Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/UTJEyA5eoUQbkVsnzE_qVEPp7QI.roa
File: UTJEyA5eoUQbkVsnzE_qVEPp7QI.roa (raw, json)
Hash identifier: QLgDwiA3HQMhzQTCpM1sPvRtSa6KhJD7pUZz4AfYcjY=
Subject key identifier: 51:32:44:C8:0E:5E:A1:44:1B:91:5B:27:CC:4F:EA:54:43:E9:ED:02
Certificate issuer: /CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Certificate serial: 0194282619D4A1CA7D6B92C6819AE5B019D8
Authority key identifier: 3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/UTJEyA5eoUQbkVsnzE_qVEPp7QI.roa
Signing time: Thu 02 Jan 2025 17:52:53 +0000
ROA not before: Thu 02 Jan 2025 17:52:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39257
IP address blocks: 185.146.48.0/22 maxlen: 22
185.191.216.0/22 maxlen: 22
185.221.148.0/22 maxlen: 22
2a0a:2040::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:19:d4:a1:ca:7d:6b:92:c6:81:9a:e5:b0:19:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c87feb4ab9a57765fc0a664572c35032e866ad4
Validity
Not Before: Jan 2 17:52:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=513244c80e5ea1441b915b27cc4fea5443e9ed02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:d9:11:09:55:75:6f:9d:cc:87:0a:53:d2:
5b:08:12:fb:5b:4a:46:3a:2a:1b:f1:ef:ec:7d:e4:
81:c2:f1:55:85:c0:e1:af:48:f6:ba:3c:8e:0e:b5:
86:c7:d9:c9:74:f7:5d:42:d4:90:a6:83:34:1d:52:
46:b3:81:12:1d:99:46:01:60:11:a6:70:e9:c3:82:
ba:a6:41:0f:0f:46:62:80:26:2f:04:45:bb:bf:6f:
af:b0:f3:f0:f9:51:0a:1e:8d:09:23:6a:a8:b5:4e:
9b:4d:fe:c1:55:b3:40:4e:5a:e0:5a:1f:e5:d0:22:
31:e0:0a:1f:5e:37:65:f0:35:fc:5e:0d:31:e7:93:
26:e1:11:8e:9d:ee:05:f3:79:17:e9:15:f1:2f:6f:
05:e1:f9:e3:61:a2:a1:2c:7e:0e:24:43:d9:55:44:
77:32:c8:10:b3:21:02:cc:15:5b:db:ac:65:0c:a3:
f0:45:90:56:44:f2:4b:df:c3:dd:e9:fe:3d:65:28:
20:09:22:05:dd:7f:66:3d:6c:06:1a:0e:b6:78:20:
9d:5f:a3:99:e7:8e:1a:fd:ea:58:a6:ef:65:59:16:
91:61:a2:6c:45:50:34:b1:83:d5:29:6d:0f:b5:9f:
59:7d:fd:ab:22:43:38:00:39:1c:d6:87:90:85:89:
3d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:32:44:C8:0E:5E:A1:44:1B:91:5B:27:CC:4F:EA:54:43:E9:ED:02
X509v3 Authority Key Identifier:
keyid:3C:87:FE:B4:AB:9A:57:76:5F:C0:A6:64:57:2C:35:03:2E:86:6A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/UTJEyA5eoUQbkVsnzE_qVEPp7QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e41a6-d845-4da1-8b34-48fb00fc97b6/1/PIf-tKuaV3ZfwKZkVyw1Ay6GatQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.48.0/22
185.191.216.0/22
185.221.148.0/22
IPv6:
2a0a:2040::/32
