Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/UAHva5iyiV1xlP7JLB0OeSQCozY.roa
File: UAHva5iyiV1xlP7JLB0OeSQCozY.roa (raw, json)
Hash identifier: 5feEay6zVnCZ0AgBpPAHVnCPUrlqiwCA3ASS/QWUfg0=
Subject key identifier: 50:01:EF:6B:98:B2:89:5D:71:94:FE:C9:2C:1D:0E:79:24:02:A3:36
Certificate issuer: /CN=40064dd8ac6ea56641836d4ed77facca4b22f7e0
Certificate serial: 01856F0226576CCD625BFCA48E22C544066B
Authority key identifier: 40:06:4D:D8:AC:6E:A5:66:41:83:6D:4E:D7:7F:AC:CA:4B:22:F7:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QAZN2KxupWZBg21O13-syksi9-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/UAHva5iyiV1xlP7JLB0OeSQCozY.roa
Signing time: Sun 01 Jan 2023 20:24:49 +0000
ROA not before: Sun 01 Jan 2023 20:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211594
IP address blocks: 185.254.123.0/24 maxlen: 24
2a0c:1880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:26:57:6c:cd:62:5b:fc:a4:8e:22:c5:44:06:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40064dd8ac6ea56641836d4ed77facca4b22f7e0
Validity
Not Before: Jan 1 20:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5001ef6b98b2895d7194fec92c1d0e792402a336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0a:eb:11:a8:f4:c2:47:e5:7f:1c:3f:7f:dc:
4c:25:c1:28:f3:b8:d9:75:83:a2:1a:e5:76:48:72:
2b:25:a6:46:68:80:b4:69:a1:35:05:00:8c:a3:6d:
54:1b:e0:4f:1f:70:f2:9e:f4:b9:0b:e7:9e:7c:32:
e2:7c:0c:86:82:d0:52:9b:99:db:7e:b4:8a:be:04:
43:62:54:e9:69:9f:d8:e9:23:df:52:49:1a:b6:3b:
dd:00:c8:88:00:be:47:80:f3:8a:02:6e:ad:a2:be:
2b:f4:07:07:a4:19:61:ff:67:d0:be:46:db:42:b8:
c4:8a:a1:6d:ce:12:26:fc:d7:b2:cb:a7:e8:8c:be:
64:c0:73:af:e5:27:0f:21:90:02:90:49:8a:ec:85:
2f:cf:41:6d:e8:d0:aa:d4:f4:b8:c2:14:a2:7d:6b:
b1:d1:36:0c:bc:75:aa:84:cc:fe:33:f9:14:30:c5:
c3:5e:7b:bb:4c:03:eb:1c:0c:e6:34:a0:3d:24:ae:
56:1b:40:18:04:34:fe:ef:05:e8:54:84:8c:20:32:
01:4e:91:1a:f8:e4:51:20:e0:d9:2d:19:e2:1e:27:
65:85:5c:24:ae:89:82:a1:88:30:79:58:8f:da:83:
3d:f5:9e:8f:d1:34:f7:44:0e:3c:9b:12:4a:2d:23:
6f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:01:EF:6B:98:B2:89:5D:71:94:FE:C9:2C:1D:0E:79:24:02:A3:36
X509v3 Authority Key Identifier:
keyid:40:06:4D:D8:AC:6E:A5:66:41:83:6D:4E:D7:7F:AC:CA:4B:22:F7:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAZN2KxupWZBg21O13-syksi9-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/UAHva5iyiV1xlP7JLB0OeSQCozY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/d066a3-7122-4dfa-9644-fce7e936bebd/1/QAZN2KxupWZBg21O13-syksi9-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.123.0/24
IPv6:
