Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/uFIkyOKWSzQfZzP96vWM093yaBY.roa
File: uFIkyOKWSzQfZzP96vWM093yaBY.roa (raw, json)
Hash identifier: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=
Subject key identifier: B8:52:24:C8:E2:96:4B:34:1F:67:33:FD:EA:F5:8C:D3:DD:F2:68:16
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 019426D9FA5C480622A2880CA14D23FDCBD7
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/uFIkyOKWSzQfZzP96vWM093yaBY.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42574
IP address blocks: 31.41.192.0/21 maxlen: 21
91.189.160.0/24 maxlen: 24
91.189.161.0/24 maxlen: 24
91.189.162.0/24 maxlen: 24
91.189.163.0/24 maxlen: 24
91.189.164.0/24 maxlen: 24
91.189.165.0/24 maxlen: 24
91.189.166.0/24 maxlen: 24
91.189.167.0/24 maxlen: 24
91.201.204.0/24 maxlen: 24
91.201.205.0/24 maxlen: 24
91.201.206.0/24 maxlen: 24
91.201.207.0/24 maxlen: 24
91.203.0.0/24 maxlen: 24
91.203.1.0/24 maxlen: 24
91.203.2.0/24 maxlen: 24
91.203.3.0/24 maxlen: 24
94.232.232.0/24 maxlen: 24
94.232.233.0/24 maxlen: 24
94.232.234.0/24 maxlen: 24
94.232.235.0/24 maxlen: 24
94.232.236.0/24 maxlen: 24
94.232.237.0/24 maxlen: 24
94.232.238.0/24 maxlen: 24
94.232.239.0/24 maxlen: 24
193.33.100.0/24 maxlen: 24
193.33.101.0/24 maxlen: 24
194.146.200.0/24 maxlen: 24
194.146.201.0/24 maxlen: 24
194.146.202.0/24 maxlen: 24
194.146.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fa:5c:48:06:22:a2:88:0c:a1:4d:23:fd:cb:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b85224c8e2964b341f6733fdeaf58cd3ddf26816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:dc:61:58:b2:54:4b:67:37:2b:38:b3:e8:
9b:d5:61:ab:c5:98:f6:bb:9e:90:0b:e5:b8:f5:2f:
3c:25:2f:be:56:75:d7:81:c3:e5:5c:ee:87:c2:76:
69:da:22:bb:76:2d:8d:d2:fe:1b:80:c7:1e:18:5f:
62:64:73:31:56:24:c5:8b:c8:8b:30:0d:a9:12:de:
cc:ff:d1:d0:8d:b7:c5:64:d9:98:32:52:2a:5d:8f:
d5:1e:0f:d7:5c:0f:b0:9b:41:0d:36:a8:19:58:d4:
0b:77:cc:74:20:6a:83:d8:dd:a2:2e:ec:a0:3a:0f:
9f:0e:5a:c6:90:54:d5:4b:fa:e0:d7:29:68:b5:c7:
51:c2:6c:5f:4d:d7:cb:d5:34:ed:81:43:0f:20:b6:
fe:d6:12:b0:0c:f7:f8:17:64:2f:2a:b7:8e:e2:a8:
81:0b:e1:f9:eb:85:5f:93:e9:54:46:67:61:6c:70:
34:34:01:52:df:1d:73:fd:02:e1:c4:8f:8d:ea:3c:
a1:d0:31:73:fb:c2:a8:ff:1e:2d:de:6b:a5:4d:8c:
0e:9b:28:1d:8f:5b:17:8a:27:e4:a1:ba:3f:1e:30:
0d:f5:17:48:5b:50:84:12:cc:f8:58:07:3e:19:5c:
d9:14:69:fb:b0:96:37:96:46:6a:47:62:f2:33:79:
