Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/26a971-f2fd-4f2d-8303-6e6e76f37946/1/UzjmKBXy8gum7-vzXEXY9qRXHJg.roa
File: UzjmKBXy8gum7-vzXEXY9qRXHJg.roa (raw, json)
Hash identifier: rXm+F/jMusDQ+vIPMdo+lZ7IaHnnszuMtgWpHGWtSR0=
Subject key identifier: 53:38:E6:28:15:F2:F2:0B:A6:EF:EB:F3:5C:45:D8:F6:A4:57:1C:98
Certificate issuer: /CN=e27e66e403d31c7958335298168de60a215c0c0f
Certificate serial: 01942368D2FCD1C4C5A0BB9B18916F03DCBC
Authority key identifier: E2:7E:66:E4:03:D3:1C:79:58:33:52:98:16:8D:E6:0A:21:5C:0C:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4n5m5APTHHlYM1KYFo3mCiFcDA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/26a971-f2fd-4f2d-8303-6e6e76f37946/1/UzjmKBXy8gum7-vzXEXY9qRXHJg.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 85.204.106.0/24 maxlen: 24
188.241.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d2:fc:d1:c4:c5:a0:bb:9b:18:91:6f:03:dc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e27e66e403d31c7958335298168de60a215c0c0f
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5338e62815f2f20ba6efebf35c45d8f6a4571c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6d:6d:8a:84:7c:57:f8:09:65:a7:aa:32:72:
86:34:6f:e2:a7:88:64:69:e2:98:65:9a:50:d1:45:
2c:64:98:13:15:5b:72:df:8e:b8:ff:6e:5f:a2:b4:
6e:0a:17:c9:60:c8:e9:45:f6:ff:ed:ee:a7:bf:39:
dc:3d:4b:d1:cc:ad:ad:8d:ef:df:d0:6a:58:13:ce:
df:7e:48:81:13:6b:81:58:38:ef:5a:75:5b:96:f4:
f2:ba:34:db:cd:4b:ce:12:2e:ac:01:fc:ff:1f:cc:
8e:98:36:2a:0c:65:8d:df:0d:f5:b1:59:83:9d:87:
f4:45:67:8f:66:6f:a2:4c:93:f4:6e:ce:e1:a8:a5:
6f:fc:86:5a:67:45:b6:cc:26:c5:15:f9:b5:6c:c5:
8f:88:49:24:cd:dc:03:95:c9:1d:d5:d0:9f:7f:e0:
4f:b1:85:0c:d1:55:dc:02:37:30:b2:82:31:c4:f0:
f0:4f:76:9c:b7:90:a2:51:ec:5f:80:d9:0b:6f:2d:
e7:c7:aa:59:48:a8:4c:35:f8:01:e4:4e:cd:e4:d1:
6d:23:7b:3a:76:d4:28:55:fd:20:72:52:8b:74:8c:
ea:00:e0:e1:64:98:0a:59:e7:ed:4c:01:69:ec:18:
73:f3:1f:15:51:9d:59:55:88:6b:04:f1:84:13:f3:
7b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:38:E6:28:15:F2:F2:0B:A6:EF:EB:F3:5C:45:D8:F6:A4:57:1C:98
X509v3 Authority Key Identifier:
keyid:E2:7E:66:E4:03:D3:1C:79:58:33:52:98:16:8D:E6:0A:21:5C:0C:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4n5m5APTHHlYM1KYFo3mCiFcDA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/26a971-f2fd-4f2d-8303-6e6e76f37946/1/UzjmKBXy8gum7-vzXEXY9qRXHJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/26a971-f2fd-4f2d-8303-6e6e76f37946/1/4n5m5APTHHlYM1KYFo3mCiFcDA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.106.0/24
