Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/UOhBO5tiijOD2pDmpEzGmcmWS0c.roa
File: UOhBO5tiijOD2pDmpEzGmcmWS0c.roa (raw, json)
Hash identifier: xgr3YICoBLMfkC1gTEslMu1vKZNde/9vfYQRW1pAxzQ=
Subject key identifier: 50:E8:41:3B:9B:62:8A:33:83:DA:90:E6:A4:4C:C6:99:C9:96:4B:47
Certificate issuer: /CN=20eee05da183dee2b8118141956462c9240d7876
Certificate serial: 01941FFA35DEF678DCFD5751C3047D7A8E5C
Authority key identifier: 20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/UOhBO5tiijOD2pDmpEzGmcmWS0c.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205584
IP address blocks: 2.57.156.0/22 maxlen: 24
185.215.28.0/22 maxlen: 24
185.215.28.0/24 maxlen: 24
185.215.29.0/24 maxlen: 24
185.215.30.0/24 maxlen: 24
185.215.31.0/24 maxlen: 24
193.105.168.0/24 maxlen: 24
195.78.98.0/23 maxlen: 24
2a0b:a2c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:35:de:f6:78:dc:fd:57:51:c3:04:7d:7a:8e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20eee05da183dee2b8118141956462c9240d7876
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50e8413b9b628a3383da90e6a44cc699c9964b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:38:5b:3b:7f:ea:f0:83:d5:2b:7b:64:ee:da:
6e:03:0e:d7:48:6c:80:b3:1b:88:01:95:1e:e8:d7:
18:fe:f0:72:6b:44:d6:ca:7c:82:d9:2b:5b:24:0e:
bc:0a:ad:4b:91:51:b1:02:79:52:ce:41:d0:ba:14:
33:89:ab:a7:db:3e:af:e1:2b:01:3d:0f:bf:81:bb:
b6:71:60:76:6e:9f:0f:93:9c:26:07:e4:fc:55:f7:
3e:08:15:7e:98:8d:02:bb:7e:93:53:13:65:4b:9f:
c8:61:95:14:cf:35:1c:a1:fc:5d:5d:6a:ab:eb:4a:
f1:6c:c5:bf:72:1e:7e:fb:9a:de:b2:91:15:bd:c4:
6e:94:99:e9:4a:7b:39:32:de:d2:d2:f0:d4:12:5e:
81:59:6c:19:38:41:a8:5d:89:b5:3d:0a:b8:2f:6b:
86:ae:29:df:90:1d:52:c8:9f:91:75:f1:ca:77:79:
95:1d:d9:e6:59:1b:b1:c3:83:e2:3e:b2:6a:48:9a:
78:cc:2a:dc:ac:84:58:b5:03:bd:45:a6:40:bb:c3:
ba:bf:6b:09:e2:8f:e5:6d:a0:b6:38:85:12:a9:d5:
e4:bc:db:96:b6:85:cd:71:ee:9b:48:c3:6e:ad:0f:
49:af:8d:0a:e1:d3:85:6b:6b:b2:bd:d8:62:77:de:
67:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E8:41:3B:9B:62:8A:33:83:DA:90:E6:A4:4C:C6:99:C9:96:4B:47
X509v3 Authority Key Identifier:
keyid:20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/UOhBO5tiijOD2pDmpEzGmcmWS0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.156.0/22
185.215.28.0/22
193.105.168.0/24
195.78.98.0/23
IPv6:
2a0b:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:ec:dc:43:5b:b4:db:e9:bf:dc:b4:d8:b8:33:53:28:c2:ad:
bd:18:79:e1:2b:8f:6f:dc:e5:66:43:f0:59:7e:25:91:7e:b2:
ed:62:ae:44:58:11:5b:3e:10:da:95:8e:a9:8f:f1:79:b2:cf:
f7:19:11:82:ff:6e:18:b1:c9:60:fa:b3:b7:81:7e:dc:ae:34:
f7:88:49:4e:d1:35:a8:9e:49:b4:89:e3:53:6c:96:09:2a:11:
d4:6e:a7:db:3a:63:ea:e3:26:87:8a:aa:e5:af:24:9e:9b:19:
0a:05:f4:14:d8:b1:e3:6c:95:ee:bb:49:cd:de:72:0e:23:5a:
96:8c:f6:6f:b1:21:ad:50:68:19:f8:a8:ae:f1:0c:cf:5e:b6:
04:77:45:87:1b:db:9a:7c:f7:ea:6a:2e:2a:04:be:76:49:68:
ea:90:21:84:fa:60:b9:ad:87:4f:d8:51:40:dd:e7:35:34:1f:
39:cf:e2:97:39:a9:82:43:3a:69:06:f8:57:3a:8e:e9:39:54:
0e:83:ed:81:a1:29:3b:e4:04:2d:b5:8d:74:90:6e:bd:ab:ec:
a3:c8:57:1d:c2:c9:35:84:7e:d0:3d:3e:c4:ec:78:76:9d:71:
78:e1:9e:6a:1f:2f:92:6f:e5:bf:07:71:a9:ea:e5:94:e3:f8:
6d:bc:5f:44
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+jXe9njc/VdRwwR9eo5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWVlMDVkYTE4M2RlZTJiODExODE0MTk1NjQ2MmM5MjQw
ZDc4NzYwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGU4NDEzYjliNjI4YTMzODNkYTkwZTZhNDRjYzY5OWM5OTY0YjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjhbO3/q8IPVK3tk7tpuAw7XSGyA
sxuIAZUe6NcY/vBya0TWynyC2StbJA68Cq1LkVGxAnlSzkHQuhQziaun2z6v4SsB
PQ+/gbu2cWB2bp8Pk5wmB+T8Vfc+CBV+mI0Cu36TUxNlS5/IYZUUzzUcofxdXWqr
60rxbMW/ch5++5respEVvcRulJnpSns5Mt7S0vDUEl6BWWwZOEGoXYm1PQq4L2uG
rinfkB1SyJ+RdfHKd3mVHdnmWRuxw4PiPrJqSJp4zCrcrIRYtQO9RaZAu8O6v2sJ
4o/lbaC2OIUSqdXkvNuWtoXNce6bSMNurQ9Jr40K4dOFa2uyvdhid95n8QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFDoQTubYoozg9qQ5qRMxpnJlktHMB8GA1UdIwQY
MBaAFCDu4F2hg97iuBGBQZVkYskkDXh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQt
Mzk4NTI5OWZhZDZkLzEvVU9oQk81dGlpak9EMnBEbXBFekdtY21XUzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQtMzk4NTI5OWZhZDZk
LzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjmcAwQC
udccAwQAwWmoAwQBw05iMA0EAgACMAcDBQMqC6LAMA0GCSqGSIb3DQEBCwUAA4IB
AQCG7NxDW7Tb6b/ctNi4M1Mowq29GHnhK49v3OVmQ/BZfiWRfrLtYq5EWBFbPhDa
lY6pj/F5ss/3GRGC/24Ysclg+rO3gX7crjT3iElO0TWonkm0ieNTbJYJKhHUbqfb
OmPq4yaHiqrlrySemxkKBfQU2LHjbJXuu0nN3nIOI1qWjPZvsSGtUGgZ+Kiu8QzP
XrYEd0WHG9uafPfqai4qBL52SWjqkCGE+mC5rYdP2FFA3ec1NB85z+KXOamCQzpp
BvhXOo7pOVQOg+2BoSk75AQttY10kG69q+yjyFcdwsk1hH7QPT7E7Hh2nXF44Z5q
Hy+Sb+W/B3Gp6uWU4/htvF9E
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:21:39 2025 by rpki-client