Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/uW_HHeG5ibj4gBvlLnjeIIuuYg4.roa
File: uW_HHeG5ibj4gBvlLnjeIIuuYg4.roa (raw, json)
Hash identifier: cEM1jH3XWHH+prqVsKrAdHDeKJ63pn+aJymmGDWSWfM=
Subject key identifier: B9:6F:C7:1D:E1:B9:89:B8:F8:80:1B:E5:2E:78:DE:20:8B:AE:62:0E
Certificate issuer: /CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Certificate serial: 019421B1A2B25C795B073C8D3DA5AB9D4F0A
Authority key identifier: CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/uW_HHeG5ibj4gBvlLnjeIIuuYg4.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 5.80.0.0/15 maxlen: 15
5.81.0.0/16 maxlen: 16
31.48.0.0/13 maxlen: 13
86.128.0.0/10 maxlen: 10
86.128.0.0/11 maxlen: 11
86.128.0.0/12 maxlen: 12
109.144.0.0/12 maxlen: 12
194.79.48.0/22 maxlen: 22
195.171.0.0/16 maxlen: 16
213.120.0.0/14 maxlen: 14
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a2:b2:5c:79:5b:07:3c:8d:3d:a5:ab:9d:4f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b96fc71de1b989b8f8801be52e78de208bae620e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:00:79:f9:e0:b1:76:34:f8:66:79:12:8f:86:
8d:6c:f1:a4:1f:2a:c3:8b:50:e2:67:aa:ca:40:f7:
da:1b:0d:6c:14:3d:7b:e3:f4:0d:7f:5a:59:a0:67:
7a:f0:fc:d8:35:ec:4b:9a:3f:69:63:b5:95:0f:b9:
cb:71:32:37:3c:c9:2b:ed:2e:78:f2:06:c3:bd:21:
e4:59:7d:56:44:ec:a1:77:b4:80:9d:e7:68:d2:46:
26:1c:44:88:3c:0e:e3:c8:cf:85:d5:0e:9f:bf:3a:
73:df:e2:4c:2b:a1:7e:e8:55:97:2d:40:19:b1:b4:
e0:fe:25:f7:94:9b:17:01:92:4e:0d:e0:81:10:fb:
79:d7:db:f8:e4:39:91:4d:36:30:f8:ee:f9:d7:f8:
b7:42:25:48:a2:1b:ee:72:44:66:18:e6:3b:be:76:
96:fa:93:57:9e:69:9a:d9:ec:a4:12:e3:01:38:d9:
60:d9:6e:cc:9e:1d:71:7e:a2:37:25:6e:76:47:6d:
43:45:7a:a4:24:f9:0c:fe:b5:b7:71:ca:e5:44:6c:
5b:90:67:f1:4f:93:aa:d2:93:4d:e3:0f:a6:c6:0e:
ae:9d:54:87:cc:bc:f0:a3:c0:97:03:91:6e:f9:fd:
90:80:4d:9f:e8:5f:e2:33:86:21:51:0c:63:0d:53:
fc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6F:C7:1D:E1:B9:89:B8:F8:80:1B:E5:2E:78:DE:20:8B:AE:62:0E
X509v3 Authority Key Identifier:
keyid:CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/uW_HHeG5ibj4gBvlLnjeIIuuYg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.80.0.0/15
31.48.0.0/13
86.128.0.0/10
109.144.0.0/12
194.79.48.0/22
195.171.0.0/16
213.120.0.0/14
Signature Algorithm: sha256WithRSAEncryption
