8o6HqeWZQlQFxlqjHfxtB0KRjklrzgGdx/KSC
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:55:37 2025 by rpki-client