Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/UAQm7jU6nDSVucMAlC1X0pfHRUs.roa
File: UAQm7jU6nDSVucMAlC1X0pfHRUs.roa (raw, json)
Hash identifier: qJmBvsfQcgPtn4g45ZRr7HOE4GEEsPooJ0gWKQfqnik=
Subject key identifier: 50:04:26:EE:35:3A:9C:34:95:B9:C3:00:94:2D:57:D2:97:C7:45:4B
Certificate issuer: /CN=84b87af5334c5c45141b6675a9ed46e57b7976ac
Certificate serial: 0194274862A0258FB9E3D3D6194D57BE917F
Authority key identifier: 84:B8:7A:F5:33:4C:5C:45:14:1B:66:75:A9:ED:46:E5:7B:79:76:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/UAQm7jU6nDSVucMAlC1X0pfHRUs.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197696
IP address blocks: 31.170.8.0/21 maxlen: 21
31.170.8.0/22 maxlen: 22
31.170.13.0/24 maxlen: 24
185.236.224.0/22 maxlen: 22
185.236.224.0/24 maxlen: 24
185.236.224.1/32 maxlen: 32
185.236.224.2/32 maxlen: 32
185.236.226.0/23 maxlen: 23
2a01:9500::/32 maxlen: 32
2a01:9500::/42 maxlen: 42
2a01:9500:80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:62:a0:25:8f:b9:e3:d3:d6:19:4d:57:be:91:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b87af5334c5c45141b6675a9ed46e57b7976ac
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=500426ee353a9c3495b9c300942d57d297c7454b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:06:94:24:ac:cd:44:92:51:04:f6:d8:0e:
6c:c7:aa:60:f7:5b:97:8d:0c:31:d5:70:8d:03:19:
7d:da:2a:ea:c2:53:35:9b:96:16:38:f7:12:53:a8:
d7:c6:9b:3f:68:7d:b8:66:2a:8e:95:1b:cb:55:80:
a6:7b:4b:1a:9f:c6:90:2b:16:e6:2b:94:56:33:52:
f9:f4:a5:b2:50:43:49:94:3c:33:1b:96:dc:be:e3:
3d:4b:e2:5d:99:6e:9a:9d:16:67:1f:32:ee:d5:bd:
c5:33:2c:e5:76:d2:44:af:2b:48:b0:bf:03:dc:55:
2a:7b:11:8e:1b:ba:5d:aa:57:2d:9f:ff:9a:29:bc:
e7:93:cb:09:6e:29:a0:44:93:5b:ec:25:80:4a:43:
38:c4:d3:0f:6f:f2:04:9f:1a:52:c9:5e:18:5b:ec:
8a:a9:72:a0:23:44:5d:9c:68:2c:21:8e:63:87:f9:
e1:7b:86:22:4e:75:8b:0d:b0:c5:8d:dc:00:93:48:
7e:39:91:da:76:12:32:54:d3:39:e0:66:57:66:ae:
2c:fa:f8:66:58:65:55:59:0a:1b:a3:6c:74:80:35:
00:8a:b7:cc:83:a8:dc:7e:bb:4e:e1:d5:f5:c2:95:
98:ab:da:1c:3a:3d:14:26:56:bb:59:12:b8:cb:f2:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:04:26:EE:35:3A:9C:34:95:B9:C3:00:94:2D:57:D2:97:C7:45:4B
X509v3 Authority Key Identifier:
keyid:84:B8:7A:F5:33:4C:5C:45:14:1B:66:75:A9:ED:46:E5:7B:79:76:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/UAQm7jU6nDSVucMAlC1X0pfHRUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.8.0/21
185.236.224.0/22
IPv6:
2a01:9500::/32
Signature Algorithm: sha256WithRSAEncryption