2a0c:1880::/29
Signature Algorithm: sha256WithRSAEncryption
bc:84:da:e3:25:a2:78:59:a9:05:4b:5f:51:7c:9f:f4:c4:5b:
7f:8b:f1:17:b8:e2:6d:e8:b8:e3:9a:dc:6f:0f:f1:3c:b6:ef:
f4:ad:40:8d:1c:bf:fa:9c:3e:c0:94:1d:e8:96:08:d3:da:d4:
9c:d4:7b:e1:07:d7:f8:19:88:fd:c2:74:a1:f2:4b:42:78:a5:
05:db:92:f8:5c:18:a0:d8:4a:7d:8b:ee:5e:90:0f:76:0e:c4:
55:c1:d5:22:57:0f:3e:cc:60:0a:b1:dd:99:4b:38:b1:1d:86:
f0:46:84:3d:40:71:45:b1:90:47:e3:f2:7b:a8:11:ea:41:77:
76:81:36:18:5c:d7:62:e9:9a:97:06:cc:a4:0e:a3:ff:d8:9b:
f0:9e:1a:23:a2:1a:0b:7d:cb:28:74:a4:dc:43:06:38:00:17:
4d:8e:ad:c6:22:33:c2:dc:47:81:e1:67:db:2b:51:73:7e:ba:
92:ac:5c:db:b8:a6:15:d4:39:53:75:02:c4:d9:29:eb:b4:81:
e9:b9:78:aa:81:e5:ac:8d:39:91:d7:2e:b3:80:fd:1e:8c:3d:
1a:76:b4:fb:7d:40:20:67:64:86:90:ee:82:73:72:e6:23:7b:
3d:cb:76:b4:18:31:9a:93:a0:43:76:db:0e:da:e3:97:43:90:
a0:4f:01:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAiZXbM1iW/ykjiLFRAZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDY0ZGQ4YWM2ZWE1NjY0MTgzNmQ0ZWQ3N2ZhY2NhNGIy
MmY3ZTAwHhcNMjMwMTAxMjAyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDAxZWY2Yjk4YjI4OTVkNzE5NGZlYzkyYzFkMGU3OTI0MDJhMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2grrEaj0wkflfxw/f9xMJcEo87jZ
dYOiGuV2SHIrJaZGaIC0aaE1BQCMo21UG+BPH3DynvS5C+eefDLifAyGgtBSm5nb
frSKvgRDYlTpaZ/Y6SPfUkkatjvdAMiIAL5HgPOKAm6tor4r9AcHpBlh/2fQvkbb
QrjEiqFtzhIm/Neyy6fojL5kwHOv5ScPIZACkEmK7IUvz0Ft6NCq1PS4whSifWux
0TYMvHWqhMz+M/kUMMXDXnu7TAPrHAzmNKA9JK5WG0AYBDT+7wXoVISMIDIBTpEa
+ORRIODZLRniHidlhVwkromCoYgweViP2oM99Z6P0TT3RA48mxJKLSNvbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFAB72uYsoldcZT+ySwdDnkkAqM2MB8GA1UdIwQY
MBaAFEAGTdisbqVmQYNtTtd/rMpLIvfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFaTjJLeHVwV1pCZzIxTzEzLXN5a3NpOS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kMDY2YTMtNzEyMi00ZGZhLTk2NDQt
ZmNlN2U5MzZiZWJkLzEvVUFIdmE1aXlpVjF4bFA3SkxCME9lU1FDb3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kMDY2YTMtNzEyMi00ZGZhLTk2NDQtZmNlN2U5MzZiZWJk
LzEvUUFaTjJLeHVwV1pCZzIxTzEzLXN5a3NpOS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf57MA0E
AgACMAcDBQMqDBiAMA0GCSqGSIb3DQEBCwUAA4IBAQC8hNrjJaJ4WakFS19RfJ/0
xFt/i/EXuOJt6LjjmtxvD/E8tu/0rUCNHL/6nD7AlB3olgjT2tSc1HvhB9f4GYj9
wnSh8ktCeKUF25L4XBig2Ep9i+5ekA92DsRVwdUiVw8+zGAKsd2ZSzixHYbwRoQ9
QHFFsZBH4/J7qBHqQXd2gTYYXNdi6ZqXBsykDqP/2JvwnhojohoLfcsodKTcQwY4
ABdNjq3GIjPC3EeB4WfbK1FzfrqSrFzbuKYV1DlTdQLE2SnrtIHpuXiqgeWsjTmR
1y6zgP0ejD0adrT7fUAgZ2SGkO6Cc3LmI3s9y3a0GDGak6BDdtsO2uOXQ5CgTwEa
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:26 2025 by rpki-client