Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/UZCoZ9iTJa-59E6kngXt58_J05Q.roa
File: UZCoZ9iTJa-59E6kngXt58_J05Q.roa (raw, json)
Hash identifier: QNHS2wovka4SERkdOx96Y02FR40SnWP2tzMWZeNDd1E=
Subject key identifier: 51:90:A8:67:D8:93:25:AF:B9:F4:4E:A4:9E:05:ED:E7:CF:C9:D3:94
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D765A3759105EC26CA68C9F82A52C2
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/UZCoZ9iTJa-59E6kngXt58_J05Q.roa
Signing time: Wed 01 Jan 2025 21:48:26 +0000
ROA not before: Wed 01 Jan 2025 21:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 5.1.65.0/24 maxlen: 24
94.247.44.0/24 maxlen: 24
178.251.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:65:a3:75:91:05:ec:26:ca:68:c9:f8:2a:52:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5190a867d89325afb9f44ea49e05ede7cfc9d394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ac:54:91:41:33:03:1c:6e:32:02:7a:65:15:
12:8b:30:ad:bc:91:0b:33:4b:61:9d:29:d4:59:16:
9e:ce:c1:87:95:a0:c4:99:d2:8a:71:f7:15:c4:b3:
02:7d:12:11:01:31:7f:93:dc:40:f3:33:34:3a:a0:
06:98:84:e0:8b:8a:81:2a:fd:20:72:f5:89:d4:b5:
de:4b:62:17:b4:fe:e7:df:5f:ef:8f:32:46:c1:7d:
f8:81:1e:58:a1:72:c7:c7:06:70:cf:10:a0:e4:67:
42:3a:12:ea:84:cd:2f:4a:ee:39:07:00:be:f5:5e:
4e:4c:df:38:c9:0e:98:9e:a1:b8:58:43:d8:d3:c3:
3e:82:e3:66:90:81:f7:69:82:ff:2d:ee:e0:8c:1d:
03:e7:e2:6f:05:51:db:70:e8:f0:98:1d:a3:b0:9c:
a9:1b:60:fa:06:0b:9b:34:76:67:e7:2e:8e:a6:94:
03:5b:5b:ef:74:b8:75:a5:e2:b0:fa:dd:39:ed:75:
57:e4:74:34:49:41:e7:f0:1b:f6:80:1f:d5:15:f4:
b3:aa:f6:97:7f:0f:10:90:c4:79:4e:81:1b:ad:83:
01:a9:45:c1:c0:3b:f8:0a:63:cb:56:c0:cb:53:33:
a8:39:2c:83:9e:f2:80:df:ea:c9:11:fb:16:c1:6a:
c6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:90:A8:67:D8:93:25:AF:B9:F4:4E:A4:9E:05:ED:E7:CF:C9:D3:94
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/UZCoZ9iTJa-59E6kngXt58_J05Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.65.0/24
94.247.44.0/24
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
51:be:90:27:45:7c:2b:6f:72:d7:8e:3e:b7:04:3c:13:16:59:
d8:54:13:3a:5f:48:ef:f9:f9:1a:c8:31:ac:9e:f5:c1:29:30:
d6:9a:42:32:86:70:22:fa:98:19:1a:10:21:2d:d2:32:8e:8c:
ef:bd:af:50:22:d9:15:a3:05:e7:a4:94:1e:62:6b:09:84:29:
34:ba:19:e1:a8:ea:eb:7e:ec:96:ee:cd:5d:65:73:4b:7b:ad:
e0:64:88:33:29:5d:d7:3d:dc:16:d7:f3:72:da:4f:d3:34:87:
47:6e:cc:33:9b:b5:12:f1:21:d1:9d:c4:41:f2:cf:da:e4:29:
ec:9a:ed:e0:2d:9c:9f:6b:60:38:99:9b:a0:f6:d9:53:9e:f8:
91:d5:98:07:2f:51:73:57:b1:92:1b:0a:4e:ec:7b:28:3f:aa:
29:2b:c3:15:2f:46:f3:8e:a0:f8:f2:c6:39:f5:12:ae:94:af:
3c:3e:84:ab:e2:58:70:3d:69:b3:23:b2:fb:16:5d:48:54:eb:
85:0e:f7:ae:73:cd:6c:eb:95:ea:75:1e:c6:cd:0e:23:22:b1:
78:1b:92:6a:45:5d:b2:5d:6c:5f:f3:38:a6:f3:81:ef:0e:e2:
d6:d6:04:71:3e:04:d0:a5:fd:4d:1f:d7:fe:31:74:08:f0:be:
0d:52:4a:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj12WjdZEF7CbKaMn4KlLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkwYTg2N2Q4OTMyNWFmYjlmNDRlYTQ5ZTA1ZWRlN2NmYzlkMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKxUkUEzAxxuMgJ6ZRUSizCtvJEL
M0thnSnUWRaezsGHlaDEmdKKcfcVxLMCfRIRATF/k9xA8zM0OqAGmITgi4qBKv0g
cvWJ1LXeS2IXtP7n31/vjzJGwX34gR5YoXLHxwZwzxCg5GdCOhLqhM0vSu45BwC+
9V5OTN84yQ6YnqG4WEPY08M+guNmkIH3aYL/Le7gjB0D5+JvBVHbcOjwmB2jsJyp
G2D6BgubNHZn5y6OppQDW1vvdLh1peKw+t057XVX5HQ0SUHn8Bv2gB/VFfSzqvaX
fw8QkMR5ToEbrYMBqUXBwDv4CmPLVsDLUzOoOSyDnvKA3+rJEfsWwWrGYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFGQqGfYkyWvufROpJ4F7efPydOUMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvVVpDb1o5aVRKYS01OUU2a25nWHQ1OF9KMDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQFBAwQA
XvcsAwQAsvvnMA0GCSqGSIb3DQEBCwUAA4IBAQBRvpAnRXwrb3LXjj63BDwTFlnY
VBM6X0jv+fkayDGsnvXBKTDWmkIyhnAi+pgZGhAhLdIyjozvva9QItkVowXnpJQe
YmsJhCk0uhnhqOrrfuyW7s1dZXNLe63gZIgzKV3XPdwW1/Ny2k/TNIdHbswzm7US
8SHRncRB8s/a5Cnsmu3gLZyfa2A4mZug9tlTnviR1ZgHL1FzV7GSGwpO7HsoP6op
K8MVL0bzjqD48sY59RKulK88PoSr4lhwPWmzI7L7Fl1IVOuFDveuc81s65XqdR7G
zQ4jIrF4G5JqRV2yXWxf8zim84HvDuLW1gRxPgTQpf1NH9f+MXQI8L4NUkr3
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:12:45 2025 by rpki-client