Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/uXuzZdEmcXhnurqd_jWF8YOUHrw.roa
File: uXuzZdEmcXhnurqd_jWF8YOUHrw.roa (raw, json)
Hash identifier: 0tKKSAqCxTZYYBM2R7eXZ3g3GCiHz3+8Vn0Oldh70rU=
Subject key identifier: B9:7B:B3:65:D1:26:71:78:67:BA:BA:9D:FE:35:85:F1:83:94:1E:BC
Certificate issuer: /CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Certificate serial: 019420D5BF24CA1D818795F4EBCDD1706CD2
Authority key identifier: 8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/uXuzZdEmcXhnurqd_jWF8YOUHrw.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204356
IP address blocks: 185.252.100.0/24 maxlen: 24
185.252.101.0/24 maxlen: 24
185.252.102.0/24 maxlen: 24
185.252.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bf:24:ca:1d:81:87:95:f4:eb:cd:d1:70:6c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b97bb365d126717867baba9dfe3585f183941ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:ad:e7:f4:b1:17:d7:66:05:b1:53:86:78:
9b:91:0a:fe:32:b3:58:4b:e2:c8:98:c9:da:52:b9:
f2:92:52:34:1e:05:bb:14:97:10:ca:45:7a:8b:6f:
a1:a2:d3:19:6a:98:27:a6:60:88:a6:93:a5:28:ce:
8d:db:63:cb:44:ef:c4:23:06:b9:3c:d7:9a:b5:83:
06:bb:f2:81:59:78:bb:6a:0d:c1:48:cb:34:55:5f:
66:e1:b5:2c:a4:7c:9c:fa:6b:5d:83:9d:f7:4e:00:
33:90:a3:8b:16:82:bd:22:d9:f4:26:68:4a:13:fa:
c1:af:60:f2:8a:7f:e9:90:1a:b4:e2:43:13:5e:63:
4f:49:52:83:3b:3a:3a:05:cf:52:73:6e:a3:89:f1:
00:b7:b5:9f:1b:af:31:34:c7:7c:13:ac:ba:a6:e9:
10:b2:c2:2b:c7:69:09:55:fb:57:c2:92:b6:72:a1:
ed:dd:2a:30:20:a6:61:1e:70:92:4b:ab:88:9a:8e:
d8:d1:09:45:28:6b:3b:6f:3f:e3:19:65:17:9b:43:
ed:b0:a6:f3:08:3f:17:50:e8:6e:30:96:c2:97:45:
17:49:73:41:1e:56:b8:e1:f6:5c:9d:29:fd:99:ac:
c7:6e:21:0b:58:0a:e2:48:b8:78:db:6a:4a:81:6d:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7B:B3:65:D1:26:71:78:67:BA:BA:9D:FE:35:85:F1:83:94:1E:BC
X509v3 Authority Key Identifier:
keyid:8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/uXuzZdEmcXhnurqd_jWF8YOUHrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/i96i1KsTgPCjt_59T6eCjhyUNVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e3:03:03:0f:f8:2f:d6:3b:6d:e8:f0:e3:99:4f:aa:bf:a1:
70:37:93:92:b4:22:64:80:68:8d:dc:b1:2c:ab:d2:e5:bb:59:
0a:56:ba:d7:78:1e:eb:1b:4f:94:94:54:07:ce:ae:ea:6b:d0:
f9:d6:c6:cc:f6:96:c1:06:4f:1f:fa:17:b4:3c:76:7f:49:33:
de:84:bf:63:44:94:fb:2f:d6:43:7f:e3:1e:06:0b:0d:ed:30:
89:30:31:5e:1c:08:e4:d8:4b:d0:00:ab:42:3a:b7:d8:9f:98:
51:aa:a3:94:bf:54:b7:cf:63:77:40:ac:2c:c2:62:80:43:86:
0e:aa:aa:a6:f1:a2:f9:f3:42:47:b7:7d:ef:a6:98:af:1e:8d:
8c:cd:e5:2c:88:49:b6:c6:48:f4:2f:4b:9d:55:66:9d:f3:65:
5b:d2:aa:96:ad:31:70:3d:a2:a1:b9:5a:f1:d3:86:21:8e:81:
76:c1:1f:51:ad:ff:d3:4d:21:cc:bb:5f:20:b8:52:33:b0:c3:
89:b4:9d:96:52:4a:49:29:f1:7a:f9:2a:99:3a:c3:ab:80:d1:
bc:0f:8d:c3:fc:48:73:54:2a:28:77:5d:c5:70:d4:fe:a2:0a:
7f:e4:4e:1b:f8:73:c4:c0:fe:98:70:18:c9:63:81:9f:c6:a9:
09:d8:3f:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1b8kyh2Bh5X0683RcGzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGVhMmQ0YWIxMzgwZjBhM2I3ZmU3ZDRmYTc4MjhlMWM5
NDM1NTgwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdiYjM2NWQxMjY3MTc4NjdiYWJhOWRmZTM1ODVmMTgzOTQxZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYKt5/SxF9dmBbFThnibkQr+MrNY
S+LImMnaUrnyklI0HgW7FJcQykV6i2+hotMZapgnpmCIppOlKM6N22PLRO/EIwa5
PNeatYMGu/KBWXi7ag3BSMs0VV9m4bUspHyc+mtdg533TgAzkKOLFoK9Itn0JmhK
E/rBr2Dyin/pkBq04kMTXmNPSVKDOzo6Bc9Sc26jifEAt7WfG68xNMd8E6y6pukQ
ssIrx2kJVftXwpK2cqHt3SowIKZhHnCSS6uImo7Y0QlFKGs7bz/jGWUXm0PtsKbz
CD8XUOhuMJbCl0UXSXNBHla44fZcnSn9mazHbiELWAriSLh422pKgW0Y8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLl7s2XRJnF4Z7q6nf41hfGDlB68MB8GA1UdIwQY
MBaAFIveotSrE4Dwo7f+fU+ngo4clDVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQt
MWUzMjZkZWJhNGQwLzEvdVh1elpkRW1jWGhudXJxZF9qV0Y4WU9VSHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQtMWUzMjZkZWJhNGQw
LzEvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufxkMA0G
CSqGSIb3DQEBCwUAA4IBAQAd4wMDD/gv1jtt6PDjmU+qv6FwN5OStCJkgGiN3LEs
q9Llu1kKVrrXeB7rG0+UlFQHzq7qa9D51sbM9pbBBk8f+he0PHZ/STPehL9jRJT7
L9ZDf+MeBgsN7TCJMDFeHAjk2EvQAKtCOrfYn5hRqqOUv1S3z2N3QKwswmKAQ4YO
qqqm8aL580JHt33vppivHo2MzeUsiEm2xkj0L0udVWad82Vb0qqWrTFwPaKhuVrx
04YhjoF2wR9Rrf/TTSHMu18guFIzsMOJtJ2WUkpJKfF6+SqZOsOrgNG8D43D/Ehz
VCood13FcNT+ogp/5E4b+HPEwP6YcBjJY4GfxqkJ2D8r
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:51 2025 by rpki-client