Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/um3HBZkaueSxb2_7foyvqiLtq1o.roa
File: um3HBZkaueSxb2_7foyvqiLtq1o.roa (raw, json)
Hash identifier: ldqFzPeRJ5eKPCRvhriUNm3ZQxrok0WxTabyy5e+vUE=
Subject key identifier: BA:6D:C7:05:99:1A:B9:E4:B1:6F:6F:FB:7E:8C:AF:AA:22:ED:AB:5A
Certificate issuer: /CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
Certificate serial: 0194266BC1B0A84D0E9712011E579D90643A
Authority key identifier: C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/um3HBZkaueSxb2_7foyvqiLtq1o.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29156
IP address blocks: 147.29.0.0/17 maxlen: 17
147.29.128.0/20 maxlen: 20
147.29.144.0/22 maxlen: 22
147.29.148.0/23 maxlen: 23
147.29.152.0/21 maxlen: 21
147.29.160.0/19 maxlen: 19
147.29.192.0/18 maxlen: 18
152.95.0.0/16 maxlen: 16
2a01:5440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c1:b0:a8:4d:0e:97:12:01:1e:57:9d:90:64:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c62d7cac1ffb2c3fbde284625bf1af4c6bae6b0e
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6dc705991ab9e4b16f6ffb7e8cafaa22edab5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cf:02:a7:ef:e5:f9:ee:13:fd:15:d7:6f:03:
bd:87:58:03:f3:45:ef:09:16:8d:4c:03:2e:84:0a:
a8:3c:11:dc:0f:1e:57:d1:a0:a1:dc:89:69:2f:05:
36:a3:5c:dc:64:ce:0e:d5:39:7e:fc:47:27:3a:56:
34:75:31:36:e9:77:ff:c1:97:e0:f1:1d:d7:31:ad:
8e:ab:b9:55:67:10:2a:06:24:ed:05:ba:b0:8c:7f:
08:c4:55:64:d9:75:0d:5f:81:2e:f2:e5:09:69:85:
98:25:e0:7f:ea:f9:93:b1:20:ae:ed:7a:9a:3e:72:
42:c8:71:19:50:c2:ca:9a:db:67:f9:73:b1:7d:21:
2b:7c:04:3b:63:04:6a:e5:1f:04:60:c0:02:62:77:
dc:29:8c:1b:5c:a6:63:cc:44:7a:f6:01:e1:62:f0:
ab:61:4b:3c:30:61:14:07:31:94:b3:f6:e5:f5:e7:
6c:9c:8a:5a:db:41:08:e8:df:31:01:26:47:f8:43:
4b:bd:5c:e8:e3:19:55:f0:e7:78:8b:64:05:88:17:
a8:7a:99:8e:a2:73:0b:f5:ac:e2:4e:aa:1e:4f:e2:
28:80:d2:e6:49:5b:96:45:65:20:ba:11:b8:fa:18:
91:57:60:05:40:08:9c:53:e4:34:c6:18:ee:ad:0f:
d5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6D:C7:05:99:1A:B9:E4:B1:6F:6F:FB:7E:8C:AF:AA:22:ED:AB:5A
X509v3 Authority Key Identifier:
keyid:C6:2D:7C:AC:1F:FB:2C:3F:BD:E2:84:62:5B:F1:AF:4C:6B:AE:6B:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xi18rB_7LD-94oRiW_GvTGuuaw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/um3HBZkaueSxb2_7foyvqiLtq1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6cd5fc-60cc-45de-bd8a-1544b44d59ca/1/xi18rB_7LD-94oRiW_GvTGuuaw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.29.0.0-147.29.149.255
