Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Uv2UkyHmUsx_D4WmiOyatWf9hNw.roa
File: Uv2UkyHmUsx_D4WmiOyatWf9hNw.roa (raw, json)
Hash identifier: O0pB6RbfHjfq1NCJtIO4yHWugZnbfRB2fM/s99wHQ9U=
Subject key identifier: 52:FD:94:93:21:E6:52:CC:7F:0F:85:A6:88:EC:9A:B5:67:FD:84:DC
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B30085261C2C22C8AE871D21956B82
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Uv2UkyHmUsx_D4WmiOyatWf9hNw.roa
Signing time: Thu 02 Jan 2025 01:48:18 +0000
ROA not before: Thu 02 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.123.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.7.236.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.47.92.0/22 maxlen: 22
185.211.96.0/22 maxlen: 22
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:00:85:26:1c:2c:22:c8:ae:87:1d:21:95:6b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52fd949321e652cc7f0f85a688ec9ab567fd84dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:49:23:a5:9f:9b:8f:f3:d1:d1:c1:12:8c:1f:
b0:80:61:8d:a5:e2:a6:1d:c0:20:a8:17:2e:61:39:
fe:53:89:4c:3d:81:24:c3:7d:d7:d3:52:29:d8:9a:
f9:48:8e:d9:26:17:9f:eb:77:54:f0:6e:8b:35:18:
23:fd:e0:e5:a7:99:19:17:05:9f:f1:44:ba:ee:d2:
44:65:f1:19:44:0b:b9:7f:b7:b5:3b:40:2e:af:66:
38:4c:aa:78:43:90:da:12:3b:96:ea:e0:af:0e:bf:
68:1c:98:b6:86:68:d3:5e:0e:97:b4:ce:a6:94:ac:
01:3d:94:fc:6f:54:88:c0:84:7f:74:d1:1b:2b:8f:
14:8d:50:56:55:09:d6:37:65:23:94:af:5d:c3:8b:
4f:dc:1b:29:4e:b7:d2:21:f8:db:5d:c5:af:15:f7:
89:4e:83:05:03:16:c8:5f:32:67:d9:8b:a4:66:ee:
6f:c9:74:dc:0d:d9:25:e6:c2:36:13:f6:e1:03:84:
40:b6:43:dd:87:3d:7f:78:03:9c:dc:94:46:94:09:
d4:4d:ce:7c:60:ba:72:3f:6d:a1:ea:3b:a2:10:f1:
37:7a:fb:3b:0b:0a:fb:a0:e5:b7:67:96:c6:c0:a8:
81:2b:45:ab:13:ae:8b:c4:98:31:8e:06:39:30:84:
75:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FD:94:93:21:E6:52:CC:7F:0F:85:A6:88:EC:9A:B5:67:FD:84:DC
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Uv2UkyHmUsx_D4WmiOyatWf9hNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.30.0/24
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.123.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.158.0/24
159.148.163.0/24
159.148.166.0/23
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.7.236.0/24
185.27.94.0/24
185.47.92.0/22
185.211.96.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
6d:0c:1d:a8:19:2e:97:fd:ca:e6:a5:f2:a4:12:1d:08:81:47:
4a:82:a9:f3:4c:aa:76:22:b5:41:e4:0a:f1:61:bf:c4:2d:f7:
16:32:c7:19:bd:60:3a:05:5b:0e:2f:49:c5:d9:5f:c4:56:d0:
2b:b5:d7:08:e2:ef:19:73:7f:28:f3:1f:0d:2a:08:27:7f:1f:
b7:2a:b3:f3:51:68:76:33:16:12:8e:f7:0f:f9:2f:1c:a8:b0:
8e:2f:5c:00:24:f8:0c:15:73:98:56:b0:69:4a:22:50:8b:a0:
b6:5f:c6:b2:88:c7:7a:4e:62:b1:2d:80:3f:71:13:5d:e9:bc:
d4:6b:90:9a:b0:4e:6b:7d:13:bb:f7:71:c4:2f:cf:e1:37:3e:
27:4d:bd:80:e5:5b:23:c9:15:53:e9:ae:6e:e0:66:82:be:dc:
ce:ff:f9:a6:72:a5:bc:0c:3e:3f:23:3d:c7:a4:4c:e1:c2:56:
12:07:bd:e5:a8:59:6a:d1:ea:93:7f:22:16:af:64:cc:65:4f:
05:75:54:8b:f6:72:58:79:d0:62:e7:a6:98:4f:18:0f:c7:6a:
45:23:88:88:d3:5f:66:8c:63:1d:46:56:d1:2e:85:96:73:ce:
85:4c:bb:58:2b:33:bc:af:07:2a:7a:b5:5f:d0:a4:da:f8:9a:
c7:38:97:83
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAZQkswCFJhwsIsiuhx0hlWuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZkOTQ5MzIxZTY1MmNjN2YwZjg1YTY4OGVjOWFiNTY3ZmQ4NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkkjpZ+bj/PR0cESjB+wgGGNpeKm
HcAgqBcuYTn+U4lMPYEkw33X01Ip2Jr5SI7ZJhef63dU8G6LNRgj/eDlp5kZFwWf
8US67tJEZfEZRAu5f7e1O0Aur2Y4TKp4Q5DaEjuW6uCvDr9oHJi2hmjTXg6XtM6m
lKwBPZT8b1SIwIR/dNEbK48UjVBWVQnWN2UjlK9dw4tP3BspTrfSIfjbXcWvFfeJ
ToMFAxbIXzJn2YukZu5vyXTcDdkl5sI2E/bhA4RAtkPdhz1/eAOc3JRGlAnUTc58
YLpyP22h6juiEPE3evs7Cwr7oOW3Z5bGwKiBK0WrE66LxJgxjgY5MIR1zQIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFFL9lJMh5lLMfw+FpojsmrVn/YTcMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvVXYyVWt5SG1Vc3hfRDRXbWlPeWF0V2Y5aE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAFX+AgMEAFX+BAMEAFX+BwMEAFX+HgMEAFX+KAMEAVX+KgMEAFX+MwMEAFX+
OwMEAVX+QAMEAlX+TAMEAVX+VAMEAFX+ZwMEAlX+cDAMAwQAVf57AwQAVf5+AwQC
Vf6AAwQAVf6GMAwDBABV/okDBABV/owDBAFV/q4DBAFV/rQDBACflBoDBACflDYD
BACflD4DBACflEIDBACflH4DBACflIADBACflIIDBACflJ4DBACflKMDBAGflKYw
DAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U8TAMAwQB
n5T2AwQAn5T4AwQAuQfsAwQAuRteAwQCuS9cAwQCudNgAwQA2UV5MAwDBADZRX0D
BAfZRQAwDQYJKoZIhvcNAQELBQADggEBAG0MHagZLpf9yual8qQSHQiBR0qCqfNM
qnYitUHkCvFhv8Qt9xYyxxm9YDoFWw4vScXZX8RW0Cu11wji7xlzfyjzHw0qCCd/
H7cqs/NRaHYzFhKO9w/5LxyosI4vXAAk+AwVc5hWsGlKIlCLoLZfxrKIx3pOYrEt
gD9xE13pvNRrkJqwTmt9E7v3ccQvz+E3PidNvYDlWyPJFVPprm7gZoK+3M7/+aZy
pbwMPj8jPcekTOHCVhIHveWoWWrR6pN/IhavZMxlTwV1VIv2clh50GLnpphPGA/H
akUjiIjTX2aMYx1GVtEuhZZzzoVMu1grM7yvByp6tV/QpNr4msc4l4M=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:33 2025 by rpki-client