Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/UqGmWpGtflaEJvCw0bHQvmEnA74.roa
File: UqGmWpGtflaEJvCw0bHQvmEnA74.roa (raw, json)
Hash identifier: EKIY9C4V0PmpfSkXvjVMr8vcUWFSLcsQTMlkDeIRJyU=
Subject key identifier: 52:A1:A6:5A:91:AD:7E:56:84:26:F0:B0:D1:B1:D0:BE:61:27:03:BE
Certificate issuer: /CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Certificate serial: 01942143C1CA636AF2E2F46D8D8CFA33F25A
Authority key identifier: 4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/UqGmWpGtflaEJvCw0bHQvmEnA74.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21263
IP address blocks: 5.154.226.0/23 maxlen: 24
5.154.230.0/23 maxlen: 24
128.0.35.0/24 maxlen: 24
178.157.80.0/23 maxlen: 24
178.157.83.0/24 maxlen: 24
185.4.232.0/22 maxlen: 24
185.68.188.0/24 maxlen: 24
185.124.220.0/22 maxlen: 24
188.119.150.0/23 maxlen: 23
188.119.152.0/24 maxlen: 24
217.73.152.0/21 maxlen: 24
2a05:7ac0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c1:ca:63:6a:f2:e2:f4:6d:8d:8c:fa:33:f2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f3bf7ac28e830656cf6e999c4993ba76cb1a98a
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52a1a65a91ad7e568426f0b0d1b1d0be612703be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ff:7f:32:f0:2e:38:e7:f8:0b:16:fb:40:b8:
bd:da:db:02:fe:9b:c0:6b:06:c4:a0:e9:ef:8f:96:
5c:49:fb:af:fe:45:f5:a1:bb:6a:cb:97:f3:1b:12:
1d:09:59:ca:af:91:48:6c:ff:32:e0:29:d7:6c:79:
43:49:a6:57:44:97:de:a7:b0:63:2c:f3:d8:90:8f:
00:41:ce:b0:e1:01:32:04:2e:c4:16:63:94:d4:17:
f1:65:4e:58:88:20:aa:38:99:b3:04:55:c7:be:82:
11:37:09:23:88:c5:83:f7:09:c5:1d:b7:5b:64:71:
6a:d5:4f:55:17:ad:36:b3:22:cb:68:d5:9b:f7:76:
4e:a7:d5:1b:9b:94:d7:30:af:86:29:32:ec:dc:5b:
45:75:4f:a1:1b:f8:f9:41:d9:03:6a:84:4f:08:f6:
df:9b:f9:ac:ae:bd:3c:32:76:5a:b4:1b:91:9e:d9:
77:bb:00:ad:5d:cf:c6:7d:dd:4f:52:ad:64:3b:d5:
d5:b1:40:29:c5:81:1d:a2:51:1f:fb:b8:0f:17:cd:
00:f0:51:51:1e:2d:ec:50:2c:5a:d5:a8:d7:02:c0:
af:b5:3e:08:8a:ed:1c:b8:9b:ae:b7:b8:62:0c:c1:
26:49:cc:d5:94:f7:4e:cc:f3:b6:5b:92:e2:57:7c:
10:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A1:A6:5A:91:AD:7E:56:84:26:F0:B0:D1:B1:D0:BE:61:27:03:BE
X509v3 Authority Key Identifier:
keyid:4F:3B:F7:AC:28:E8:30:65:6C:F6:E9:99:C4:99:3B:A7:6C:B1:A9:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tzv3rCjoMGVs9umZxJk7p2yxqYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/UqGmWpGtflaEJvCw0bHQvmEnA74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bbd64b-ebb8-46d8-b4e3-62eafed5922e/1/Tzv3rCjoMGVs9umZxJk7p2yxqYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.226.0/23
5.154.230.0/23
128.0.35.0/24
178.157.80.0/23
178.157.83.0/24
185.4.232.0/22
185.68.188.0/24
185.124.220.0/22
