Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/2U0FmiNPuRsirMYN3FGklZxDD9Q.roa
File: 2U0FmiNPuRsirMYN3FGklZxDD9Q.roa (raw, json)
Hash identifier: eQCdTyNKllRfFUhh8G66WPNPQZuFFFeE0Jbe10gfxJs=
Subject key identifier: D9:4D:05:9A:23:4F:B9:1B:22:AC:C6:0D:DC:51:A4:95:9C:43:0F:D4
Certificate issuer: /CN=5ff9f4ecc5d050762c55698440f85ea96f7330f2
Certificate serial: 019426D95F4C31620A7F07F1D2F8C6687F92
Authority key identifier: 5F:F9:F4:EC:C5:D0:50:76:2C:55:69:84:40:F8:5E:A9:6F:73:30:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_n07MXQUHYsVWmEQPheqW9zMPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/2U0FmiNPuRsirMYN3FGklZxDD9Q.roa
Signing time: Thu 02 Jan 2025 11:49:27 +0000
ROA not before: Thu 02 Jan 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60989
IP address blocks: 5.181.192.0/22 maxlen: 24
185.21.248.0/22 maxlen: 24
2a04:1d80::/29 maxlen: 32
2a0e:1000::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5f:4c:31:62:0a:7f:07:f1:d2:f8:c6:68:7f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff9f4ecc5d050762c55698440f85ea96f7330f2
Validity
Not Before: Jan 2 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d94d059a234fb91b22acc60ddc51a4959c430fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:86:af:aa:ca:0f:8c:77:68:d7:ac:2c:ad:5f:
32:92:8a:84:63:5c:e1:23:f8:c4:09:24:0d:ce:fe:
37:7e:f9:9d:da:22:41:34:63:46:65:65:b6:32:f0:
23:89:49:95:d6:ad:4a:e9:c6:93:36:20:d2:ed:52:
aa:8c:2f:09:34:6e:dd:ea:6e:f9:25:72:f7:92:4a:
22:06:95:a1:f2:63:1e:d4:76:2d:85:31:ce:d5:ec:
0a:e2:3d:36:fe:82:e9:00:60:4b:0a:af:75:6c:bc:
ba:20:73:db:dc:32:8a:41:4b:8d:a1:b9:5b:a6:dc:
6a:48:58:ce:3e:62:9b:e6:42:58:f1:aa:98:31:4e:
97:4e:2e:2f:0d:29:aa:39:b0:e7:8f:a2:df:38:a9:
5a:59:c7:70:53:36:2f:ee:0e:34:6d:74:2f:62:48:
86:b3:2a:95:d1:ee:f5:73:5c:3d:56:f0:4c:0e:24:
34:c1:4c:4b:8a:57:c6:b1:51:9c:15:21:81:ec:34:
87:85:02:47:f3:c0:df:a5:4c:22:58:b1:5b:5c:59:
18:63:6c:9b:3f:2a:8c:1a:77:65:1f:98:82:81:e6:
9b:c4:60:c4:8b:bf:ad:04:44:32:d7:82:6f:ce:a0:
7f:88:24:2e:4e:6b:6d:da:fd:ad:8b:f2:be:27:f5:
0f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4D:05:9A:23:4F:B9:1B:22:AC:C6:0D:DC:51:A4:95:9C:43:0F:D4
X509v3 Authority Key Identifier:
keyid:5F:F9:F4:EC:C5:D0:50:76:2C:55:69:84:40:F8:5E:A9:6F:73:30:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_n07MXQUHYsVWmEQPheqW9zMPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/2U0FmiNPuRsirMYN3FGklZxDD9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/X_n07MXQUHYsVWmEQPheqW9zMPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.192.0/22
185.21.248.0/22
IPv6:
