Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/U_r0ba5eKWemsoPGLVbH5qW6mxo.roa
File: U_r0ba5eKWemsoPGLVbH5qW6mxo.roa (raw, json)
Hash identifier: P+Mmy5bcFpmRXJeie/cR3/CCTQyAAFnpLnUmC52uOr4=
Subject key identifier: 53:FA:F4:6D:AE:5E:29:67:A6:B2:83:C6:2D:56:C7:E6:A5:BA:9B:1A
Certificate issuer: /CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Certificate serial: 023A83BA
Authority key identifier: BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/U_r0ba5eKWemsoPGLVbH5qW6mxo.roa
Signing time: Fri 11 Mar 2022 08:26:51 +0000
ROA not before: Fri 11 Mar 2022 08:26:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12329
IP address blocks: 156.67.59.0/24 maxlen: 24
212.23.128.0/19 maxlen: 19
185.249.170.0/24 maxlen: 24
81.173.6.0/24 maxlen: 24
185.249.171.0/24 maxlen: 24
185.249.168.0/24 maxlen: 24
185.249.168.0/22 maxlen: 24
185.249.169.0/24 maxlen: 24
62.221.232.0/21 maxlen: 24
62.221.240.0/21 maxlen: 24
2001:7d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37389242 (0x23a83ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Validity
Not Before: Mar 11 08:26:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53faf46dae5e2967a6b283c62d56c7e6a5ba9b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:1e:d0:68:7f:ae:f0:76:c7:3f:0d:9e:9c:
af:0f:5f:25:dc:28:8f:1c:c1:1a:e2:5f:f9:c6:4a:
56:2d:9f:c1:67:6e:14:d8:1e:27:64:20:a1:57:7d:
fb:fe:2c:bc:64:32:e1:0d:1c:93:eb:f7:84:6b:f7:
da:76:f5:9e:8d:92:a5:55:1b:2a:e4:5e:cd:02:7a:
12:14:19:01:d4:06:9e:db:16:c6:84:41:e4:ae:75:
14:93:e3:b7:cf:e6:ff:ca:1f:ad:3a:46:03:3a:6f:
e7:7b:8c:0c:e8:32:fd:5e:fc:56:6a:7e:96:f6:00:
25:b4:7d:b1:35:c0:76:9b:a1:90:e1:77:04:47:33:
60:a3:c1:38:e0:3e:aa:4c:9d:ff:1c:58:33:61:54:
ca:77:8c:1f:ff:24:0b:9a:d3:ab:e3:26:13:88:3f:
ee:61:b0:81:54:5d:99:2f:7f:6f:9c:40:1e:b1:b8:
bb:57:4c:66:dc:1d:ed:d8:36:bb:2d:96:37:3a:1c:
6c:be:06:25:5a:83:82:fb:41:a9:4b:25:35:f6:5e:
e6:40:ae:6e:53:b6:86:65:24:2f:0d:62:02:71:ba:
9e:7f:06:16:c8:8d:51:56:a9:9d:58:b4:e8:5d:64:
20:24:cb:bb:5c:2d:2a:ad:49:3e:29:87:c2:a5:b3:
40:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:F4:6D:AE:5E:29:67:A6:B2:83:C6:2D:56:C7:E6:A5:BA:9B:1A
X509v3 Authority Key Identifier:
keyid:BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/U_r0ba5eKWemsoPGLVbH5qW6mxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/vMlYMOcVVVtTv45JSK1D9pbF67c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
156.67.59.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
