Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/UkowmR7j8dX0saZm2LcqRKWc1As.roa
File: UkowmR7j8dX0saZm2LcqRKWc1As.roa (raw, json)
Hash identifier: GBF5K+d4pg2yE1Y/OoUy9KgNyBcuaLjAQkgdpqJHVgo=
Subject key identifier: 52:4A:30:99:1E:E3:F1:D5:F4:B1:A6:66:D8:B7:2A:44:A5:9C:D4:0B
Certificate issuer: /CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Certificate serial: 019421B1F1EE0A3A744D05C6D6CE655905EB
Authority key identifier: C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/UkowmR7j8dX0saZm2LcqRKWc1As.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208569
IP address blocks: 45.128.8.0/22 maxlen: 22
45.128.8.0/24 maxlen: 24
45.128.9.0/24 maxlen: 24
45.128.10.0/24 maxlen: 24
45.128.11.0/24 maxlen: 24
2a0e:3b40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f1:ee:0a:3a:74:4d:05:c6:d6:ce:65:59:05:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=524a30991ee3f1d5f4b1a666d8b72a44a59cd40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:97:ac:0b:19:d1:76:4e:a2:9d:7e:ab:d5:8c:
5a:a4:8f:a3:e5:3a:aa:d7:a5:ad:b1:c0:04:a9:71:
27:56:23:35:a6:c7:9b:30:78:e1:97:ac:d4:b5:68:
fb:d5:7a:bc:6e:8c:6f:6e:0a:f8:13:d3:61:d1:d9:
31:7b:c7:13:05:d2:89:b7:58:1e:25:d6:2e:9f:f6:
d5:f5:61:c9:dc:58:a9:08:18:6c:cb:8d:b0:b6:1d:
a2:98:08:b0:6f:35:ab:bb:e0:5a:98:92:c0:94:94:
a2:c7:34:a8:71:b2:d5:d1:33:07:4f:ee:5d:7b:ef:
ab:ca:52:0a:5c:de:d4:f0:35:ee:4a:6b:3e:8e:96:
50:01:a9:05:f8:ed:65:7f:a5:c5:7c:5c:d9:20:2d:
85:57:86:1e:e5:f4:b3:3f:81:5c:fd:1c:d3:ad:8d:
ac:89:a6:dc:19:78:51:26:bc:9e:7b:1a:31:9f:4f:
05:fe:28:3c:0a:58:c2:d1:4e:02:30:00:94:f6:2b:
4e:7e:7a:ce:41:08:83:f2:d4:f3:92:4d:ea:ab:af:
c8:0b:56:0f:79:f0:f2:0e:fe:38:48:be:c6:68:a2:
b3:62:18:08:2d:1e:65:41:94:8c:95:fe:ad:c0:ec:
0e:cd:a9:48:54:65:55:a8:14:f3:1d:75:91:6a:8f:
dc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4A:30:99:1E:E3:F1:D5:F4:B1:A6:66:D8:B7:2A:44:A5:9C:D4:0B
X509v3 Authority Key Identifier:
keyid:C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/UkowmR7j8dX0saZm2LcqRKWc1As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/w4Me3AugfH40q6cBw1c9jnKvGP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.8.0/22
IPv6:
2a0e:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
76:1c:70:3b:39:68:80:a9:1f:38:7b:28:d2:c8:56:64:a0:21:
b5:8a:fc:b5:e5:cd:c0:ee:8e:ee:be:1a:c1:b8:01:49:69:91:
c2:13:1d:4a:24:67:39:d0:ad:2e:03:f5:8c:51:4b:54:31:15:
dd:71:f9:a1:ac:1a:6a:71:b3:3b:ce:8e:4e:e1:0d:aa:24:23:
a9:38:f5:e3:27:57:59:a7:b7:18:f6:1d:11:b0:d5:53:6a:ea:
af:83:d5:db:7f:44:59:ae:42:8d:b3:bc:68:a9:dc:b5:d0:8c:
a9:e6:e5:b1:c0:65:42:47:72:ae:db:81:35:a3:72:81:73:9c:
15:bc:d1:48:76:07:ee:66:1a:db:9f:07:ab:b4:e3:e4:5f:c5:
eb:f5:1a:b7:f5:bf:60:cc:a1:2d:dc:77:53:f9:46:d1:88:bc:
5f:63:da:4e:2f:56:c2:ce:dc:07:c3:7c:6f:22:9c:8c:9f:f7:
13:d2:5a:da:d7:6d:a3:70:5c:55:56:ba:de:5b:f8:c0:f3:46:
43:ce:96:78:82:d8:14:b0:3d:4e:3b:42:59:05:71:30:96:39:
eb:52:54:05:43:08:ab:21:0c:f5:bf:8a:e9:d8:b9:89:aa:ac:
d3:d0:22:7d:c8:da:0e:fb:09:74:04:71:84:2c:82:68:85:9a:
46:cc:a8:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsfHuCjp0TQXG1s5lWQXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODMxZWRjMGJhMDdjN2UzNGFiYTcwMWMzNTczZDhlNzJh
ZjE4ZmUwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRhMzA5OTFlZTNmMWQ1ZjRiMWE2NjZkOGI3MmE0NGE1OWNkNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupesCxnRdk6inX6r1YxapI+j5Tqq
16WtscAEqXEnViM1psebMHjhl6zUtWj71Xq8boxvbgr4E9Nh0dkxe8cTBdKJt1ge
JdYun/bV9WHJ3FipCBhsy42wth2imAiwbzWru+BamJLAlJSixzSocbLV0TMHT+5d
e++rylIKXN7U8DXuSms+jpZQAakF+O1lf6XFfFzZIC2FV4Ye5fSzP4Fc/RzTrY2s
iabcGXhRJryeexoxn08F/ig8CljC0U4CMACU9itOfnrOQQiD8tTzkk3qq6/IC1YP
efDyDv44SL7GaKKzYhgILR5lQZSMlf6twOwOzalIVGVVqBTzHXWRao/cHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFJKMJke4/HV9LGmZti3KkSlnNQLMB8GA1UdIwQY
MBaAFMODHtwLoHx+NKunAcNXPY5yrxj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRNZTNBdWdmSDQwcTZjQncxYzlqbkt2R1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83ZjEyNzUtMTJmYy00Mzk3LTllM2It
ZWRmNmNhZDEyNDlkLzEvVWtvd21SN2o4ZFgwc2FabTJMY3FSS1djMUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83ZjEyNzUtMTJmYy00Mzk3LTllM2ItZWRmNmNhZDEyNDlk
LzEvdzRNZTNBdWdmSDQwcTZjQncxYzlqbkt2R1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYAIMA0E
AgACMAcDBQMqDjtAMA0GCSqGSIb3DQEBCwUAA4IBAQB2HHA7OWiAqR84eyjSyFZk
oCG1ivy15c3A7o7uvhrBuAFJaZHCEx1KJGc50K0uA/WMUUtUMRXdcfmhrBpqcbM7
zo5O4Q2qJCOpOPXjJ1dZp7cY9h0RsNVTauqvg9Xbf0RZrkKNs7xoqdy10Iyp5uWx
wGVCR3Ku24E1o3KBc5wVvNFIdgfuZhrbnwertOPkX8Xr9Rq39b9gzKEt3HdT+UbR
iLxfY9pOL1bCztwHw3xvIpyMn/cT0lra122jcFxVVrreW/jA80ZDzpZ4gtgUsD1O
O0JZBXEwljnrUlQFQwirIQz1v4rp2LmJqqzT0CJ9yNoO+wl0BHGELIJohZpGzKjz
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:01:38 2025 by rpki-client