Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/uzOfDn3na_0H4FMYAvULbyI0B6c.roa
File: uzOfDn3na_0H4FMYAvULbyI0B6c.roa (raw, json)
Hash identifier: uAuwh9KcLGGG4HeIvB3vA//BXxot+F12ayTtv/6riqk=
Subject key identifier: BB:33:9F:0E:7D:E7:6B:FD:07:E0:53:18:02:F5:0B:6F:22:34:07:A7
Certificate issuer: /CN=e47406f4982b61824c8fd44b81ede0a99fc724e0
Certificate serial: 01946469062BB2A2AFA833772BF71F7335A7
Authority key identifier: E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/uzOfDn3na_0H4FMYAvULbyI0B6c.roa
Signing time: Tue 14 Jan 2025 10:43:11 +0000
ROA not before: Tue 14 Jan 2025 10:43:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 5.11.96.0/20 maxlen: 20
37.32.80.0/21 maxlen: 21
176.62.152.0/21 maxlen: 21
178.249.200.0/21 maxlen: 21
185.8.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:69:06:2b:b2:a2:af:a8:33:77:2b:f7:1f:73:35:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47406f4982b61824c8fd44b81ede0a99fc724e0
Validity
Not Before: Jan 14 10:43:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb339f0e7de76bfd07e0531802f50b6f223407a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:4e:27:24:62:bd:38:64:6f:b1:fd:3f:5f:
31:9d:1e:2b:da:c2:86:f4:2d:c4:d5:ea:85:99:df:
2a:fe:ea:98:6f:0d:be:89:09:c5:89:2a:97:37:34:
c9:58:62:39:26:b5:0f:92:48:95:3e:d5:da:9f:33:
cd:d4:a3:25:31:2d:b6:a8:b0:7c:89:08:b4:ec:dc:
69:a2:17:da:95:e0:14:6d:c3:91:55:4c:72:3a:7a:
97:67:88:98:ca:63:7b:00:b2:14:4e:16:23:17:0a:
d7:83:93:43:a6:bf:dd:fa:b7:b0:be:ac:74:4f:c0:
63:6f:fd:ba:fe:dd:3e:c5:d5:79:d6:b6:aa:70:86:
da:9b:cd:73:a9:1c:7c:2a:d5:23:0b:24:5d:04:3c:
d6:ae:1f:42:b4:11:39:c0:9a:63:82:a5:f9:67:85:
98:9c:76:ef:ef:43:d2:3b:01:99:9e:69:96:da:b9:
7e:fb:a9:8e:e5:43:c2:e5:be:70:6d:16:c5:21:ec:
32:1f:c9:05:82:72:8b:18:82:32:1a:ee:36:53:85:
39:a9:87:06:53:9e:e6:9a:7e:96:be:b2:e3:93:04:
34:6e:a2:50:eb:ac:ef:13:64:bb:6e:d5:3e:5c:f5:
5a:32:68:71:77:b1:df:a7:f9:97:2a:e0:67:e2:7e:
3b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:33:9F:0E:7D:E7:6B:FD:07:E0:53:18:02:F5:0B:6F:22:34:07:A7
X509v3 Authority Key Identifier:
keyid:E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/uzOfDn3na_0H4FMYAvULbyI0B6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.96.0/20
37.32.80.0/21
176.62.152.0/21
178.249.200.0/21
185.8.120.0/22
Signature Algorithm: sha256WithRSAEncryption
09:f0:be:18:61:10:32:21:21:53:a2:9e:84:67:b3:d6:f9:0a:
57:ea:e7:a0:82:d8:71:c8:02:ff:f4:1c:f9:2e:10:25:75:ba:
59:7a:e3:0f:dc:af:5b:b2:ca:4e:05:ea:7e:90:8b:d2:86:2b:
89:44:45:c2:ba:a0:30:d6:d1:9c:86:3f:19:16:9e:f4:18:18:
f9:b9:1a:39:75:b0:8f:5a:db:7c:2b:c2:1b:93:db:67:d0:91:
80:27:0a:67:2d:43:61:d6:dc:eb:36:cf:81:9e:c4:63:96:0e:
c0:b5:62:49:78:bb:a8:90:fa:c9:47:01:0e:ad:0e:d5:83:3d:
20:93:ba:29:e9:19:58:6b:d2:58:57:15:a2:38:10:74:76:40:
bd:f5:4c:7e:15:9e:d9:9b:e9:d0:98:1c:be:6a:a8:7e:36:e5:
0b:d1:ec:9d:15:65:d5:65:82:1b:72:4d:71:0a:d0:a9:85:06:
05:f9:d8:4e:39:3a:55:3a:db:84:7b:07:ff:d6:9c:4d:92:46:
5e:92:85:b9:4a:ba:49:d0:ac:11:e2:ea:08:0f:3a:fa:a9:57:
0a:1f:4d:0d:67:c2:43:1f:e4:a3:0b:52:61:0d:ef:8f:ef:83:
82:9d:29:9a:fe:e0:e1:b7:3e:0b:f7:ef:49:6f:19:10:57:06:
de:f1:b8:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRkaQYrsqKvqDN3K/cfczWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzQwNmY0OTgyYjYxODI0YzhmZDQ0YjgxZWRlMGE5OWZj
NzI0ZTAwHhcNMjUwMTE0MTA0MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjMzOWYwZTdkZTc2YmZkMDdlMDUzMTgwMmY1MGI2ZjIyMzQwN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspBOJyRivThkb7H9P18xnR4r2sKG
9C3E1eqFmd8q/uqYbw2+iQnFiSqXNzTJWGI5JrUPkkiVPtXanzPN1KMlMS22qLB8
iQi07NxpohfaleAUbcORVUxyOnqXZ4iYymN7ALIUThYjFwrXg5NDpr/d+rewvqx0
T8Bjb/26/t0+xdV51raqcIbam81zqRx8KtUjCyRdBDzWrh9CtBE5wJpjgqX5Z4WY
nHbv70PSOwGZnmmW2rl++6mO5UPC5b5wbRbFIewyH8kFgnKLGIIyGu42U4U5qYcG
U57mmn6WvrLjkwQ0bqJQ66zvE2S7btU+XPVaMmhxd7Hfp/mXKuBn4n47sQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLsznw5952v9B+BTGAL1C28iNAenMB8GA1UdIwQY
MBaAFOR0BvSYK2GCTI/US4Ht4KmfxyTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUt
NzExOGY4Mzg0Yzc3LzEvdXpPZkRuM25hXzBINEZNWUF2VUxieUkwQjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUtNzExOGY4Mzg0Yzc3
LzEvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBQtgAwQD
JSBQAwQDsD6YAwQDsvnIAwQCuQh4MA0GCSqGSIb3DQEBCwUAA4IBAQAJ8L4YYRAy
ISFTop6EZ7PW+QpX6ueggthxyAL/9Bz5LhAldbpZeuMP3K9bsspOBep+kIvShiuJ
REXCuqAw1tGchj8ZFp70GBj5uRo5dbCPWtt8K8Ibk9tn0JGAJwpnLUNh1tzrNs+B
nsRjlg7AtWJJeLuokPrJRwEOrQ7Vgz0gk7op6RlYa9JYVxWiOBB0dkC99Ux+FZ7Z
m+nQmBy+aqh+NuUL0eydFWXVZYIbck1xCtCphQYF+dhOOTpVOtuEewf/1pxNkkZe
koW5SrpJ0KwR4uoIDzr6qVcKH00NZ8JDH+SjC1JhDe+P74OCnSma/uDhtz4L9+9J
bxkQVwbe8bjd
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:26 2025 by rpki-client