Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/uqzFgf-8B62Y8mrkcQQAzXl65Xw.roa
File: uqzFgf-8B62Y8mrkcQQAzXl65Xw.roa (raw, json)
Hash identifier: kCZVPY38TjsnXAkZkosAsOr4uT14uV5XbG2BhNU/FCw=
Subject key identifier: BA:AC:C5:81:FF:BC:07:AD:98:F2:6A:E4:71:04:00:CD:79:7A:E5:7C
Certificate issuer: /CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Certificate serial: 0195B7F48374A9AC30F006B979F526416276
Authority key identifier: 08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/uqzFgf-8B62Y8mrkcQQAzXl65Xw.roa
Signing time: Fri 21 Mar 2025 09:06:49 +0000
ROA not before: Fri 21 Mar 2025 09:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21472
IP address blocks: 5.2.16.0/21 maxlen: 21
5.2.16.0/23 maxlen: 23
5.2.18.0/23 maxlen: 23
5.2.20.0/23 maxlen: 23
5.2.23.0/24 maxlen: 24
91.224.190.0/23 maxlen: 23
162.33.228.0/23 maxlen: 23
185.79.56.0/22 maxlen: 22
185.79.56.0/24 maxlen: 24
185.149.176.0/22 maxlen: 22
185.182.147.0/24 maxlen: 24
185.229.40.0/22 maxlen: 22
195.49.144.0/22 maxlen: 22
2a00:e740::/32 maxlen: 32
2a07:69c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:f4:83:74:a9:ac:30:f0:06:b9:79:f5:26:41:62:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Validity
Not Before: Mar 21 09:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=baacc581ffbc07ad98f26ae4710400cd797ae57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:80:7e:f2:53:96:2c:b4:52:7d:16:78:4f:
bd:62:ec:b7:f4:52:bf:18:e3:65:28:a4:9e:49:28:
a1:4c:2a:99:b8:a9:6b:f1:55:0a:fc:b9:25:49:a0:
68:73:35:0a:f1:5d:fe:88:d8:07:9c:40:df:58:45:
d4:e0:a5:44:64:1d:ff:9a:fb:0f:27:6e:a3:01:1c:
f0:19:e0:29:60:d2:cc:7b:0c:c2:ed:5b:19:d6:25:
59:73:6f:4e:04:4a:7d:a7:ea:da:bc:c3:d9:fa:17:
0f:f1:e2:83:ff:a1:92:52:66:c2:65:f3:77:8d:1e:
c4:c8:72:aa:8e:dd:79:ea:89:fb:59:eb:b3:f2:28:
2a:31:4b:63:eb:3f:18:97:58:c0:9d:98:22:f1:da:
9e:4f:d8:8f:7c:41:d0:4f:61:ed:58:39:b5:f0:fc:
26:d1:6c:f8:06:05:67:20:88:87:22:43:e4:d5:d8:
df:87:87:37:ca:c5:e5:2f:ba:ce:7c:a1:80:c0:16:
0c:bc:a2:ef:22:f3:ea:b1:45:78:49:fa:b6:e1:63:
81:7b:de:de:58:ad:6f:b9:ea:70:86:2f:a3:b6:18:
35:77:20:51:40:35:a3:4c:96:4e:bd:da:fe:1a:58:
68:9a:10:eb:e8:4d:42:9d:b9:a1:5b:17:f5:d7:e7:
4d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AC:C5:81:FF:BC:07:AD:98:F2:6A:E4:71:04:00:CD:79:7A:E5:7C
X509v3 Authority Key Identifier:
keyid:08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/uqzFgf-8B62Y8mrkcQQAzXl65Xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.16.0/21
91.224.190.0/23
162.33.228.0/23
185.79.56.0/22
185.149.176.0/22
