Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/uqUylZbw2V7XHMMPlt0smOkdOBE.roa
File: uqUylZbw2V7XHMMPlt0smOkdOBE.roa (raw, json)
Hash identifier: 3G9ODJS5eJVlImugW9SB7DFrUNhhTxGc7u4YCGLBIF4=
Subject key identifier: BA:A5:32:95:96:F0:D9:5E:D7:1C:C3:0F:96:DD:2C:98:E9:1D:38:11
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 019426D99F05FCF2F34C8BE333145B314986
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/uqUylZbw2V7XHMMPlt0smOkdOBE.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208043
IP address blocks: 46.236.110.0/24 maxlen: 24
80.244.64.0/24 maxlen: 24
83.209.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9f:05:fc:f2:f3:4c:8b:e3:33:14:5b:31:49:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baa5329596f0d95ed71cc30f96dd2c98e91d3811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8b:7b:69:58:b7:24:9c:fd:6e:70:3c:7d:b1:
24:3c:1f:18:1d:3d:8f:58:a1:9b:68:59:ad:e8:32:
ba:f3:78:96:82:22:88:c0:76:ba:fe:60:d0:52:e9:
57:f0:0a:ca:15:27:c0:81:39:1c:82:d6:a3:50:91:
6f:54:14:5c:b5:59:8c:17:fb:0f:ab:bd:dd:91:35:
91:72:43:30:f4:6b:94:92:d0:1b:34:f1:d3:8d:29:
8b:c2:97:93:c5:75:07:a8:17:62:56:2f:b2:7b:ae:
cf:32:15:43:c7:2c:b7:3b:61:5e:bb:01:32:bb:92:
8f:62:ae:a9:b0:36:f9:e8:a0:98:58:e2:3d:de:5b:
25:4e:9e:b7:95:0b:27:4b:1d:4a:46:6d:83:5d:36:
af:8c:cc:90:fa:39:25:a8:48:50:26:79:c8:69:54:
ec:bd:f8:57:0d:c3:59:1c:02:f3:a5:00:6e:07:4d:
22:d2:59:eb:5b:1a:86:e9:42:5f:80:34:10:6b:8e:
c3:c3:89:d6:03:2e:cd:2c:5f:5d:aa:3a:0c:3a:a3:
10:b8:eb:d2:9f:bf:3e:b4:dc:d0:f7:22:ce:02:32:
39:0d:74:51:70:d8:87:0d:79:4f:61:d5:49:2a:54:
b1:c5:03:f8:df:c3:09:4d:87:3f:ea:00:e8:30:4b:
3b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A5:32:95:96:F0:D9:5E:D7:1C:C3:0F:96:DD:2C:98:E9:1D:38:11
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/uqUylZbw2V7XHMMPlt0smOkdOBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.110.0/24
80.244.64.0/24
83.209.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0e:6c:3a:59:eb:b0:65:e8:78:38:1b:a3:f2:c7:63:33:78:
63:2c:e9:84:45:b3:bc:69:ee:cb:ec:79:50:a7:70:bf:c6:1d:
36:d3:f5:00:ee:af:27:34:f1:0b:05:e3:8b:bf:d2:98:2f:5a:
8b:81:4d:78:df:58:cd:a3:ae:4c:c4:8b:2b:d7:2f:64:69:b3:
8b:6b:2a:5f:c3:ff:ea:75:88:34:37:99:92:71:33:0b:aa:89:
dd:67:58:eb:03:7f:de:81:0a:45:11:e2:1b:42:89:05:78:c8:
de:eb:ba:83:38:86:3a:0e:80:a4:d6:d8:4b:f8:15:88:42:1c:
0e:d1:66:79:40:1c:71:9c:ce:de:24:a8:5f:8a:21:0c:f2:a2:
99:62:eb:6c:aa:06:0b:7c:d6:07:4f:7e:19:23:4c:a8:27:21:
e2:6f:5d:6c:e7:9d:d7:51:c9:0e:40:8f:b1:b4:e7:44:4e:0b:
37:d5:f8:20:73:56:2a:cb:b0:5f:ef:13:41:97:64:86:19:4c:
a9:b3:70:69:58:fd:f2:6c:23:c9:b8:c2:36:a2:20:33:12:7f:
54:ed:d0:72:ec:c1:a0:ea:d8:ad:e0:e4:8f:da:f9:4c:79:74:
16:33:a9:51:65:c0:5a:dd:a4:1a:f3:ce:66:0c:67:79:90:00:
ea:5f:24:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2Z8F/PLzTIvjMxRbMUmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWE1MzI5NTk2ZjBkOTVlZDcxY2MzMGY5NmRkMmM5OGU5MWQzODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ot7aVi3JJz9bnA8fbEkPB8YHT2P
WKGbaFmt6DK683iWgiKIwHa6/mDQUulX8ArKFSfAgTkcgtajUJFvVBRctVmMF/sP
q73dkTWRckMw9GuUktAbNPHTjSmLwpeTxXUHqBdiVi+ye67PMhVDxyy3O2FeuwEy
u5KPYq6psDb56KCYWOI93lslTp63lQsnSx1KRm2DXTavjMyQ+jklqEhQJnnIaVTs
vfhXDcNZHALzpQBuB00i0lnrWxqG6UJfgDQQa47Dw4nWAy7NLF9dqjoMOqMQuOvS
n78+tNzQ9yLOAjI5DXRRcNiHDXlPYdVJKlSxxQP438MJTYc/6gDoMEs7MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLqlMpWW8Nle1xzDD5bdLJjpHTgRMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvdXFVeWxaYncyVjdYSE1NUGx0MHNtT2tkT0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALuxuAwQA
UPRAAwQAU9GZMA0GCSqGSIb3DQEBCwUAA4IBAQBaDmw6WeuwZeh4OBuj8sdjM3hj
LOmERbO8ae7L7HlQp3C/xh020/UA7q8nNPELBeOLv9KYL1qLgU1431jNo65MxIsr
1y9kabOLaypfw//qdYg0N5mScTMLqondZ1jrA3/egQpFEeIbQokFeMje67qDOIY6
DoCk1thL+BWIQhwO0WZ5QBxxnM7eJKhfiiEM8qKZYutsqgYLfNYHT34ZI0yoJyHi
b11s553XUckOQI+xtOdETgs31fggc1Yqy7Bf7xNBl2SGGUyps3BpWP3ybCPJuMI2
oiAzEn9U7dBy7MGg6tit4OSP2vlMeXQWM6lRZcBa3aQa885mDGd5kADqXyRz
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:50 2025 by rpki-client