Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UkCJUBRfKg-XNGe_PdI0KmPYvQU.roa
File: UkCJUBRfKg-XNGe_PdI0KmPYvQU.roa (raw, json)
Hash identifier: HGoeqjtXBxIazqsRaTJYDrRNsh1Wa10CRwtQX2M/Sts=
Subject key identifier: 52:40:89:50:14:5F:2A:0F:97:34:67:BF:3D:D2:34:2A:63:D8:BD:05
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D70A273302ED69D10D09BF6C2E8D43
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UkCJUBRfKg-XNGe_PdI0KmPYvQU.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 45.138.72.0/24 maxlen: 24
185.94.166.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0a:27:33:02:ed:69:d1:0d:09:bf:6c:2e:8d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52408950145f2a0f973467bf3dd2342a63d8bd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:4f:1e:aa:c0:0d:0d:4f:24:4f:24:aa:c5:
ad:fe:5d:4c:da:bd:8f:5f:61:c5:50:00:26:64:70:
40:c7:b5:c7:08:b7:6f:ed:25:c9:ef:e7:50:b8:b5:
46:aa:42:37:6f:27:db:0f:a1:63:94:1f:19:e9:12:
99:a3:ef:be:90:a7:5f:a8:15:39:6e:f4:c6:f8:21:
b0:6a:a0:91:91:08:c7:ca:c1:b0:c1:d8:5d:fb:2f:
0e:7b:bf:f3:28:68:cb:e0:cb:89:52:d1:48:00:e1:
98:f1:ba:ee:fe:b4:23:f0:16:50:89:1a:f8:d2:37:
6a:10:57:24:1a:80:30:4f:af:52:f8:24:91:cd:5a:
70:d6:4e:95:38:0a:03:88:8b:89:0f:c6:4a:86:82:
bb:9a:b3:7f:c0:d9:b6:6f:ec:1b:4b:b5:f4:8a:2b:
27:d2:27:92:54:37:4c:41:e8:43:6c:84:f0:e2:85:
fd:20:21:d6:54:e6:32:ce:4d:8a:06:eb:0b:c9:d5:
c5:47:59:7f:22:6d:5e:56:a6:19:e7:29:21:b3:ea:
2b:0f:96:4b:b1:3a:0b:9c:44:7c:72:72:86:cc:d7:
9c:d1:bc:0c:cb:2d:58:78:3a:07:3c:9e:96:1c:44:
0d:25:cd:9f:4f:de:6d:33:93:91:b5:b5:f0:8d:6b:
dc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:40:89:50:14:5F:2A:0F:97:34:67:BF:3D:D2:34:2A:63:D8:BD:05
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/UkCJUBRfKg-XNGe_PdI0KmPYvQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.72.0/24
185.94.166.0/24
185.125.51.0/24
185.172.130.0/23
Signature Algorithm: sha256WithRSAEncryption
09:cb:80:eb:43:63:9f:ed:b0:c7:87:4f:05:1c:66:c0:06:bb:
af:a2:70:b8:41:a9:dc:f5:fa:12:12:32:a2:e2:a6:f9:3b:e4:
d8:61:1c:e8:66:a1:fc:81:09:0d:6a:b0:60:81:29:54:fb:13:
16:99:dd:c0:e1:48:6a:b0:c4:d9:77:ab:c4:11:cc:96:40:e0:
7a:51:88:aa:3a:1f:e0:d4:81:79:67:88:80:f0:7d:33:53:44:
81:89:4f:ee:23:ad:dd:23:db:1d:e4:1c:35:35:28:84:0d:02:
76:b7:31:c5:6d:f0:ee:1a:36:8f:bd:98:9f:98:db:34:d4:b5:
ed:60:6c:bf:7f:9f:18:c3:c8:eb:e2:31:5f:65:06:d3:1d:3d:
6c:37:95:3b:42:3c:d6:15:fd:7e:39:9d:e5:88:9d:b3:68:c6:
c7:c6:45:5d:ec:18:b1:fc:1a:bd:48:30:34:f2:92:b3:1d:56:
ca:e9:1d:ea:b3:6c:0c:b2:db:88:e8:f2:af:ce:28:57:f1:bc:
44:8b:cd:f8:f4:60:04:fc:4b:1b:50:58:fe:dc:b7:90:36:81:
c7:76:54:a6:6a:b7:49:ab:52:94:c9:28:59:7c:0a:bc:18:80:
6d:0c:9f:6b:c5:53:d5:33:83:b6:75:78:76:2b:c3:63:42:0b:
ef:4e:b4:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1wonMwLtadENCb9sLo1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQwODk1MDE0NWYyYTBmOTczNDY3YmYzZGQyMzQyYTYzZDhiZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAollPHqrADQ1PJE8kqsWt/l1M2r2P
X2HFUAAmZHBAx7XHCLdv7SXJ7+dQuLVGqkI3byfbD6FjlB8Z6RKZo+++kKdfqBU5
bvTG+CGwaqCRkQjHysGwwdhd+y8Oe7/zKGjL4MuJUtFIAOGY8bru/rQj8BZQiRr4
0jdqEFckGoAwT69S+CSRzVpw1k6VOAoDiIuJD8ZKhoK7mrN/wNm2b+wbS7X0iisn
0ieSVDdMQehDbITw4oX9ICHWVOYyzk2KBusLydXFR1l/Im1eVqYZ5ykhs+orD5ZL
sToLnER8cnKGzNec0bwMyy1YeDoHPJ6WHEQNJc2fT95tM5ORtbXwjWvc7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFJAiVAUXyoPlzRnvz3SNCpj2L0FMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVWtDSlVCUmZLZy1YTkdlX1BkSTBLbVBZdlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYpIAwQA
uV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQAJy4DrQ2Of7bDHh08F
HGbABruvonC4Qanc9foSEjKi4qb5O+TYYRzoZqH8gQkNarBggSlU+xMWmd3A4Uhq
sMTZd6vEEcyWQOB6UYiqOh/g1IF5Z4iA8H0zU0SBiU/uI63dI9sd5Bw1NSiEDQJ2
tzHFbfDuGjaPvZifmNs01LXtYGy/f58Yw8jr4jFfZQbTHT1sN5U7QjzWFf1+OZ3l
iJ2zaMbHxkVd7Bix/Bq9SDA08pKzHVbK6R3qs2wMstuI6PKvzihX8bxEi8349GAE
/EsbUFj+3LeQNoHHdlSmardJq1KUyShZfAq8GIBtDJ9rxVPVM4O2dXh2K8NjQgvv
TrSi
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:18 2025 by rpki-client