45:bf:c8:6e:9c:de:65:aa:e5:7c:ff:ef:cc:93:be:f5:ef:75:
5d:90:be:f8:ff:fa:8f:a8:db:ed:c4:5d:33:ee:29:19:d9:82:
9a:9c:e7:ad:b0:dd:39:ac:6c:72:0e:71:7e:8c:7e:4d:ac:97:
1b:4d:3d:38:e6:12:2b:07:43:96:bc:90:4a:0c:45:67:fe:20:
66:42:61:49:59:72:5a:ed:21:0e:93:2b:cd:12:08:15:f2:b4:
cf:6e:17:cf:53:4d:87:3c:a9:a7:48:5b:d9:c0:bc:a6:6a:10:
02:6c:f4:bf:5f:d2:d6:5f:da:20:fc:76:14:95:62:d3:21:c2:
2d:58:b1:d0:86:cc:ae:11:90:61:8d:30:db:a2:19:b3:af:17:
dd:a3:fb:45:5d:e5:e0:db:6a:d6:45:71:a7:da:ed:4a:9b:dd:
0f:97:f5:a9:71:e1:47:d0:1b:06:29:e3:29:85:cb:43:5f:e4:
c0:36:10:bf:03:55:3b:cc:63:f4:67:db:94:0c:88:3f:0c:0b:
1d:40:ac:98:f1:f6:5b:cf:9b:6e:0e:48:e8:6e:79:80:85:8c:
c0:48:65:d3:06:66:a5:cb:91:aa:4f:58:47:7e:d1:63:fd:d2:
46:c3:28:e6:60:c7:75:08:60:31:50:ec:60:4d:71:14:1c:1a:
22:2b:cb:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSGKgJY+549PWGU1XvpF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0Yjg3YWY1MzM0YzVjNDUxNDFiNjY3NWE5ZWQ0NmU1N2I3
OTc2YWMwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDA0MjZlZTM1M2E5YzM0OTViOWMzMDA5NDJkNTdkMjk3Yzc0NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5oGlCSszUSSUQT22A5sx6pg91uX
jQwx1XCNAxl92irqwlM1m5YWOPcSU6jXxps/aH24ZiqOlRvLVYCme0san8aQKxbm
K5RWM1L59KWyUENJlDwzG5bcvuM9S+JdmW6anRZnHzLu1b3FMyzldtJErytIsL8D
3FUqexGOG7pdqlctn/+aKbznk8sJbimgRJNb7CWASkM4xNMPb/IEnxpSyV4YW+yK
qXKgI0RdnGgsIY5jh/nhe4YiTnWLDbDFjdwAk0h+OZHadhIyVNM54GZXZq4s+vhm
WGVVWQobo2x0gDUAirfMg6jcfrtO4dX1wpWYq9ocOj0UJla7WRK4y/JncQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFAEJu41Opw0lbnDAJQtV9KXx0VLMB8GA1UdIwQY
MBaAFIS4evUzTFxFFBtmdantRuV7eXasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExoNjlUTk1YRVVVRzJaMXFlMUc1WHQ1ZHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iN2JhYzMtZjYyZC00MTQyLWFmM2Mt
MmU5ODRmYmZmOGIxLzEvVUFRbTdqVTZuRFNWdWNNQWxDMVgwcGZIUlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iN2JhYzMtZjYyZC00MTQyLWFmM2MtMmU5ODRmYmZmOGIx
LzEvaExoNjlUTk1YRVVVRzJaMXFlMUc1WHQ1ZHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDH6oIAwQC
uezgMA0EAgACMAcDBQAqAZUAMA0GCSqGSIb3DQEBCwUAA4IBAQBFv8hunN5lquV8
/+/Mk77173VdkL74//qPqNvtxF0z7ikZ2YKanOetsN05rGxyDnF+jH5NrJcbTT04
5hIrB0OWvJBKDEVn/iBmQmFJWXJa7SEOkyvNEggV8rTPbhfPU02HPKmnSFvZwLym
ahACbPS/X9LWX9og/HYUlWLTIcItWLHQhsyuEZBhjTDbohmzrxfdo/tFXeXg22rW
RXGn2u1Km90Pl/WpceFH0BsGKeMphctDX+TANhC/A1U7zGP0Z9uUDIg/DAsdQKyY
8fZbz5tuDkjobnmAhYzASGXTBmaly5GqT1hHftFj/dJGwyjmYMd1CGAxUOxgTXEU
HBoiK8t8
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:13:17 2025 by rpki-client