Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Uxq2zaQ3C0F2KaVo_-rxCUMMpzU.roa
File: Uxq2zaQ3C0F2KaVo_-rxCUMMpzU.roa (raw, json)
Hash identifier: VbEHRBQ6CnI3V57/ypd9YP2tAsM8cgW+F1+a7XG3s5Q=
Subject key identifier: 53:1A:B6:CD:A4:37:0B:41:76:29:A5:68:FF:EA:F1:09:43:0C:A7:35
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 0194221F96D233FDFCA6546DE3BF138FFADF
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Uxq2zaQ3C0F2KaVo_-rxCUMMpzU.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198213
IP address blocks: 109.202.120.0/24 maxlen: 24
109.202.121.0/24 maxlen: 24
109.202.122.0/24 maxlen: 24
109.202.123.0/24 maxlen: 24
109.202.125.0/24 maxlen: 24
109.202.127.0/24 maxlen: 24
2a03:e180::/32 maxlen: 32
2a03:e181::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:96:d2:33:fd:fc:a6:54:6d:e3:bf:13:8f:fa:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=531ab6cda4370b417629a568ffeaf109430ca735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:39:8d:25:bf:0e:43:ee:42:11:1d:02:e6:
90:8d:74:8e:e2:8b:e1:bb:09:88:8c:2d:13:54:93:
b4:e4:d1:c4:bb:15:37:86:32:3d:f3:b5:29:50:c2:
aa:61:b1:75:25:4b:4a:16:3d:f4:ab:d9:2e:59:ca:
1d:4a:46:ff:8b:c2:64:2a:33:f9:7c:53:3b:5e:e0:
96:5e:ef:87:57:0d:a2:91:90:0d:14:59:6a:f4:70:
fe:95:4e:a5:74:ba:0d:1f:9a:40:4c:af:49:31:07:
c0:9a:48:89:60:82:53:50:fb:94:a7:33:95:b5:91:
06:43:09:6e:ce:31:1b:27:58:92:37:71:ce:71:8c:
ad:ee:f2:72:4a:97:c5:13:71:ea:7b:c5:fc:35:ce:
d3:d1:87:e4:72:b9:b9:95:9d:cf:5d:c5:1f:be:23:
ba:0a:0a:70:8c:f4:30:1a:5b:65:5a:96:22:fe:1c:
12:d8:24:67:cc:ba:0c:98:31:2c:d0:eb:f0:17:99:
83:43:ae:81:b7:8d:09:55:f7:3f:57:7a:78:6f:e1:
c8:07:cc:d2:54:4e:41:9e:2b:9d:39:6a:0f:6a:7f:
1b:d0:26:4a:24:8a:81:1c:c6:14:96:f7:9d:f7:04:
b9:8c:84:79:5a:e3:9b:f3:bc:f7:e8:54:39:23:21:
85:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1A:B6:CD:A4:37:0B:41:76:29:A5:68:FF:EA:F1:09:43:0C:A7:35
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/Uxq2zaQ3C0F2KaVo_-rxCUMMpzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.120.0/22
109.202.125.0/24
109.202.127.0/24
IPv6:
2a03:e180::/31
Signature Algorithm: sha256WithRSAEncryption
98:4f:15:03:a5:58:bb:06:25:52:58:63:2c:a9:e7:c5:e0:2b:
fa:1d:b4:a3:c1:9a:92:35:61:81:6a:2c:f3:da:de:02:f8:ed:
aa:a8:de:94:49:3d:1d:1e:bc:6e:4f:ca:94:ae:e2:41:99:12:
57:53:5c:34:60:8a:cc:17:f4:7e:02:0c:e8:42:ea:9c:28:db:
cb:2f:86:46:0f:bb:f2:42:d4:ec:db:be:2d:59:59:83:e8:a5:
fe:63:40:b4:93:2a:57:c0:66:3e:7b:ba:24:95:37:40:dc:23:
b1:e7:e8:a0:bb:46:3f:c1:40:2a:84:af:72:6e:69:2a:c9:5a:
ab:f4:a4:2a:2a:cc:c7:57:61:c0:ef:93:1e:fa:99:bd:23:9c:
38:b7:d3:b3:5f:c4:54:12:f3:c9:86:cf:94:be:37:66:d3:63:
17:34:ec:0a:e3:a4:96:6e:e5:40:fc:cb:6d:d1:33:ad:0a:4f:
05:e0:3f:09:d8:ec:25:71:03:7a:7d:65:2f:68:a1:18:6f:d1:
58:41:a5:9d:ca:0a:cf:d1:1d:6a:9a:de:54:cc:5d:2d:f4:d3:
ab:ca:11:0c:02:5b:ec:46:92:55:83:59:bd:e7:c7:44:06:dd:
39:03:9b:4c:6e:e9:f8:36:02:8b:51:20:df:69:88:23:c7:ea:
6c:02:f3:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiH5bSM/38plRt478Tj/rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFhYjZjZGE0MzcwYjQxNzYyOWE1NjhmZmVhZjEwOTQzMGNhNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0o5jSW/DkPuQhEdAuaQjXSO4ovh
uwmIjC0TVJO05NHEuxU3hjI987UpUMKqYbF1JUtKFj30q9kuWcodSkb/i8JkKjP5
fFM7XuCWXu+HVw2ikZANFFlq9HD+lU6ldLoNH5pATK9JMQfAmkiJYIJTUPuUpzOV
tZEGQwluzjEbJ1iSN3HOcYyt7vJySpfFE3Hqe8X8Nc7T0Yfkcrm5lZ3PXcUfviO6
CgpwjPQwGltlWpYi/hwS2CRnzLoMmDEs0OvwF5mDQ66Bt40JVfc/V3p4b+HIB8zS
VE5BniudOWoPan8b0CZKJIqBHMYUlved9wS5jIR5WuOb87z36FQ5IyGFMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFMats2kNwtBdimlaP/q8QlDDKc1MB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvVXhxMnphUTNDMEYyS2FWb18tcnhDVU1NcHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCbcp4AwQA
bcp9AwQAbcp/MA0EAgACMAcDBQEqA+GAMA0GCSqGSIb3DQEBCwUAA4IBAQCYTxUD
pVi7BiVSWGMsqefF4Cv6HbSjwZqSNWGBaizz2t4C+O2qqN6UST0dHrxuT8qUruJB
mRJXU1w0YIrMF/R+AgzoQuqcKNvLL4ZGD7vyQtTs274tWVmD6KX+Y0C0kypXwGY+
e7oklTdA3COx5+igu0Y/wUAqhK9ybmkqyVqr9KQqKszHV2HA75Me+pm9I5w4t9Oz
X8RUEvPJhs+Uvjdm02MXNOwK46SWbuVA/Mtt0TOtCk8F4D8J2OwlcQN6fWUvaKEY
b9FYQaWdygrP0R1qmt5UzF0t9NOryhEMAlvsRpJVg1m958dEBt05A5tMbun4NgKL
USDfaYgjx+psAvOM
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:45:20 2025 by rpki-client