Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/UTTH-IaK-KygVMC3443mlQMx1tE.roa
File: UTTH-IaK-KygVMC3443mlQMx1tE.roa (raw, json)
Hash identifier: KaccohMbQWCa0xUtmGU3VvPQYUMzJjUZd1bKqbI3gbU=
Subject key identifier: 51:34:C7:F8:86:8A:F8:AC:A0:54:C0:B7:E3:8D:E6:95:03:31:D6:D1
Certificate issuer: /CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Certificate serial: 01941FFA0732B2E3E9BC5CA0CF4041DB8233
Authority key identifier: BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/UTTH-IaK-KygVMC3443mlQMx1tE.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39571
IP address blocks: 89.235.64.0/22 maxlen: 22
89.235.64.0/24 maxlen: 24
89.235.65.0/24 maxlen: 24
89.235.66.0/24 maxlen: 24
89.235.67.0/24 maxlen: 24
185.135.28.0/22 maxlen: 22
185.135.28.0/24 maxlen: 24
185.135.29.0/24 maxlen: 24
185.135.30.0/24 maxlen: 24
185.135.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:07:32:b2:e3:e9:bc:5c:a0:cf:40:41:db:82:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5134c7f8868af8aca054c0b7e38de6950331d6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:40:1a:46:e6:ee:ee:0d:ac:db:56:50:b4:11:
f6:61:fe:9f:9f:41:1a:3d:63:e6:03:25:75:80:7b:
74:3b:ac:50:97:f1:41:29:72:7b:f7:d8:8e:f4:1a:
84:90:0f:36:3c:9a:6b:b0:1c:81:c1:7a:04:24:b8:
5d:dc:28:b9:51:04:c6:d0:ec:63:9a:b0:76:ee:f4:
91:0c:e3:82:3b:c4:79:50:a9:93:d1:e1:92:b4:ad:
1a:41:75:b8:66:9a:30:eb:fe:89:37:06:fc:33:27:
72:d5:bd:e6:64:59:87:90:a8:c6:9d:d6:84:89:54:
10:0c:9a:0c:63:71:f7:3d:9b:87:bf:7e:ee:77:84:
11:51:f3:06:b3:a4:80:52:1c:89:83:37:28:71:ff:
bb:a4:14:a2:b4:b5:3b:c3:7d:2c:dd:ca:39:f8:da:
57:79:17:8c:4a:a8:6d:aa:7a:e7:0c:2e:dc:24:16:
c5:57:f5:3a:bf:59:41:87:b4:2a:fa:13:db:e4:db:
f9:b4:11:2b:0c:67:cc:30:ea:26:f2:78:41:40:ea:
08:c0:7f:f2:59:b5:72:ec:a2:5a:fe:35:0a:02:6c:
98:18:94:6e:2e:58:72:97:90:d6:0f:b6:61:33:06:
6c:d2:6e:0c:a1:64:a0:c4:9b:b1:1e:fe:9c:53:0c:
7e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:34:C7:F8:86:8A:F8:AC:A0:54:C0:B7:E3:8D:E6:95:03:31:D6:D1
X509v3 Authority Key Identifier:
keyid:BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/UTTH-IaK-KygVMC3443mlQMx1tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.235.64.0/22
185.135.28.0/22
Signature Algorithm: sha256WithRSAEncryption
51:80:9a:e3:13:1c:46:0f:7b:20:50:25:0f:14:2a:1c:a4:ea:
41:da:2b:89:46:5f:cb:c4:d7:68:5f:9d:92:c6:d7:a6:56:b3:
d3:bf:66:6e:d1:03:b3:e4:42:e9:0d:14:1d:ae:8f:ce:67:31:
cc:d4:18:0b:ad:d9:5a:b2:75:a0:ef:19:b7:5a:b5:a6:ef:73:
a6:9a:a1:e6:a8:cb:2f:07:50:a1:f3:23:91:87:71:c7:36:65:
a4:32:93:41:2b:da:be:71:6a:d8:41:8e:7b:db:d6:8f:b9:1d:
09:dc:f4:03:d2:61:dd:92:56:b8:27:3e:af:46:c0:5c:18:d6:
4f:8d:9c:9a:82:4c:49:ff:4b:d4:c0:b4:6f:df:b3:67:38:d7:
b0:e9:58:12:2f:92:62:88:47:ce:b5:ee:5d:62:c6:cd:fc:3f:
12:65:7d:66:ef:69:be:b1:5c:8f:4c:03:f8:41:ca:82:b6:97:
69:75:08:5a:92:4d:4d:61:be:62:08:9c:78:5a:6b:7e:11:12:
b9:18:c7:41:99:6e:a6:ab:87:98:f6:dd:f1:52:48:be:d9:e2:
50:ab:d2:53:4e:d1:de:3f:27:8f:56:1d:b4:40:2b:47:ae:df:
04:6d:eb:52:27:3d:fc:c6:f8:aa:e6:ca:ac:cc:aa:57:d7:e2:
2b:9a:d9:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+gcysuPpvFygz0BB24IzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWYxNTliYWI4MzY2MWZkOTNlYWQ0MzBjM2JkYjFlYWE3
ZWFmMDgwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM0YzdmODg2OGFmOGFjYTA1NGMwYjdlMzhkZTY5NTAzMzFkNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UAaRubu7g2s21ZQtBH2Yf6fn0Ea
PWPmAyV1gHt0O6xQl/FBKXJ799iO9BqEkA82PJprsByBwXoEJLhd3Ci5UQTG0Oxj
mrB27vSRDOOCO8R5UKmT0eGStK0aQXW4Zpow6/6JNwb8Mydy1b3mZFmHkKjGndaE
iVQQDJoMY3H3PZuHv37ud4QRUfMGs6SAUhyJgzcocf+7pBSitLU7w30s3co5+NpX
eReMSqhtqnrnDC7cJBbFV/U6v1lBh7Qq+hPb5Nv5tBErDGfMMOom8nhBQOoIwH/y
WbVy7KJa/jUKAmyYGJRuLlhyl5DWD7ZhMwZs0m4MoWSgxJuxHv6cUwx+7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFE0x/iGivisoFTAt+ON5pUDMdbRMB8GA1UdIwQY
MBaAFL6fFZurg2Yf2T6tQww72x6qfq8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMt
MjhkODI0OGI1YjYxLzEvVVRUSC1JYUstS3lnVk1DMzQ0M21sUU14MXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMtMjhkODI0OGI1YjYx
LzEvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWetAAwQC
uYccMA0GCSqGSIb3DQEBCwUAA4IBAQBRgJrjExxGD3sgUCUPFCocpOpB2iuJRl/L
xNdoX52SxtemVrPTv2Zu0QOz5ELpDRQdro/OZzHM1BgLrdlasnWg7xm3WrWm73Om
mqHmqMsvB1Ch8yORh3HHNmWkMpNBK9q+cWrYQY5729aPuR0J3PQD0mHdkla4Jz6v
RsBcGNZPjZyagkxJ/0vUwLRv37NnONew6VgSL5JiiEfOte5dYsbN/D8SZX1m72m+
sVyPTAP4QcqCtpdpdQhakk1NYb5iCJx4Wmt+ERK5GMdBmW6mq4eY9t3xUki+2eJQ
q9JTTtHePyePVh20QCtHrt8EbetSJz38xviq5sqszKpX1+IrmtnG
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:19:39 2025 by rpki-client