Signature Algorithm: sha256WithRSAEncryption
01:f2:27:b7:f0:5e:40:70:ca:1f:ff:54:2b:10:24:cb:40:51:
91:ed:34:e3:3a:a0:7e:2b:da:1a:bc:91:26:5b:1f:be:8b:f3:
f0:78:a3:ec:10:0f:60:b1:4a:c8:8c:69:af:34:da:ad:fa:5d:
ff:fe:ca:e6:75:dd:e3:e8:e7:91:3e:10:8f:b8:dc:ef:b2:b1:
5f:eb:4c:3f:01:6b:c2:47:ec:b4:bc:41:96:9e:38:f3:ef:95:
ad:4c:34:8e:37:40:86:f8:7c:ac:d7:e4:bc:82:33:0e:6f:b4:
38:6f:35:1d:5e:45:4c:b1:14:07:ff:17:a5:93:62:82:f0:e1:
e4:37:c3:e1:f8:95:c4:49:3d:1a:05:79:a6:64:d2:2b:ea:36:
f6:67:54:b1:ec:22:97:5d:a6:01:4f:c7:b0:3e:9f:a3:ba:76:
d7:29:65:75:3e:83:ee:33:79:6b:ae:39:76:5b:64:31:28:e1:
da:5f:14:11:d6:ad:3d:a6:78:d1:b8:09:da:f3:a7:bf:0c:93:
19:9a:bb:d5:aa:f2:4b:a7:ba:42:5a:2d:cc:67:9d:51:a1:e9:
1f:a6:8f:14:b9:ab:8b:92:d0:31:82:07:dc:a1:e9:7d:5b:86:
d7:a8:ac:24:b8:c8:9b:31:c6:0b:e6:bf:3b:1e:12:8f:ce:a4:
c3:0d:aa:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQoJhnUocp9a5LGgZrlsBnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODdmZWI0YWI5YTU3NzY1ZmMwYTY2NDU3MmMzNTAzMmU4
NjZhZDQwHhcNMjUwMTAyMTc1MjUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTMyNDRjODBlNWVhMTQ0MWI5MTViMjdjYzRmZWE1NDQzZTllZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgXZEQlVdW+dzIcKU9JbCBL7W0pG
Oiob8e/sfeSBwvFVhcDhr0j2ujyODrWGx9nJdPddQtSQpoM0HVJGs4ESHZlGAWAR
pnDpw4K6pkEPD0ZigCYvBEW7v2+vsPPw+VEKHo0JI2qotU6bTf7BVbNATlrgWh/l
0CIx4AofXjdl8DX8Xg0x55Mm4RGOne4F83kX6RXxL28F4fnjYaKhLH4OJEPZVUR3
MsgQsyECzBVb26xlDKPwRZBWRPJL38Pd6f49ZSggCSIF3X9mPWwGGg62eCCdX6OZ
544a/epYpu9lWRaRYaJsRVA0sYPVKW0PtZ9Zff2rIkM4ADkc1oeQhYk9EQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFEyRMgOXqFEG5FbJ8xP6lRD6e0CMB8GA1UdIwQY
MBaAFDyH/rSrmld2X8CmZFcsNQMuhmrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQt
NDhmYjAwZmM5N2I2LzEvVVRKRXlBNWVvVVFia1ZzbnpFX3FWRVBwN1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTQxYTYtZDg0NS00ZGExLThiMzQtNDhmYjAwZmM5N2I2
LzEvUElmLXRLdWFWM1pmd0taa1Z5dzFBeTZHYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZIwAwQC
ub/YAwQCud2UMA0EAgACMAcDBQAqCiBAMA0GCSqGSIb3DQEBCwUAA4IBAQAB8ie3
8F5AcMof/1QrECTLQFGR7TTjOqB+K9oavJEmWx++i/PweKPsEA9gsUrIjGmvNNqt
+l3//srmdd3j6OeRPhCPuNzvsrFf60w/AWvCR+y0vEGWnjjz75WtTDSON0CG+Hys
1+S8gjMOb7Q4bzUdXkVMsRQH/xelk2KC8OHkN8Ph+JXEST0aBXmmZNIr6jb2Z1Sx
7CKXXaYBT8ewPp+junbXKWV1PoPuM3lrrjl2W2QxKOHaXxQR1q09pnjRuAna86e/
DJMZmrvVqvJLp7pCWi3MZ51Roekfpo8UuauLktAxggfcoel9W4bXqKwkuMibMcYL
5r87HhKPzqTDDapl
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:13:44 2025 by rpki-client