Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/49bfec-757f-4319-b45d-9b5d63b5cbf5/1/2UJUcXgEXfunFA21jmeL2YNS9MM.roa
File: 2UJUcXgEXfunFA21jmeL2YNS9MM.roa (raw, json)
Hash identifier: 6FVHb9+rMImArAonsBYihu+wIYZJbNNs1MntdRcJc2I=
Subject key identifier: D9:42:54:71:78:04:5D:FB:A7:14:0D:B5:8E:67:8B:D9:83:52:F4:C3
Certificate issuer: /CN=55096c61153d2ab55077f1a30c245986001ba1d9
Certificate serial: 019426D9AC984ACA1FEBB67FBE34A852122E
Authority key identifier: 55:09:6C:61:15:3D:2A:B5:50:77:F1:A3:0C:24:59:86:00:1B:A1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQlsYRU9KrVQd_GjDCRZhgAbodk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/49bfec-757f-4319-b45d-9b5d63b5cbf5/1/2UJUcXgEXfunFA21jmeL2YNS9MM.roa
Signing time: Thu 02 Jan 2025 11:49:47 +0000
ROA not before: Thu 02 Jan 2025 11:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205934
IP address blocks: 195.245.235.0/24 maxlen: 24
2a0b:a340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ac:98:4a:ca:1f:eb:b6:7f:be:34:a8:52:12:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55096c61153d2ab55077f1a30c245986001ba1d9
Validity
Not Before: Jan 2 11:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d942547178045dfba7140db58e678bd98352f4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:cc:78:ab:1c:94:b3:46:9f:8f:d3:cd:d9:5b:
2f:76:0e:82:23:6e:c5:e2:02:de:b6:48:a0:30:f1:
35:2e:7e:cf:e0:70:88:f2:ab:43:e7:b5:4b:a0:29:
dd:b4:f4:5f:2c:a9:54:92:7a:50:0e:9b:da:a8:a2:
ed:92:c1:02:98:20:4b:dc:9e:e2:ca:0f:ee:c3:0a:
e8:3c:be:51:34:59:2b:df:8a:8e:9c:92:8b:8d:f9:
fc:f5:80:38:37:93:54:87:2e:5a:a9:04:c8:22:3b:
2a:bd:6f:7b:1d:81:8d:39:1a:30:9c:b0:4f:3e:49:
2b:e5:09:98:52:55:b7:ae:21:39:0a:ed:86:42:f0:
e3:cf:8c:1e:9d:35:c3:b3:29:d1:95:a0:48:5c:c3:
d9:a8:9f:f3:7e:91:2d:93:53:2e:37:0c:41:4a:46:
cb:c6:19:8a:77:a3:92:32:b8:75:f8:bb:20:56:46:
bb:06:74:fe:f5:09:f1:bd:0d:f8:35:df:8e:29:2f:
f8:0e:e2:95:27:6a:35:fa:e9:39:f1:9b:ba:f9:10:
bd:12:9a:e7:9a:63:87:01:4d:0a:9b:af:5a:2b:14:
4e:fe:9b:5e:5b:ac:df:0b:75:71:56:ba:2f:3d:d5:
e0:c6:d5:8a:f4:cd:97:a0:c5:33:c1:b3:07:ae:5c:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:42:54:71:78:04:5D:FB:A7:14:0D:B5:8E:67:8B:D9:83:52:F4:C3
X509v3 Authority Key Identifier:
keyid:55:09:6C:61:15:3D:2A:B5:50:77:F1:A3:0C:24:59:86:00:1B:A1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQlsYRU9KrVQd_GjDCRZhgAbodk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/49bfec-757f-4319-b45d-9b5d63b5cbf5/1/2UJUcXgEXfunFA21jmeL2YNS9MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/49bfec-757f-4319-b45d-9b5d63b5cbf5/1/VQlsYRU9KrVQd_GjDCRZhgAbodk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.235.0/24