185.182.147.0/24
185.229.40.0/22
195.49.144.0/22
IPv6:
2a00:e740::/32
2a07:69c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:0a:68:82:75:46:a1:64:67:02:1e:d8:08:c9:60:cd:50:f6:
ed:e9:cc:80:07:4e:1e:4e:a4:11:a2:33:ac:9b:21:49:1f:ce:
ba:a6:88:c2:67:a2:8f:06:0d:6b:7b:4a:7e:9b:bf:84:07:7f:
00:6d:e3:37:6b:7a:71:08:e8:8a:88:6d:1f:1b:69:2a:31:a7:
ce:98:1a:11:13:19:c6:19:9c:3d:60:55:73:c6:38:3a:d8:b8:
57:b4:25:a8:6e:41:d5:55:ff:e8:26:4b:60:71:f3:42:db:0b:
61:61:32:9f:8d:83:fb:c5:d8:79:59:b5:b8:a5:32:2f:9c:e1:
9b:20:49:f1:76:b2:6b:6e:39:08:5f:9d:ec:71:49:7b:82:47:
88:6e:df:fc:0c:20:89:14:a7:75:4d:e7:56:db:b1:79:66:85:
d3:72:93:ff:cf:5a:c3:43:79:83:44:46:02:cc:60:09:60:20:
8e:a3:c0:a2:38:f7:ac:ae:ac:cf:e8:19:9f:a8:84:83:c8:df:
fc:ab:69:82:aa:8c:17:f2:9a:e4:66:c2:07:36:fe:36:0a:71:
0d:f6:09:57:be:38:1f:d2:1e:d2:ab:8f:fa:a2:d1:05:56:33:
e3:8c:c7:28:d9:81:ca:26:e8:e4:3f:d7:ab:bf:2e:09:48:ff:
df:d6:16:a9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZW39IN0qaww8Aa5efUmQWJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OTUzYTVmMTFhODI3OWNkZjg3OTg5NjBkZTFlMjJlYjEy
MjdkOTUwHhcNMjUwMzIxMDkwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFjYzU4MWZmYmMwN2FkOThmMjZhZTQ3MTA0MDBjZDc5N2FlNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuymAfvJTliy0Un0WeE+9Yuy39FK/
GONlKKSeSSihTCqZuKlr8VUK/LklSaBoczUK8V3+iNgHnEDfWEXU4KVEZB3/mvsP
J26jARzwGeApYNLMewzC7VsZ1iVZc29OBEp9p+ravMPZ+hcP8eKD/6GSUmbCZfN3
jR7EyHKqjt156on7Weuz8igqMUtj6z8Yl1jAnZgi8dqeT9iPfEHQT2HtWDm18Pwm
0Wz4BgVnIIiHIkPk1djfh4c3ysXlL7rOfKGAwBYMvKLvIvPqsUV4Sfq24WOBe97e
WK1vuepwhi+jthg1dyBRQDWjTJZOvdr+GlhomhDr6E1CnbmhWxf11+dNEwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLqsxYH/vAetmPJq5HEEAM15euV8MB8GA1UdIwQY
MBaAFAiVOl8RqCec34eYlg3h4i6xIn2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2It
NzExNjk1NjdlMzljLzEvdXF6RmdmLThCNjJZOG1ya2NRUUF6WGw2NVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2ItNzExNjk1NjdlMzlj
LzEvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBQIQAwQB
W+C+AwQBoiHkAwQCuU84AwQCuZWwAwQAubaTAwQCueUoAwQCwzGQMBQEAgACMA4D
BQAqAOdAAwUDKgdpwDANBgkqhkiG9w0BAQsFAAOCAQEALwpognVGoWRnAh7YCMlg
zVD27enMgAdOHk6kEaIzrJshSR/OuqaIwmeijwYNa3tKfpu/hAd/AG3jN2t6cQjo
iohtHxtpKjGnzpgaERMZxhmcPWBVc8Y4Oti4V7QlqG5B1VX/6CZLYHHzQtsLYWEy
n42D+8XYeVm1uKUyL5zhmyBJ8Xaya245CF+d7HFJe4JHiG7f/AwgiRSndU3nVtux
eWaF03KT/89aw0N5g0RGAsxgCWAgjqPAojj3rK6sz+gZn6iEg8jf/KtpgqqMF/Ka
5GbCBzb+NgpxDfYJV744H9Ie0quP+qLRBVYz44zHKNmByibo5D/Xq78uCUj/39YW
qQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:15:59 2025 by rpki-client