188.241.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:95:b2:96:c3:1e:88:c5:81:df:fd:98:d3:df:c6:65:c4:a5:
2e:91:b5:da:f0:a4:6c:58:1f:ed:1c:02:15:74:99:ef:89:58:
d5:1d:01:9c:5f:be:c5:0b:50:9e:d3:e1:84:0b:03:5c:5e:27:
b3:7b:58:63:1e:1d:fd:d0:53:8d:14:a5:dc:44:43:ba:9b:47:
b7:14:88:4e:8c:ad:5f:1b:60:7a:1f:7a:23:a6:52:92:b3:32:
f2:d4:8d:b9:6d:70:aa:a6:ab:d8:25:b5:6a:56:b9:e9:ed:4a:
4b:86:e3:7e:52:94:48:4b:4d:9b:a8:37:9c:0d:1c:d4:cb:27:
61:4a:35:e2:27:8c:69:b3:8e:b2:b0:ee:6b:85:91:30:8e:c7:
80:df:35:b1:a7:55:ed:cd:42:35:c8:c9:52:de:4e:ca:95:94:
d3:3e:ed:b1:9b:9a:b5:cc:88:57:10:1c:6f:5a:58:02:17:71:
89:00:d7:f3:92:e1:68:95:df:13:a5:ab:34:f7:4f:b3:84:dc:
78:74:27:16:94:80:8e:d5:37:8f:2a:89:65:f7:39:35:28:1a:
78:a8:c4:ef:3c:bb:2d:b4:ee:bf:e2:13:13:a0:a5:30:80:4d:
da:a4:f0:04:e1:04:36:5e:5b:a8:76:ff:1c:97:d1:71:c5:71:
a3:38:7e:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaNL80cTFoLubGJFvA9y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyN2U2NmU0MDNkMzFjNzk1ODMzNTI5ODE2OGRlNjBhMjE1
YzBjMGYwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM4ZTYyODE1ZjJmMjBiYTZlZmViZjM1YzQ1ZDhmNmE0NTcxYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt21tioR8V/gJZaeqMnKGNG/ip4hk
aeKYZZpQ0UUsZJgTFVty3464/25forRuChfJYMjpRfb/7e6nvzncPUvRzK2tje/f
0GpYE87ffkiBE2uBWDjvWnVblvTyujTbzUvOEi6sAfz/H8yOmDYqDGWN3w31sVmD
nYf0RWePZm+iTJP0bs7hqKVv/IZaZ0W2zCbFFfm1bMWPiEkkzdwDlckd1dCff+BP
sYUM0VXcAjcwsoIxxPDwT3act5CiUexfgNkLby3nx6pZSKhMNfgB5E7N5NFtI3s6
dtQoVf0gclKLdIzqAODhZJgKWeftTAFp7Bhz8x8VUZ1ZVYhrBPGEE/N70QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFM45igV8vILpu/r81xF2PakVxyYMB8GA1UdIwQY
MBaAFOJ+ZuQD0xx5WDNSmBaN5gohXAwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG41bTVBUFRISGxZTTFLWUZvM21DaUZjREE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8yNmE5NzEtZjJmZC00ZjJkLTgzMDMt
NmU2ZTc2ZjM3OTQ2LzEvVXpqbUtCWHk4Z3VtNy12elhFWFk5cVJYSEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8yNmE5NzEtZjJmZC00ZjJkLTgzMDMtNmU2ZTc2ZjM3OTQ2
LzEvNG41bTVBUFRISGxZTTFLWUZvM21DaUZjREE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcxqAwQA
vPHcMA0GCSqGSIb3DQEBCwUAA4IBAQBKlbKWwx6IxYHf/ZjT38ZlxKUukbXa8KRs
WB/tHAIVdJnviVjVHQGcX77FC1Ce0+GECwNcXieze1hjHh390FONFKXcREO6m0e3
FIhOjK1fG2B6H3ojplKSszLy1I25bXCqpqvYJbVqVrnp7UpLhuN+UpRIS02bqDec
DRzUyydhSjXiJ4xps46ysO5rhZEwjseA3zWxp1XtzUI1yMlS3k7KlZTTPu2xm5q1
zIhXEBxvWlgCF3GJANfzkuFold8Tpas090+zhNx4dCcWlICO1TePKoll9zk1KBp4
qMTvPLsttO6/4hMToKUwgE3apPAE4QQ2Xluodv8cl9FxxXGjOH6J
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:49:16 2025 by rpki-client