2a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:52:24:C8:E2:96:4B:34:1F:67:33:FD:EA:F5:8C:D3:DD:F2:68:16
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/uFIkyOKWSzQfZzP96vWM093yaBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.192.0/21
91.189.160.0/21
91.201.204.0/22
91.203.0.0/22
94.232.232.0/21
193.33.100.0/23
194.146.200.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:c6:d4:6e:a9:d8:2f:59:b4:34:3e:ec:df:ba:74:41:22:bb:
59:00:09:13:23:a9:d2:95:81:c6:ab:2c:f2:4b:29:c5:f8:e3:
6e:8e:1c:06:5d:57:59:34:3d:99:69:89:e0:96:9d:17:1c:1f:
2a:00:ce:4e:fc:ab:58:83:d9:05:f8:dd:27:37:25:4b:98:bc:
3e:aa:a8:7f:8f:b0:dc:bd:1e:1f:8a:6d:d3:cd:89:70:67:80:
04:8e:3a:61:8b:03:e2:79:c9:87:1f:78:02:b8:3c:87:47:12:
63:5a:b6:1e:fc:42:f7:e9:0d:f5:ed:09:c3:87:f1:8f:3f:31:
2f:f6:d3:c1:83:3c:44:9d:f1:41:56:61:e6:32:f3:db:22:47:
d2:3e:7a:1c:93:3c:a7:21:dd:68:c6:56:7c:e0:60:00:bf:34:
2b:99:d3:ed:61:db:05:f8:0f:5b:c0:a4:64:bc:de:73:2a:5a:
ad:66:10:85:02:b1:75:cd:f8:17:6d:d1:4a:85:10:45:98:22:
fd:73:f2:3c:9c:b3:5f:60:f6:70:c4:73:e7:b2:a3:ba:c6:b8:
48:bc:65:ad:91:05:80:b1:63:52:cb:d7:15:c0:00:5f:9f:ad:
99:17:d1:79:78:c3:90:59:ad:11:f4:72:a1:64:ed:9f:0e:cc:
cc:04:80:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2fpcSAYioogMoU0j/cvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUyMjRjOGUyOTY0YjM0MWY2NzMzZmRlYWY1OGNkM2RkZjI2ODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlTcYViyVEtnNys4s+ib1WGrxZj2
u56QC+W49S88JS++VnXXgcPlXO6HwnZp2iK7di2N0v4bgMceGF9iZHMxViTFi8iL
MA2pEt7M/9HQjbfFZNmYMlIqXY/VHg/XXA+wm0ENNqgZWNQLd8x0IGqD2N2iLuyg
Og+fDlrGkFTVS/rg1ylotcdRwmxfTdfL1TTtgUMPILb+1hKwDPf4F2QvKreO4qiB
C+H564Vfk+lURmdhbHA0NAFS3x1z/QLhxI+N6jyh0DFz+8Ko/x4t3mulTYwOmygd
j1sXiifkobo/HjAN9RdIW1CEEsz4WAc+GVzZFGn7sJY3lkZqR2LyM3kqDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLhSJMjilks0H2cz/er1jNPd8mgWMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvdUZJa3lPS1dTelFmWnpQOTZ2V00wOTN5YUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDHynAAwQD
W72gAwQCW8nMAwQCW8sAAwQDXujoAwQBwSFkAwQCwpLIMA0GCSqGSIb3DQEBCwUA
A4IBAQDCxtRuqdgvWbQ0PuzfunRBIrtZAAkTI6nSlYHGqyzySynF+ONujhwGXVdZ
ND2ZaYnglp0XHB8qAM5O/KtYg9kF+N0nNyVLmLw+qqh/j7DcvR4fim3TzYlwZ4AE
jjphiwPiecmHH3gCuDyHRxJjWrYe/EL36Q317QnDh/GPPzEv9tPBgzxEnfFBVmHm
MvPbIkfSPnockzynId1oxlZ84GAAvzQrmdPtYdsF+A9bwKRkvN5zKlqtZhCFArF1
zfgXbdFKhRBFmCL9c/I8nLNfYPZwxHPnsqO6xrhIvGWtkQWAsWNSy9cVwABfn62Z
F9F5eMOQWa0R9HKhZO2fDszMBIBG
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:15:50 2025 by rpki-client