188.119.150.0-188.119.152.255
217.73.152.0/21
IPv6:
2a05:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:35:37:7b:eb:5a:a6:26:36:a6:69:ee:40:86:37:f7:d7:2b:
24:34:53:3e:65:15:e1:01:b6:2f:1c:c8:5c:5f:6c:ff:df:96:
26:2d:9f:1e:7a:98:4d:ee:9e:cc:12:32:98:2f:af:a3:5e:13:
ce:6b:05:83:66:64:ba:67:77:45:02:a3:27:98:e5:b5:e4:a6:
c3:c8:9a:c7:92:61:d9:7a:d1:aa:e3:d9:42:50:08:01:6f:75:
c7:e4:2f:0e:16:e1:4e:7b:24:21:21:35:ba:88:3a:c4:f9:0e:
e6:08:fe:b0:18:c7:e6:85:7b:3e:c4:52:af:bd:c7:8f:48:5f:
38:9d:9a:39:36:02:62:34:48:c0:37:f9:8c:06:01:4c:56:96:
83:ae:65:a9:65:d7:7e:61:26:f6:b5:3b:7f:a4:7c:17:ec:cd:
f0:78:54:68:42:6c:b1:3b:a3:02:8f:52:b9:d3:32:ea:90:ff:
b6:c2:a0:6f:f3:cd:81:0e:85:b0:06:07:04:85:08:ca:21:1b:
11:94:25:e1:7a:44:0b:22:9c:01:64:e2:f6:c3:9c:cc:cc:42:
06:c1:82:db:81:39:fa:82:89:4d:d3:3b:85:89:6c:03:4e:56:
9d:55:d9:f9:70:bb:7a:e8:a9:2f:4b:88:70:e6:96:19:ab:b0:
67:31:12:56
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQhQ8HKY2ry4vRtjYz6M/JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmM2JmN2FjMjhlODMwNjU2Y2Y2ZTk5OWM0OTkzYmE3NmNi
MWE5OGEwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmExYTY1YTkxYWQ3ZTU2ODQyNmYwYjBkMWIxZDBiZTYxMjcwM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP9/MvAuOOf4Cxb7QLi92tsC/pvA
awbEoOnvj5ZcSfuv/kX1obtqy5fzGxIdCVnKr5FIbP8y4CnXbHlDSaZXRJfep7Bj
LPPYkI8AQc6w4QEyBC7EFmOU1BfxZU5YiCCqOJmzBFXHvoIRNwkjiMWD9wnFHbdb
ZHFq1U9VF602syLLaNWb93ZOp9Ubm5TXMK+GKTLs3FtFdU+hG/j5QdkDaoRPCPbf
m/msrr08MnZatBuRntl3uwCtXc/Gfd1PUq1kO9XVsUApxYEdolEf+7gPF80A8FFR
Hi3sUCxa1ajXAsCvtT4Iiu0cuJuut7hiDMEmSczVlPdOzPO2W5LiV3wQNQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFFKhplqRrX5WhCbwsNGx0L5hJwO+MB8GA1UdIwQY
MBaAFE8796wo6DBlbPbpmcSZO6dssamKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHp2M3JDam9NR1ZzOXVtWnhKazdwMnl4cVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iYmQ2NGItZWJiOC00NmQ4LWI0ZTMt
NjJlYWZlZDU5MjJlLzEvVXFHbVdwR3RmbGFFSnZDdzBiSFF2bUVuQTc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9iYmQ2NGItZWJiOC00NmQ4LWI0ZTMtNjJlYWZlZDU5MjJl
LzEvVHp2M3JDam9NR1ZzOXVtWnhKazdwMnl4cVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQBBZriAwQB
BZrmAwQAgAAjAwQBsp1QAwQAsp1TAwQCuQToAwQAuUS8AwQCuXzcMAwDBAG8d5YD
BAC8d5gDBAPZSZgwDQQCAAIwBwMFAyoFesAwDQYJKoZIhvcNAQELBQADggEBAF01
N3vrWqYmNqZp7kCGN/fXKyQ0Uz5lFeEBti8cyFxfbP/fliYtnx56mE3unswSMpgv
r6NeE85rBYNmZLpnd0UCoyeY5bXkpsPImseSYdl60arj2UJQCAFvdcfkLw4W4U57
JCEhNbqIOsT5DuYI/rAYx+aFez7EUq+9x49IXzidmjk2AmI0SMA3+YwGAUxWloOu
Zall135hJva1O3+kfBfszfB4VGhCbLE7owKPUrnTMuqQ/7bCoG/zzYEOhbAGBwSF
CMohGxGUJeF6RAsinAFk4vbDnMzMQgbBgtuBOfqCiU3TO4WJbANOVp1V2flwu3ro
qS9LiHDmlhmrsGcxElY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:09:50 2025 by rpki-client