16:a4:89:f0:19:08:80:a7:28:52:80:ec:e7:46:be:2e:74:66:
9d:12:37:a6:74:36:ec:b0:dc:43:f4:9a:8a:df:ff:a3:f3:24:
ef:c1:2f:80:8e:62:ef:10:0a:3f:9b:62:3b:4a:1b:e7:2f:13:
3c:8b:c9:fd:05:14:5a:d0:4f:4a:bf:60:b4:39:01:30:e9:95:
c2:49:64:86:a0:3d:04:fa:30:3d:74:1a:15:b7:a7:f8:e7:05:
6b:dc:ed:05:35:74:36:ec:e6:95:24:60:ef:e6:9a:5e:0b:0b:
1e:40:0c:fe:69:e7:d6:f9:74:bf:62:71:40:13:b5:96:19:36:
c6:13:f5:e9:4b:8c:1d:63:8a:d7:ee:78:6a:18:37:23:7b:38:
ba:a0:4b:46:9f:6e:b5:1b:2a:7c:df:df:00:db:10:02:ed:e8:
a1:81:18:ca:60:bf:ca:4a:5a:5a:01:2c:2f:20:14:04:a9:91:
4a:6c:cc:59:65:28:f3:7f:e4:f7:22:33:4e:e2:f2:c0:bd:41:
e5:30:33:ff:a6:c6:e9:0f:41:d2:a6:82:fe:e6:a6:30:f6:38:
c5:7b:53:72:e6:62:15:5c:c1:32:5b:37:6f:c3:08:8a:0d:6b:
42:5a:e0:91:37:5f:19:eb:16:24:2a:11:b9:e8:60:d8:8b:80:
fa:af:65:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhsaKyXHlbBzyNPaWrnU8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDZlMTYxZGNmYjdiNzI3NzUxNDlkNDM1Yjc5YmE5ZDU2
ZDE0MTcwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZmYzcxZGUxYjk4OWI4Zjg4MDFiZTUyZTc4ZGUyMDhiYWU2MjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gB5+eCxdjT4ZnkSj4aNbPGkHyrD
i1DiZ6rKQPfaGw1sFD174/QNf1pZoGd68PzYNexLmj9pY7WVD7nLcTI3PMkr7S54
8gbDvSHkWX1WROyhd7SAnedo0kYmHESIPA7jyM+F1Q6fvzpz3+JMK6F+6FWXLUAZ
sbTg/iX3lJsXAZJODeCBEPt519v45DmRTTYw+O751/i3QiVIohvuckRmGOY7vnaW
+pNXnmma2eykEuMBONlg2W7Mnh1xfqI3JW52R21DRXqkJPkM/rW3ccrlRGxbkGfx
T5Oq0pNN4w+mxg6unVSHzLzwo8CXA5Fu+f2QgE2f6F/iM4YhUQxjDVP8lQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLlvxx3huYm4+IAb5S543iCLrmIOMB8GA1UdIwQY
MBaAFM/W4WHc+3tyd1FJ1DW3m6nVbRQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYt
MjIzNzQyZWU0Mzc1LzEvdVdfSEhlRzVpYmo0Z0J2bExuamVJSXV1WWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYtMjIzNzQyZWU0Mzc1
LzEvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwMBBVADAwMf
MAMDBlaAAwMEbZADBALCTzADAwDDqwMDAtV4MA0GCSqGSIb3DQEBCwUAA4IBAQAW
pInwGQiApyhSgOznRr4udGadEjemdDbssNxD9JqK3/+j8yTvwS+AjmLvEAo/m2I7
ShvnLxM8i8n9BRRa0E9Kv2C0OQEw6ZXCSWSGoD0E+jA9dBoVt6f45wVr3O0FNXQ2
7OaVJGDv5ppeCwseQAz+aefW+XS/YnFAE7WWGTbGE/XpS4wdY4rX7nhqGDcjezi6
oEtGn261Gyp8398A2xAC7eihgRjKYL/KSlpaASwvIBQEqZFKbMxZZSjzf+T3IjNO
4vLAvUHlMDP/psbpD0HSpoL+5qYw9jjFe1Ny5mIVXMEyWzdvwwiKDWtCWuCRN18Z
6xYkKhG56GDYi4D6r2VM
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:04:15 2025 by rpki-client