IPv6:
2a0b:a340::/32
Signature Algorithm: sha256WithRSAEncryption
09:63:76:ad:de:38:6d:70:de:5d:fd:65:4d:48:c6:f5:d9:ed:
9e:63:e3:ce:e2:92:0f:ac:30:61:ab:ea:00:23:d8:64:5a:95:
6d:d8:47:f4:3d:52:1b:da:32:3e:c4:82:c0:7e:c6:95:99:23:
3a:63:4b:cd:f2:8d:ac:53:ac:01:b3:7e:f5:92:3c:56:7f:65:
28:a5:bb:ac:df:87:ca:3c:90:3f:0d:85:72:d1:3e:78:40:19:
e1:6c:57:be:0c:7a:3c:6a:1c:7d:94:34:90:b0:bf:f4:13:b7:
07:0d:0e:ba:b6:d9:5a:db:8b:74:f3:2f:4f:77:97:f7:b6:95:
a7:e9:83:68:85:cf:91:08:8a:10:40:6b:02:9e:c4:4c:4a:11:
9e:75:f2:2f:21:cd:cf:55:55:5c:1c:83:01:98:11:81:fa:5c:
73:6b:6b:11:6d:ec:70:d2:b8:e1:6a:8e:9a:ca:f4:93:eb:55:
a3:56:94:2f:29:a1:ae:0b:d6:04:45:40:9c:1b:30:77:e9:02:
52:2c:26:21:cb:65:04:5d:bd:81:49:f1:fb:26:01:63:d8:2d:
c4:ec:3a:4a:18:33:92:40:32:c1:b7:1c:7d:af:bc:c8:70:fd:
bb:87:dc:77:f8:44:46:0b:5c:86:49:b4:62:af:5e:db:18:09:
3b:a1:89:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2ayYSsof67Z/vjSoUhIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDk2YzYxMTUzZDJhYjU1MDc3ZjFhMzBjMjQ1OTg2MDAx
YmExZDkwHhcNMjUwMTAyMTE0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQyNTQ3MTc4MDQ1ZGZiYTcxNDBkYjU4ZTY3OGJkOTgzNTJmNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cx4qxyUs0afj9PN2Vsvdg6CI27F
4gLetkigMPE1Ln7P4HCI8qtD57VLoCndtPRfLKlUknpQDpvaqKLtksECmCBL3J7i
yg/uwwroPL5RNFkr34qOnJKLjfn89YA4N5NUhy5aqQTIIjsqvW97HYGNORownLBP
Pkkr5QmYUlW3riE5Cu2GQvDjz4wenTXDsynRlaBIXMPZqJ/zfpEtk1MuNwxBSkbL
xhmKd6OSMrh1+LsgVka7BnT+9QnxvQ34Nd+OKS/4DuKVJ2o1+uk58Zu6+RC9Eprn
mmOHAU0Km69aKxRO/pteW6zfC3VxVrovPdXgxtWK9M2XoMUzwbMHrlw73QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNlCVHF4BF37pxQNtY5ni9mDUvTDMB8GA1UdIwQY
MBaAFFUJbGEVPSq1UHfxowwkWYYAG6HZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFsc1lSVTlLclZRZF9HakRDUlpoZ0Fib2RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi80OWJmZWMtNzU3Zi00MzE5LWI0NWQt
OWI1ZDYzYjVjYmY1LzEvMlVKVWNYZ0VYZnVuRkEyMWptZUwyWU5TOU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi80OWJmZWMtNzU3Zi00MzE5LWI0NWQtOWI1ZDYzYjVjYmY1
LzEvVlFsc1lSVTlLclZRZF9HakRDUlpoZ0Fib2RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw/XrMA0E
AgACMAcDBQAqC6NAMA0GCSqGSIb3DQEBCwUAA4IBAQAJY3at3jhtcN5d/WVNSMb1
2e2eY+PO4pIPrDBhq+oAI9hkWpVt2Ef0PVIb2jI+xILAfsaVmSM6Y0vN8o2sU6wB
s371kjxWf2Uopbus34fKPJA/DYVy0T54QBnhbFe+DHo8ahx9lDSQsL/0E7cHDQ66
ttla24t08y9Pd5f3tpWn6YNohc+RCIoQQGsCnsRMShGedfIvIc3PVVVcHIMBmBGB
+lxza2sRbexw0rjhao6ayvST61WjVpQvKaGuC9YERUCcGzB36QJSLCYhy2UEXb2B
SfH7JgFj2C3E7DpKGDOSQDLBtxx9r7zIcP27h9x3+ERGC1yGSbRir17bGAk7oYlm
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:24:08 2025 by rpki-client