Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UtpSRhJuNLlPda0ealCAV2oOOIs.roa
File: UtpSRhJuNLlPda0ealCAV2oOOIs.roa (raw, json)
Hash identifier: 6zNva/R7MgFInq/rTlig5RzR+MH92GbfZMeRaso1csA=
Subject key identifier: 52:DA:52:46:12:6E:34:B9:4F:75:AD:1E:6A:50:80:57:6A:0E:38:8B
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F8C93D30DF6825A3B847ECE660D10
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UtpSRhJuNLlPda0ealCAV2oOOIs.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49849
IP address blocks: 89.252.224.0/24 maxlen: 24
89.252.225.0/24 maxlen: 24
89.252.226.0/24 maxlen: 24
194.12.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8c:93:d3:0d:f6:82:5a:3b:84:7e:ce:66:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52da5246126e34b94f75ad1e6a5080576a0e388b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:97:71:5f:d6:00:db:c2:00:e4:29:82:4f:14:
d8:08:32:d2:ed:de:c7:7a:86:bf:47:19:13:04:75:
56:5e:2e:40:9a:d4:36:b3:db:8b:9a:14:26:64:25:
7d:ae:f7:11:03:71:ad:e2:bc:66:26:e4:f0:c3:21:
eb:bd:b9:ca:b9:f1:c1:41:01:00:17:6c:f2:ca:8e:
b1:32:3c:13:c0:82:1e:8e:d1:bb:65:95:13:e3:3c:
30:84:8c:c9:f1:bb:fe:fb:d4:e3:5a:e9:a0:72:b7:
fe:61:4e:78:7b:c6:8a:31:2a:12:d7:bc:b8:54:c5:
e2:74:f3:75:0e:30:c0:25:cd:bd:7c:da:c9:b2:31:
ad:47:f2:24:8d:56:9e:57:be:36:12:39:51:bd:5e:
cc:fc:e5:56:1b:81:1e:ff:83:1c:fe:6b:9a:f6:19:
fc:08:71:76:c3:4b:a5:1d:a4:a9:18:13:c1:19:fe:
df:3d:cc:1f:d5:6e:8f:55:bd:d5:a8:d1:fd:0e:73:
c3:cb:05:c9:b1:77:fa:93:0f:f0:0e:48:c7:aa:d7:
87:f2:17:80:30:d6:5f:44:73:05:68:07:61:bc:e8:
1f:5f:29:c5:12:eb:dc:26:26:65:de:6a:0c:b9:87:
f3:23:a0:72:8d:f7:fb:6c:16:c2:cf:26:74:45:27:
69:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DA:52:46:12:6E:34:B9:4F:75:AD:1E:6A:50:80:57:6A:0E:38:8B
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/UtpSRhJuNLlPda0ealCAV2oOOIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.224.0-89.252.226.255
194.12.232.0/24
Signature Algorithm: sha256WithRSAEncryption
97:7c:3a:c5:f6:6f:8f:72:98:33:4c:cd:68:45:81:61:a5:02:
7f:73:fa:12:3b:7c:f3:95:b2:98:a0:c5:ba:ef:fc:05:13:7a:
c7:09:aa:11:28:0d:38:c8:66:ec:83:39:24:1b:30:ea:82:26:
76:17:a7:24:69:d4:cc:4a:52:80:97:08:fb:7b:58:a6:f5:2e:
16:5f:cf:8c:26:54:d5:bf:66:b3:4e:c4:9f:0e:8c:43:a1:9f:
58:13:24:27:3d:b0:d0:1b:b7:ee:67:62:3a:4f:ef:84:76:46:
a9:35:12:4e:c6:72:14:54:d2:f8:0a:86:c3:21:ea:5e:38:62:
99:44:aa:bf:49:29:20:9d:41:6e:51:5f:1d:11:2a:39:75:79:
54:8f:00:7e:f0:c1:18:19:28:c7:22:96:a6:18:b7:ca:04:0c:
95:88:5e:07:26:92:66:99:60:55:50:34:a0:a0:9c:43:ee:67:
e2:5a:27:22:63:74:91:0f:18:cd:20:af:da:1a:cd:51:1f:7a:
8f:1a:4e:87:36:9d:3d:3a:e0:66:d2:01:f3:aa:61:84:91:a1:
f5:7b:5a:af:9c:03:ef:0f:21:77:e9:af:e1:93:f2:42:86:0a:
a9:bf:2a:40:ed:83:5d:c3:ce:eb:9e:2d:f6:42:77:50:fc:1c:
d4:83:3c:d6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiH4yT0w32glo7hH7OZg0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRhNTI0NjEyNmUzNGI5NGY3NWFkMWU2YTUwODA1NzZhMGUzODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JdxX9YA28IA5CmCTxTYCDLS7d7H
eoa/RxkTBHVWXi5AmtQ2s9uLmhQmZCV9rvcRA3Gt4rxmJuTwwyHrvbnKufHBQQEA
F2zyyo6xMjwTwIIejtG7ZZUT4zwwhIzJ8bv++9TjWumgcrf+YU54e8aKMSoS17y4
VMXidPN1DjDAJc29fNrJsjGtR/IkjVaeV742EjlRvV7M/OVWG4Ee/4Mc/mua9hn8
CHF2w0ulHaSpGBPBGf7fPcwf1W6PVb3VqNH9DnPDywXJsXf6kw/wDkjHqteH8heA
MNZfRHMFaAdhvOgfXynFEuvcJiZl3moMuYfzI6Byjff7bBbCzyZ0RSdpBwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFLaUkYSbjS5T3WtHmpQgFdqDjiLMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvVXRwU1JoSnVOTGxQZGEwZWFsQ0FWMm9PT0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVZ/OAD
BABZ/OIDBADCDOgwDQYJKoZIhvcNAQELBQADggEBAJd8OsX2b49ymDNMzWhFgWGl
An9z+hI7fPOVspigxbrv/AUTescJqhEoDTjIZuyDOSQbMOqCJnYXpyRp1MxKUoCX
CPt7WKb1LhZfz4wmVNW/ZrNOxJ8OjEOhn1gTJCc9sNAbt+5nYjpP74R2Rqk1Ek7G
chRU0vgKhsMh6l44YplEqr9JKSCdQW5RXx0RKjl1eVSPAH7wwRgZKMcilqYYt8oE
DJWIXgcmkmaZYFVQNKCgnEPuZ+JaJyJjdJEPGM0gr9oazVEfeo8aToc2nT064GbS
AfOqYYSRofV7Wq+cA+8PIXfpr+GT8kKGCqm/KkDtg13DzuueLfZCd1D8HNSDPNY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net