147.29.152.0-147.29.255.255
152.95.0.0/16
IPv6:
2a01:5440::/32
Signature Algorithm: sha256WithRSAEncryption
b4:64:a3:af:31:86:f7:e5:24:4d:79:53:79:85:82:47:6c:24:
ab:8a:9d:32:98:76:0c:90:8c:4a:98:b9:6e:99:ca:9b:52:46:
91:85:cb:ce:3d:08:77:9b:ce:59:f6:fe:d4:4d:b6:37:dc:dc:
6f:17:2c:0e:d3:0a:f4:0e:a6:1b:b4:bf:9b:06:50:96:5b:ee:
b5:17:ac:33:90:7e:28:1e:46:f5:6c:d3:0a:e0:ae:9c:b0:53:
49:ed:61:e1:97:86:15:18:d7:75:1e:20:17:7c:72:a7:a2:b3:
2d:cd:0d:30:09:f2:fc:99:9c:41:9a:ff:d7:c8:20:4e:31:b7:
54:9c:d3:ac:4a:9f:36:b9:8b:27:85:c3:42:b3:7c:5a:6a:e2:
6e:83:88:15:65:c6:a0:7e:f1:45:61:08:13:3e:6b:e2:89:00:
07:82:1c:4a:4d:89:4d:04:6e:46:09:db:6b:3c:75:21:a4:39:
06:fa:40:b9:8f:25:90:05:dd:dd:d7:8b:6e:90:85:7f:a2:06:
0f:ac:8e:9f:f9:eb:e8:4d:07:88:46:78:f3:e5:b7:51:b6:57:
75:ba:dc:28:f6:2f:1f:f7:b3:be:e1:27:2d:79:03:3d:aa:7c:
b1:64:d3:08:ad:89:e0:81:c5:37:4b:21:f0:97:54:af:c0:a7:
ab:b9:cf:35
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQma8GwqE0OlxIBHledkGQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MmQ3Y2FjMWZmYjJjM2ZiZGUyODQ2MjViZjFhZjRjNmJh
ZTZiMGUwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZkYzcwNTk5MWFiOWU0YjE2ZjZmZmI3ZThjYWZhYTIyZWRhYjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs8Cp+/l+e4T/RXXbwO9h1gD80Xv
CRaNTAMuhAqoPBHcDx5X0aCh3IlpLwU2o1zcZM4O1Tl+/EcnOlY0dTE26Xf/wZfg
8R3XMa2Oq7lVZxAqBiTtBbqwjH8IxFVk2XUNX4Eu8uUJaYWYJeB/6vmTsSCu7Xqa
PnJCyHEZUMLKmttn+XOxfSErfAQ7YwRq5R8EYMACYnfcKYwbXKZjzER69gHhYvCr
YUs8MGEUBzGUs/bl9edsnIpa20EI6N8xASZH+ENLvVzo4xlV8Od4i2QFiBeoepmO
onML9aziTqoeT+IogNLmSVuWRWUguhG4+hiRV2AFQAicU+Q0xhjurQ/V0QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLptxwWZGrnksW9v+36Mr6oi7ataMB8GA1UdIwQY
MBaAFMYtfKwf+yw/veKEYlvxr0xrrmsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEt
MTU0NGI0NGQ1OWNhLzEvdW0zSEJaa2F1ZVN4YjJfN2ZveXZxaUx0cTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82Y2Q1ZmMtNjBjYy00NWRlLWJkOGEtMTU0NGI0NGQ1OWNh
LzEveGkxOHJCXzdMRC05NG9SaVdfR3ZUR3V1YXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfMAsDAwCTHQME
AZMdlDALAwQDkx2YAwMBkxwDAwCYXzANBAIAAjAHAwUAKgFUQDANBgkqhkiG9w0B
AQsFAAOCAQEAtGSjrzGG9+UkTXlTeYWCR2wkq4qdMph2DJCMSpi5bpnKm1JGkYXL
zj0Id5vOWfb+1E22N9zcbxcsDtMK9A6mG7S/mwZQllvutResM5B+KB5G9WzTCuCu
nLBTSe1h4ZeGFRjXdR4gF3xyp6KzLc0NMAny/JmcQZr/18ggTjG3VJzTrEqfNrmL
J4XDQrN8WmriboOIFWXGoH7xRWEIEz5r4okAB4IcSk2JTQRuRgnbazx1IaQ5BvpA
uY8lkAXd3deLbpCFf6IGD6yOn/nr6E0HiEZ48+W3UbZXdbrcKPYvH/ezvuEnLXkD
Pap8sWTTCK2J4IHFN0sh8JdUr8Cnq7nPNQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:15 2025 by rpki-client