2a04:1d80::/29
2a0e:1000::/29
Signature Algorithm: sha256WithRSAEncryption
8e:a6:4e:c2:84:09:5d:b8:02:df:53:b9:09:59:3f:f3:f3:f3:
d5:76:0c:d7:c8:68:6c:7e:fc:11:47:fc:74:7b:cf:83:01:8a:
c8:ef:97:e8:17:d9:f5:36:8c:ab:49:b3:f2:1c:c8:2b:bd:f3:
e4:99:80:a2:0b:88:e6:f6:27:fa:d6:11:0e:30:54:37:53:c6:
7f:06:a2:91:8e:7f:07:30:90:49:08:ef:09:ca:51:ba:35:9a:
32:c5:2a:0f:7a:38:35:fb:4f:67:8c:1f:8d:ce:e8:33:1b:21:
e1:cc:3a:a0:8b:44:10:3e:84:c2:58:9f:83:a1:d8:e7:e8:12:
cd:38:1d:fb:23:fd:9d:a5:80:3c:51:10:4f:15:ec:8e:80:81:
d5:9c:2f:b5:19:09:f1:34:c4:52:12:c4:96:c6:ee:f4:57:0d:
ae:3e:9e:f0:77:36:14:11:dc:e2:cc:a0:87:c1:49:aa:f3:06:
c4:80:20:bb:3c:80:da:01:7f:35:f7:a8:3e:41:7f:a9:ba:44:
44:92:dc:84:49:35:8b:78:3e:9d:a6:56:b4:e1:fc:be:70:65:
72:a0:22:ba:e8:09:6b:45:fa:be:b1:a4:95:6a:44:a3:ff:0d:
c7:19:35:3b:d0:81:11:c3:f5:f6:ef:66:12:b2:45:e2:e0:05:
0e:7e:2f:12
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2V9MMWIKfwfx0vjGaH+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjlmNGVjYzVkMDUwNzYyYzU1Njk4NDQwZjg1ZWE5NmY3
MzMwZjIwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRkMDU5YTIzNGZiOTFiMjJhY2M2MGRkYzUxYTQ5NTljNDMwZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YavqsoPjHdo16wsrV8ykoqEY1zh
I/jECSQNzv43fvmd2iJBNGNGZWW2MvAjiUmV1q1K6caTNiDS7VKqjC8JNG7d6m75
JXL3kkoiBpWh8mMe1HYthTHO1ewK4j02/oLpAGBLCq91bLy6IHPb3DKKQUuNoblb
ptxqSFjOPmKb5kJY8aqYMU6XTi4vDSmqObDnj6LfOKlaWcdwUzYv7g40bXQvYkiG
syqV0e71c1w9VvBMDiQ0wUxLilfGsVGcFSGB7DSHhQJH88DfpUwiWLFbXFkYY2yb
PyqMGndlH5iCgeabxGDEi7+tBEQy14JvzqB/iCQuTmtt2v2ti/K+J/UPPwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNlNBZojT7kbIqzGDdxRpJWcQw/UMB8GA1UdIwQY
MBaAFF/59OzF0FB2LFVphED4XqlvczDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9uMDdNWFFVSFlzVldtRVFQaGVxVzl6TVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83N2M2NjAtZjgyYy00MTA2LWFiYzkt
NGMxZTQ5ZWM4ZjE2LzEvMlUwRm1pTlB1UnNpck1ZTjNGR2tsWnhERDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83N2M2NjAtZjgyYy00MTA2LWFiYzktNGMxZTQ5ZWM4ZjE2
LzEvWF9uMDdNWFFVSFlzVldtRVFQaGVxVzl6TVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCBbXAAwQC
uRX4MBQEAgACMA4DBQMqBB2AAwUDKg4QADANBgkqhkiG9w0BAQsFAAOCAQEAjqZO
woQJXbgC31O5CVk/8/Pz1XYM18hobH78EUf8dHvPgwGKyO+X6BfZ9TaMq0mz8hzI
K73z5JmAoguI5vYn+tYRDjBUN1PGfwaikY5/BzCQSQjvCcpRujWaMsUqD3o4NftP
Z4wfjc7oMxsh4cw6oItEED6Ewlifg6HY5+gSzTgd+yP9naWAPFEQTxXsjoCB1Zwv
tRkJ8TTEUhLElsbu9FcNrj6e8Hc2FBHc4sygh8FJqvMGxIAguzyA2gF/NfeoPkF/
qbpERJLchEk1i3g+naZWtOH8vnBlcqAiuugJa0X6vrGklWpEo/8Nxxk1O9CBEcP1
9u9mErJF4uAFDn4vEg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:09:50 2025 by rpki-client