Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/ul5ni49--9XUdy3GQJ4QItwk2fY.roa
File: ul5ni49--9XUdy3GQJ4QItwk2fY.roa (raw, json)
Hash identifier: 5VF37divuR8ckyhjHtdEIrjaJHoOsNcFhYqFs1LGC98=
Subject key identifier: BA:5E:67:8B:8F:7E:FB:D5:D4:77:2D:C6:40:9E:10:22:DC:24:D9:F6
Certificate issuer: /CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Certificate serial: 0194266B42B7466B5CB6514901E7DFE3C00C
Authority key identifier: 66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/ul5ni49--9XUdy3GQJ4QItwk2fY.roa
Signing time: Thu 02 Jan 2025 09:49:11 +0000
ROA not before: Thu 02 Jan 2025 09:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30875
IP address blocks: 185.101.108.0/22 maxlen: 22
185.101.111.240/28 maxlen: 28
2a06:1d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:42:b7:46:6b:5c:b6:51:49:01:e7:df:e3:c0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Validity
Not Before: Jan 2 09:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba5e678b8f7efbd5d4772dc6409e1022dc24d9f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f0:84:3f:0a:29:c5:a7:36:46:53:76:af:54:
05:01:66:43:2c:1c:2a:a8:73:ef:e3:3a:f0:04:a9:
da:30:54:d6:ef:a9:5a:c1:e5:18:f2:85:e3:4e:2f:
99:15:f6:39:c8:9e:6e:46:7f:13:c4:4a:ba:8d:19:
42:6e:0b:c3:93:8a:73:20:21:4e:06:8d:6b:69:2c:
85:6e:d6:a5:c0:64:dd:96:c2:27:ca:ec:15:6e:59:
71:9f:b2:94:74:2e:35:1c:aa:3d:e9:a6:13:26:0a:
d3:f4:fc:5a:21:9e:8d:ba:0e:0f:03:56:c0:9e:50:
7b:6a:c1:65:3a:8d:8d:32:53:85:50:2c:6e:81:8b:
ee:f3:ed:8f:b9:71:22:03:7d:91:84:02:d9:2b:ca:
28:49:bd:1c:4e:08:fb:a3:4d:47:c9:8d:bd:2a:6c:
df:ce:3c:27:17:92:39:80:77:25:38:70:ce:b3:5a:
32:40:76:72:17:d2:b6:e3:ec:07:51:9f:38:22:a6:
73:25:fd:63:6a:aa:90:15:2b:8c:27:91:71:8e:72:
e9:ec:0b:6b:d0:ba:e1:bc:99:23:5f:35:3b:06:39:
a5:30:ab:e2:35:6e:e9:81:f3:13:50:fd:f4:d5:0d:
dd:11:5e:9c:f0:74:27:d7:36:f1:0a:94:47:9e:d9:
c5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5E:67:8B:8F:7E:FB:D5:D4:77:2D:C6:40:9E:10:22:DC:24:D9:F6
X509v3 Authority Key Identifier:
keyid:66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/ul5ni49--9XUdy3GQJ4QItwk2fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/Zh5xdL-enqG2SpK6Zf_PHpMczjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.108.0/22
IPv6:
2a06:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
11:97:45:b6:aa:40:b0:bb:40:05:12:08:b6:00:c6:a1:03:f8:
d8:61:d8:53:60:2d:8d:84:87:a7:ad:86:94:11:e7:df:2c:30:
fb:fe:13:1b:c6:f7:07:27:6b:18:78:32:b2:dd:18:98:35:c4:
44:5b:ae:9c:7d:69:3f:c5:97:75:56:56:29:fb:07:1c:96:b2:
13:9b:fc:ef:90:85:68:77:c7:f8:e0:d0:4c:aa:fc:bf:6f:21:
db:91:d1:0c:69:9e:1d:99:ee:39:71:d6:9f:49:75:56:ca:ad:
b7:51:2f:ff:56:27:40:e6:95:7d:86:4d:c0:c4:0f:27:4e:f7:
66:6a:e9:98:b3:ef:dd:79:c4:35:58:51:6c:f9:e4:07:45:8d:
bd:e0:3c:ee:05:82:fb:ba:99:84:50:3b:af:08:c5:1b:c8:3f:
8d:fa:d3:3f:ce:7a:6f:95:e1:fb:d8:06:09:cf:4e:c3:96:ff:
f6:8b:75:7f:7b:25:bb:77:43:71:46:92:79:2d:37:c7:8d:40:
10:9c:2f:15:9c:64:1f:19:43:22:e1:45:da:38:7b:7c:74:3a:
d6:f1:01:ab:fc:b6:4b:07:ea:fe:47:df:64:c9:3e:55:a1:10:
e8:5c:76:a1:b8:b5:fe:03:68:54:24:84:ea:b6:40:10:c0:73:
1a:06:95:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma0K3RmtctlFJAeff48AMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MWU3MTc0YmY5ZTllYTFiNjRhOTJiYTY1ZmZjZjFlOTMx
Y2NlMzIwHhcNMjUwMTAyMDk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVlNjc4YjhmN2VmYmQ1ZDQ3NzJkYzY0MDllMTAyMmRjMjRkOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fCEPwopxac2RlN2r1QFAWZDLBwq
qHPv4zrwBKnaMFTW76laweUY8oXjTi+ZFfY5yJ5uRn8TxEq6jRlCbgvDk4pzICFO
Bo1raSyFbtalwGTdlsInyuwVbllxn7KUdC41HKo96aYTJgrT9PxaIZ6Nug4PA1bA
nlB7asFlOo2NMlOFUCxugYvu8+2PuXEiA32RhALZK8ooSb0cTgj7o01HyY29Kmzf
zjwnF5I5gHclOHDOs1oyQHZyF9K24+wHUZ84IqZzJf1jaqqQFSuMJ5FxjnLp7Atr
0LrhvJkjXzU7BjmlMKviNW7pgfMTUP301Q3dEV6c8HQn1zbxCpRHntnFIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLpeZ4uPfvvV1HctxkCeECLcJNn2MB8GA1UdIwQY
MBaAFGYecXS/np6htkqSumX/zx6THM4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmg1eGRMLWVucUcyU3BLNlpmX1BIcE1jempJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMjczODktZGUxMi00ZDEzLTk4ODAt
NmJkODQ0ZWE4NmM3LzEvdWw1bmk0OS0tOVhVZHkzR1FKNFFJdHdrMmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMjczODktZGUxMi00ZDEzLTk4ODAtNmJkODQ0ZWE4NmM3
LzEvWmg1eGRMLWVucUcyU3BLNlpmX1BIcE1jempJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWVsMA0E
AgACMAcDBQMqBh0AMA0GCSqGSIb3DQEBCwUAA4IBAQARl0W2qkCwu0AFEgi2AMah
A/jYYdhTYC2NhIenrYaUEeffLDD7/hMbxvcHJ2sYeDKy3RiYNcREW66cfWk/xZd1
VlYp+wcclrITm/zvkIVod8f44NBMqvy/byHbkdEMaZ4dme45cdafSXVWyq23US//
VidA5pV9hk3AxA8nTvdmaumYs+/decQ1WFFs+eQHRY294DzuBYL7upmEUDuvCMUb
yD+N+tM/znpvleH72AYJz07Dlv/2i3V/eyW7d0NxRpJ5LTfHjUAQnC8VnGQfGUMi
4UXaOHt8dDrW8QGr/LZLB+r+R99kyT5VoRDoXHahuLX+A2hUJITqtkAQwHMaBpU4
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:11:29 2025 by rpki-client