56:50:e6:f9:3e:5d:b4:8c:42:64:a1:7d:37:35:a6:f6:27:80:
02:de:b8:4b:41:b0:07:72:6f:e3:c9:36:03:cf:05:3a:9a:94:
8f:dc:9f:2d:35:50:e0:e6:e3:72:ff:b9:df:49:d2:87:aa:63:
6b:cc:e2:90:92:e1:4e:eb:b9:0b:52:4e:fe:10:65:b4:10:1a:
b3:17:54:93:48:7b:12:5b:b8:7b:e0:a7:54:46:5e:0b:13:7a:
f3:0a:1d:b4:e2:54:4d:25:b5:7a:b4:17:84:73:bd:b7:fe:81:
3d:65:70:58:09:24:a7:58:84:f3:bc:2a:f6:b5:aa:21:43:70:
93:6e:7e:82:86:db:30:ec:55:ef:c3:7d:76:d3:39:c7:ac:7f:
f4:6e:b8:1b:9c:1d:32:2e:c2:16:bb:9e:e9:c4:f3:98:96:77:
1b:fb:31:90:3a:ff:6d:7a:86:a9:31:d0:9b:e5:7a:30:34:4d:
da:99:04:2f:4e:f1:35:ef:bc:12:20:e5:58:e9:07:af:17:c5:
e3:89:a6:05:28:31:2f:f4:31:81:b8:13:84:b1:33:35:a9:f4:
0b:c2:b4:10:49:cd:35:13:30:e8:b6:39:ac:66:9b:29:b7:9e:
70:d8:56:bd:d6:2c:4a:6c:9e:ef:f2:3c:b0:e8:1c:dc:b2:d9:
4d:30:1f:38
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEAjqDujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2M5NTgzMGU3MTU1NTViNTNiZjhlNDk0OGFkNDNmNjk2YzVlYmI3MB4XDTIyMDMx
MTA4MjY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNmYWY0NmRhZTVl
Mjk2N2E2YjI4M2M2MmQ1NmM3ZTZhNWJhOWIxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM0SHtBof67wdsc/DZ6crw9fJdwojxzBGuJf+cZKVi2fwWdu
FNgeJ2QgoVd9+/4svGQy4Q0ck+v3hGv32nb1no2SpVUbKuRezQJ6EhQZAdQGntsW
xoRB5K51FJPjt8/m/8ofrTpGAzpv53uMDOgy/V78Vmp+lvYAJbR9sTXAdpuhkOF3
BEczYKPBOOA+qkyd/xxYM2FUyneMH/8kC5rTq+MmE4g/7mGwgVRdmS9/b5xAHrG4
u1dMZtwd7dg2uy2WNzocbL4GJVqDgvtBqUslNfZe5kCublO2hmUkLw1iAnG6nn8G
FsiNUVapnVi06F1kICTLu1wtKq1JPimHwqWzQB0CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBRT+vRtrl4pZ6ayg8YtVsfmpbqbGjAfBgNVHSMEGDAWgBS8yVgw5xVVW1O/
jklIrUP2lsXrtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNbFlNT2NWVlZ0VHY0NUpTSzFEOXBiRjY3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8x
L1VfcjBiYTVlS1dlbXNvUEdMVmJINXFXNm14by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8xL3ZNbFlNT2NWVlZ0
VHY0NUpTSzFEOXBiRjY3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJjAMAwQDPt3oAwQDPt3wAwQAUa0GAwQA
nEM7AwQCufmoAwQF1BeAMA0EAgACMAcDBQAgAQfYMA0GCSqGSIb3DQEBCwUAA4IB
AQBWUOb5Pl20jEJkoX03Nab2J4AC3rhLQbAHcm/jyTYDzwU6mpSP3J8tNVDg5uNy
/7nfSdKHqmNrzOKQkuFO67kLUk7+EGW0EBqzF1STSHsSW7h74KdURl4LE3rzCh20
4lRNJbV6tBeEc723/oE9ZXBYCSSnWITzvCr2taohQ3CTbn6Chtsw7FXvw3120znH
rH/0brgbnB0yLsIWu57pxPOYlncb+zGQOv9teoapMdCb5XowNE3amQQvTvE177wS
IOVY6QevF8XjiaYFKDEv9DGBuBOEsTM1qfQLwrQQSc01EzDotjmsZpspt55w2Fa9
1ixKbJ7v8jyw6BzcstlNMB84
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:24:34 2025 by rpki-client