Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/UCdqxPzxhD6DcRM-eP19XUBCeDg.roa
File: UCdqxPzxhD6DcRM-eP19XUBCeDg.roa (raw, json)
Hash identifier: +MkUD2KfwkVZKPE2Uj5E5ZJgULx673CHDKC9hTQh5dw=
Subject key identifier: 50:27:6A:C4:FC:F1:84:3E:83:71:13:3E:78:FD:7D:5D:40:42:78:38
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 01941F8C4FDEE59C97CA9960282FE7D2DB63
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/UCdqxPzxhD6DcRM-eP19XUBCeDg.roa
Signing time: Wed 01 Jan 2025 01:47:56 +0000
ROA not before: Wed 01 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49028
IP address blocks: 2.59.188.0/22 maxlen: 22
45.151.8.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
185.252.236.0/24 maxlen: 24
185.252.237.0/24 maxlen: 24
185.252.238.0/24 maxlen: 24
185.252.239.0/24 maxlen: 24
193.203.52.0/22 maxlen: 22
2a09:f7c0::/29 maxlen: 29
2a0c:2dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4f:de:e5:9c:97:ca:99:60:28:2f:e7:d2:db:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Jan 1 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50276ac4fcf1843e8371133e78fd7d5d40427838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:a9:c7:18:e9:4a:d3:50:9b:60:79:36:7c:06:
75:f4:a1:87:e7:48:1f:1a:67:a9:b0:f8:90:30:92:
0d:bb:9d:93:1f:e2:7a:3a:da:f2:6e:d9:ab:60:2b:
ab:ef:3e:27:9f:00:a0:36:08:35:a2:58:b0:55:44:
6a:5a:ef:48:5d:90:f5:ba:4e:03:28:56:ef:16:a0:
de:3d:4f:c4:a2:9a:f6:76:2e:05:be:64:d5:5b:ed:
a6:31:2a:40:8b:96:af:2b:ba:c3:56:4e:f5:86:6d:
01:03:74:4f:95:93:6b:59:b8:32:e7:53:81:06:83:
3e:32:ea:62:52:20:d1:ba:bd:53:e7:5c:f0:1f:27:
37:b7:eb:44:1b:d6:fb:16:9b:9c:a4:0d:67:49:93:
bf:21:2b:4e:3b:0c:34:e0:9b:a7:6c:18:7b:18:87:
80:af:cf:26:a0:76:ef:e4:43:89:93:b3:05:16:14:
a6:06:5e:c3:58:01:24:5c:59:5d:e0:e2:7d:6a:fd:
6b:7b:3d:b8:3f:49:a4:d7:5f:e1:9a:53:ab:49:96:
b3:22:26:19:a2:8b:26:f4:0d:5b:62:6b:f3:76:f4:
88:5e:40:6a:ed:a2:f8:d2:39:78:13:57:f6:0b:fa:
cb:1e:67:37:8d:06:c5:f0:5c:66:15:b0:0d:f2:ba:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:27:6A:C4:FC:F1:84:3E:83:71:13:3E:78:FD:7D:5D:40:42:78:38
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/UCdqxPzxhD6DcRM-eP19XUBCeDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.8.0/22
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
49:44:f1:e9:6d:7c:8b:7c:e0:5a:d8:7e:71:b8:b8:2a:99:49:
b8:47:8a:9f:c8:31:66:22:71:eb:c5:04:23:d8:83:5b:78:ce:
06:3b:bf:8b:2a:4d:7c:53:7a:c3:f2:d5:70:39:ef:68:d0:38:
c2:b9:e1:6a:d6:2d:39:5d:47:91:d0:e8:17:2a:1c:9d:66:59:
44:62:d7:7d:73:d0:99:fa:36:18:7b:c1:c8:1c:90:40:4a:10:
3a:5b:e3:80:a1:69:17:d2:16:32:2e:bd:72:2d:07:08:a1:ae:
c3:83:ff:54:0e:b4:26:10:10:b3:a8:1a:c3:05:e4:bf:5d:4d:
ab:82:44:d2:88:a3:e4:09:04:5c:b4:2f:c8:af:f4:8f:e3:cd:
81:e9:f9:cd:fd:7e:13:96:a3:94:dd:39:7d:7d:9d:3b:5e:8b:
96:39:7a:2f:ae:63:b2:5a:37:ad:95:cd:54:45:6c:5d:9d:89:
1d:a5:4c:4b:ee:45:7a:d2:8c:99:2b:21:c7:7d:1e:39:15:96:
d4:b8:56:48:1a:f0:27:d6:e3:02:5e:42:47:8d:0e:6a:21:2b:
0e:6c:21:65:b7:08:12:f0:f0:23:bf:4c:a3:cc:f8:53:05:7e:
16:5e:53:ad:c1:7b:ee:f3:f7:c7:49:ea:3e:7d:39:f0:28:3e:
e9:6c:41:89
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQfjE/e5ZyXyplgKC/n0ttjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjUwMTAxMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDI3NmFjNGZjZjE4NDNlODM3MTEzM2U3OGZkN2Q1ZDQwNDI3ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96nHGOlK01CbYHk2fAZ19KGH50gf
GmepsPiQMJINu52TH+J6OtrybtmrYCur7z4nnwCgNgg1oliwVURqWu9IXZD1uk4D
KFbvFqDePU/Eopr2di4FvmTVW+2mMSpAi5avK7rDVk71hm0BA3RPlZNrWbgy51OB
BoM+MupiUiDRur1T51zwHyc3t+tEG9b7FpucpA1nSZO/IStOOww04JunbBh7GIeA
r88moHbv5EOJk7MFFhSmBl7DWAEkXFld4OJ9av1rez24P0mk11/hmlOrSZazIiYZ
oosm9A1bYmvzdvSIXkBq7aL40jl4E1f2C/rLHmc3jQbF8FxmFbAN8rqwyQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFAnasT88YQ+g3ETPnj9fV1AQng4MB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvVUNkcXhQenhoRDZEY1JNLWVQMTlYVUJDZURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCAju8AwQC
LZcIAwQCufzsAwQCwcs0MBQEAgACMA4DBQMqCffAAwUDKgwtwDANBgkqhkiG9w0B
AQsFAAOCAQEASUTx6W18i3zgWth+cbi4KplJuEeKn8gxZiJx68UEI9iDW3jOBju/
iypNfFN6w/LVcDnvaNA4wrnhatYtOV1HkdDoFyocnWZZRGLXfXPQmfo2GHvByByQ
QEoQOlvjgKFpF9IWMi69ci0HCKGuw4P/VA60JhAQs6gawwXkv11Nq4JE0oij5AkE
XLQvyK/0j+PNgen5zf1+E5ajlN05fX2dO16Lljl6L65jslo3rZXNVEVsXZ2JHaVM
S+5FetKMmSshx30eORWW1LhWSBrwJ9bjAl5CR40OaiErDmwhZbcIEvDwI79Mo8z4
UwV+Fl5TrcF77vP3x0nqPn058Cg+6WxBiQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:52:35 2025 by rpki-client