Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/UauqkNEmM03HfyR0DfZ-u4VKpi4.roa
File: UauqkNEmM03HfyR0DfZ-u4VKpi4.roa (raw, json)
Hash identifier: awMAcPwR6G+MfeZBXCCLJ68VGxx4mPcomrMOc4HQztA=
Subject key identifier: 51:AB:AA:90:D1:26:33:4D:C7:7F:24:74:0D:F6:7E:BB:85:4A:A6:2E
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 019428271EF3AB9FCDD72805BF9758814A57
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/UauqkNEmM03HfyR0DfZ-u4VKpi4.roa
Signing time: Thu 02 Jan 2025 17:53:59 +0000
ROA not before: Thu 02 Jan 2025 17:53:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30818
IP address blocks: 82.221.0.0/20 maxlen: 20
82.221.16.0/20 maxlen: 20
82.221.32.0/20 maxlen: 20
82.221.48.0/20 maxlen: 20
82.221.57.0/24 maxlen: 24
82.221.64.0/20 maxlen: 20
82.221.80.0/20 maxlen: 20
82.221.96.0/20 maxlen: 20
82.221.112.0/20 maxlen: 20
82.221.164.0/24 maxlen: 24
82.221.166.0/24 maxlen: 24
82.221.167.0/24 maxlen: 24
82.221.168.0/24 maxlen: 24
82.221.170.0/24 maxlen: 24
82.221.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:1e:f3:ab:9f:cd:d7:28:05:bf:97:58:81:4a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 2 17:53:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51abaa90d126334dc77f24740df67ebb854aa62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:45:aa:b9:03:be:74:ee:32:a5:0f:7a:2e:
3f:34:a2:50:44:a1:9a:66:b9:16:13:71:54:84:93:
26:cb:8c:30:d0:a0:ab:7a:36:5e:24:2b:7c:0a:c3:
ac:e4:de:4f:53:65:b5:c7:d6:83:55:43:52:36:fd:
96:8e:be:b2:f3:a9:23:6f:a3:f3:bd:2d:4b:8c:ad:
24:b1:42:c8:20:96:dc:b6:5e:70:19:66:09:1b:96:
68:1c:57:80:f1:eb:f0:14:3c:c8:a8:a3:19:9b:45:
39:09:40:46:da:8e:01:53:14:fd:78:0b:63:3e:89:
a1:0c:18:ce:6e:d3:e2:27:38:1d:29:a9:65:ef:68:
f7:65:cc:58:07:22:54:96:5a:c6:a3:12:5b:e3:52:
16:c6:74:08:5c:b6:2b:d4:65:3a:26:70:d7:ad:ed:
33:d0:16:75:10:f2:a6:ab:b6:f2:ce:77:52:32:b8:
ce:7e:85:31:63:53:3e:df:6e:97:ea:89:ef:dc:4b:
a6:d4:09:0e:02:a7:fe:8f:aa:34:d0:d3:91:46:f4:
6a:15:06:a1:af:c7:06:b2:90:6c:42:2a:00:24:5d:
71:5f:93:84:93:4c:ea:3f:36:a7:67:35:61:85:c4:
83:5a:69:14:39:03:88:5d:2c:43:9b:98:06:2c:49:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AB:AA:90:D1:26:33:4D:C7:7F:24:74:0D:F6:7E:BB:85:4A:A6:2E
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/UauqkNEmM03HfyR0DfZ-u4VKpi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.164.0/24
82.221.166.0-82.221.168.255
82.221.170.0/23
Signature Algorithm: sha256WithRSAEncryption
30:d5:96:8c:80:1c:34:16:45:47:28:f6:f8:e7:9f:de:b7:1d:
78:5c:7f:4d:6e:7d:3c:12:1c:a2:87:b8:20:55:31:d0:e5:ae:
15:93:cd:a0:55:1b:6c:fb:b3:5c:87:07:db:99:89:b3:70:81:
1e:be:39:1c:21:de:d9:45:79:ba:db:1f:72:e1:2e:de:9a:58:
07:e0:d8:a8:63:ed:43:ab:54:23:15:7c:33:4a:5c:f9:d6:a8:
f3:8a:46:53:0e:b4:be:1d:57:14:8c:6a:b7:98:7c:43:dd:cc:
92:7f:50:8c:bd:ed:19:32:97:17:76:95:bc:90:5b:d2:db:40:
02:26:e7:8a:e3:96:73:24:5a:71:79:b1:94:29:4f:e4:ec:eb:
27:1e:39:fa:48:a8:2f:1a:39:5e:3d:a3:b7:c5:08:c6:16:0a:
82:f6:9a:bd:5e:f7:52:b1:42:f7:ae:ff:d3:32:b1:90:95:dd:
8b:3f:b0:d9:83:8c:e1:69:ad:12:85:d0:86:1f:b7:c1:a3:bd:
a5:bd:ed:83:22:66:c7:23:77:9c:a0:90:1a:85:53:45:d0:e6:
b3:77:d6:68:1b:4d:04:eb:f7:66:34:90:9b:8f:59:53:eb:03:
c3:cb:e4:62:78:de:81:61:20:11:93:85:82:49:a4:3b:bb:56:
e6:8b:b6:c7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoJx7zq5/N1ygFv5dYgUpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjUwMTAyMTc1MzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWFiYWE5MGQxMjYzMzRkYzc3ZjI0NzQwZGY2N2ViYjg1NGFhNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOZFqrkDvnTuMqUPei4/NKJQRKGa
ZrkWE3FUhJMmy4ww0KCrejZeJCt8CsOs5N5PU2W1x9aDVUNSNv2Wjr6y86kjb6Pz
vS1LjK0ksULIIJbctl5wGWYJG5ZoHFeA8evwFDzIqKMZm0U5CUBG2o4BUxT9eAtj
PomhDBjObtPiJzgdKall72j3ZcxYByJUllrGoxJb41IWxnQIXLYr1GU6JnDXre0z
0BZ1EPKmq7byzndSMrjOfoUxY1M+326X6onv3Eum1AkOAqf+j6o00NORRvRqFQah
r8cGspBsQioAJF1xX5OEk0zqPzanZzVhhcSDWmkUOQOIXSxDm5gGLEnT8QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFGrqpDRJjNNx38kdA32fruFSqYuMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvVWF1cWtORW1NMDNIZnlSMERmWi11NFZLcGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQHUt0AAwQA
Ut2kMAwDBAFS3aYDBABS3agDBAFS3aowDQYJKoZIhvcNAQELBQADggEBADDVloyA
HDQWRUco9vjnn963HXhcf01ufTwSHKKHuCBVMdDlrhWTzaBVG2z7s1yHB9uZibNw
gR6+ORwh3tlFebrbH3LhLt6aWAfg2Khj7UOrVCMVfDNKXPnWqPOKRlMOtL4dVxSM
areYfEPdzJJ/UIy97Rkylxd2lbyQW9LbQAIm54rjlnMkWnF5sZQpT+Ts6yceOfpI
qC8aOV49o7fFCMYWCoL2mr1e91KxQveu/9MysZCV3Ys/sNmDjOFprRKF0IYft8Gj
vaW97YMiZscjd5ygkBqFU0XQ5rN31mgbTQTr92Y0kJuPWVPrA8PL5GJ43oFhIBGT
hYJJpDu7VuaLtsc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:34:08 2025 by rpki-client