Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/um_x7j6zVmhOP4mF-URUgPyGQ3E.roa
File: um_x7j6zVmhOP4mF-URUgPyGQ3E.roa (raw, json)
Hash identifier: wUkyiUgLCwXSzxn/Wm+Q/r/1YAgpYiWS11qqDTfEJoY=
Subject key identifier: BA:6F:F1:EE:3E:B3:56:68:4E:3F:89:85:F9:44:54:80:FC:86:43:71
Certificate issuer: /CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Certificate serial: 01942144635B7254B7860757BAE877A37973
Authority key identifier: B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/um_x7j6zVmhOP4mF-URUgPyGQ3E.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202377
IP address blocks: 185.255.140.0/22 maxlen: 22
185.255.140.0/24 maxlen: 24
185.255.141.0/24 maxlen: 24
185.255.142.0/23 maxlen: 23
2a0c:6540::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:63:5b:72:54:b7:86:07:57:ba:e8:77:a3:79:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6ff1ee3eb356684e3f8985f9445480fc864371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:95:ce:23:f6:c7:32:4c:88:f3:97:34:37:47:
c7:bc:f2:0d:0c:f2:da:44:74:d8:1a:55:3a:9d:47:
1a:09:26:65:17:02:d9:29:68:a3:33:94:81:40:81:
f7:20:98:28:20:a1:86:8e:ce:80:a8:f1:23:91:21:
8d:0c:85:41:30:5d:86:3c:21:4c:35:78:70:34:ba:
2c:8a:ec:f5:6d:1f:53:ca:b7:ea:dd:13:64:81:ed:
87:cc:f8:6e:c9:b7:f3:06:5e:a4:ee:56:91:a1:21:
43:e1:89:53:b0:97:26:58:1b:25:fc:e2:23:65:7b:
e4:6b:c4:b8:e1:00:3b:22:4e:fb:b8:52:ad:5c:63:
32:95:6f:42:8d:6c:dd:c0:82:b8:d4:03:7b:0b:b7:
f7:d1:79:d5:89:ee:d5:3a:0f:7e:cf:20:39:4d:09:
97:9b:3a:3f:43:a9:3c:9f:ed:23:0f:e1:05:cb:c0:
8f:f6:bc:35:b9:4f:2a:95:d4:16:fa:e1:7b:9b:c5:
2d:69:08:42:f8:52:f7:f8:9b:78:f8:f5:ef:32:c1:
3a:4e:28:09:55:9a:ea:3e:a8:f7:f3:1e:9c:1a:93:
74:a9:71:21:45:06:6d:2e:d8:93:2e:17:7b:00:a7:
e5:e4:3c:15:51:41:98:e5:89:4f:1f:1e:f4:37:f8:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6F:F1:EE:3E:B3:56:68:4E:3F:89:85:F9:44:54:80:FC:86:43:71
X509v3 Authority Key Identifier:
keyid:B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/um_x7j6zVmhOP4mF-URUgPyGQ3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/uBsD4ih1uwcLG3xY6touS7Gqvn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.140.0/22
IPv6:
2a0c:6540::/32
Signature Algorithm: sha256WithRSAEncryption
b2:12:fc:61:1d:cd:db:9a:6b:20:cc:31:15:c8:46:74:8f:70:
36:1a:bb:bf:39:0e:ff:15:95:15:ca:d7:d4:3f:77:aa:93:a0:
0e:2e:98:98:0a:07:6d:c6:c7:f4:73:f6:8a:7a:32:17:52:cf:
bd:22:72:11:e5:01:b0:da:5d:f7:a1:e0:95:ef:3c:39:51:a6:
d7:b4:f0:dc:3d:75:c4:22:bb:04:17:d4:19:e5:cb:39:4d:99:
3d:a7:49:0e:e2:fd:a9:a5:44:cb:7c:21:43:21:9b:cc:51:f8:
ce:49:2c:d9:3f:ef:fa:f2:2f:8f:49:4b:59:0a:4a:d1:3e:a6:
73:9d:75:a5:d9:30:81:ad:b8:ff:a6:5d:60:1a:8e:92:d1:e2:
50:79:7f:81:0a:b2:ae:39:e7:45:26:83:79:61:49:32:61:2a:
05:0b:ea:87:eb:60:df:c3:29:b6:71:c4:66:28:7d:b5:fe:0b:
45:1c:63:3d:f5:ce:63:bb:66:47:2a:3e:87:6b:b6:24:85:68:
c6:ee:ec:07:f0:83:9d:70:d8:e7:68:dd:5b:a8:08:8e:ff:b2:
52:50:eb:a0:d7:05:52:82:5f:5f:c6:18:99:57:a8:75:84:17:
7f:05:52:77:8a:48:39:85:8c:33:3c:65:9d:8e:3c:07:b8:f0:
86:a0:6c:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRGNbclS3hgdXuuh3o3lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWIwM2UyMjg3NWJiMDcwYjFiN2M1OGVhZGEyZTRiYjFh
YWJlN2YwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZmZjFlZTNlYjM1NjY4NGUzZjg5ODVmOTQ0NTQ4MGZjODY0MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5XOI/bHMkyI85c0N0fHvPINDPLa
RHTYGlU6nUcaCSZlFwLZKWijM5SBQIH3IJgoIKGGjs6AqPEjkSGNDIVBMF2GPCFM
NXhwNLosiuz1bR9Tyrfq3RNkge2HzPhuybfzBl6k7laRoSFD4YlTsJcmWBsl/OIj
ZXvka8S44QA7Ik77uFKtXGMylW9CjWzdwIK41AN7C7f30XnVie7VOg9+zyA5TQmX
mzo/Q6k8n+0jD+EFy8CP9rw1uU8qldQW+uF7m8UtaQhC+FL3+Jt4+PXvMsE6TigJ
VZrqPqj38x6cGpN0qXEhRQZtLtiTLhd7AKfl5DwVUUGY5YlPHx70N/hQxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLpv8e4+s1ZoTj+JhflEVID8hkNxMB8GA1UdIwQY
MBaAFLgbA+IodbsHCxt8WOraLkuxqr5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUt
YWQyNTY2NDMwNTJiLzEvdW1feDdqNnpWbWhPUDRtRi1VUlVnUHlHUTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUtYWQyNTY2NDMwNTJi
LzEvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf+MMA0E
AgACMAcDBQAqDGVAMA0GCSqGSIb3DQEBCwUAA4IBAQCyEvxhHc3bmmsgzDEVyEZ0
j3A2Gru/OQ7/FZUVytfUP3eqk6AOLpiYCgdtxsf0c/aKejIXUs+9InIR5QGw2l33
oeCV7zw5UabXtPDcPXXEIrsEF9QZ5cs5TZk9p0kO4v2ppUTLfCFDIZvMUfjOSSzZ
P+/68i+PSUtZCkrRPqZznXWl2TCBrbj/pl1gGo6S0eJQeX+BCrKuOedFJoN5YUky
YSoFC+qH62Dfwym2ccRmKH21/gtFHGM99c5ju2ZHKj6Ha7YkhWjG7uwH8IOdcNjn
aN1bqAiO/7JSUOug1wVSgl9fxhiZV6h1hBd/BVJ3ikg5hYwzPGWdjjwHuPCGoGxB
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:28:16 2025 by rpki-client