Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UiMHpG3F0qifBss8b-lL14gqgp4.roa
File: UiMHpG3F0qifBss8b-lL14gqgp4.roa (raw, json)
Hash identifier: 6n1U3gRG24tH5lfcwElbSeMOVQPUQCsoOkgolvzcx3A=
Subject key identifier: 52:23:07:A4:6D:C5:D2:A8:9F:06:CB:3C:6F:E9:4B:D7:88:2A:82:9E
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01957F992E68B2B468755F4667F04CDBD45B
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UiMHpG3F0qifBss8b-lL14gqgp4.roa
Signing time: Mon 10 Mar 2025 10:28:20 +0000
ROA not before: Mon 10 Mar 2025 10:28:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:99:2e:68:b2:b4:68:75:5f:46:67:f0:4c:db:d4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 10 10:28:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=522307a46dc5d2a89f06cb3c6fe94bd7882a829e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ad:7a:5f:4c:55:12:5b:cc:0f:76:dc:71:b0:
75:10:41:ac:0e:50:d1:d1:f8:4b:5c:39:91:ec:d1:
cb:65:29:ae:01:6b:93:c4:3c:68:cc:fc:72:70:e0:
f0:b8:cf:e5:6b:b4:83:50:fc:77:dc:12:49:24:e6:
4d:c0:69:f4:77:6d:00:72:6b:23:1a:62:fe:a4:8f:
94:ab:2e:9a:24:3c:b4:1a:b1:bd:ec:dd:50:ae:a3:
07:15:fc:fb:4b:7c:61:d8:03:40:a4:8e:17:4a:f3:
57:d0:e2:d7:a7:a4:60:a2:73:9d:3d:c4:32:42:8a:
b0:22:cc:80:01:0a:a3:d3:9c:d9:e6:4e:2c:62:a9:
36:e3:99:e4:f5:8a:61:8a:00:c2:56:59:a2:13:f0:
b6:d0:fb:13:4e:11:13:cf:81:54:5b:2e:b1:1a:24:
a5:1c:c8:45:da:1a:be:ec:19:2c:59:93:d7:dd:01:
1d:8c:b6:bb:47:91:ba:43:d4:77:07:be:0d:4f:3a:
9d:fe:6e:aa:c6:72:54:2d:46:aa:eb:e8:ad:f2:02:
3c:e6:44:9a:b1:9a:94:06:85:21:09:43:71:ca:cd:
95:f2:6e:c3:bd:e9:79:7f:87:4e:8e:33:3b:69:8d:
be:ed:98:ca:1a:e9:d4:11:9f:47:fa:00:a5:ff:18:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:23:07:A4:6D:C5:D2:A8:9F:06:CB:3C:6F:E9:4B:D7:88:2A:82:9E
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/UiMHpG3F0qifBss8b-lL14gqgp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.151.0/24
185.95.156.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:9b:da:51:87:d7:2d:19:b1:5f:7a:ca:bd:53:14:09:bc:5e:
15:f6:06:80:7c:bd:77:96:00:b8:40:dc:75:e6:49:e1:25:cb:
dd:6f:a1:15:50:25:a9:4c:34:2e:34:c5:d6:f9:a7:ca:a5:4d:
bf:60:1d:f9:e1:ff:29:1e:91:db:33:97:71:d4:7e:31:5d:e6:
45:4a:7d:ee:c2:8c:85:a8:e7:a5:5c:47:98:09:d8:f7:63:80:
68:0c:ca:99:a4:30:d0:17:b6:98:6e:e2:eb:fc:26:7e:2f:ca:
fb:12:61:8d:d1:8e:f2:77:4a:56:4f:77:79:60:43:5a:14:27:
0f:c9:92:bb:04:79:70:62:41:fb:57:da:81:e4:05:7c:2a:ca:
09:f6:4b:f2:11:b4:a9:86:ea:d0:c2:80:3f:fd:63:06:8d:31:
b5:a7:d9:cd:e0:9c:df:da:3f:47:67:91:80:55:72:00:c6:e5:
d9:9c:61:10:4f:56:cc:e6:20:93:4c:87:5c:7b:32:af:e2:20:
32:13:c1:65:89:39:d5:29:51:72:ba:67:1f:6f:3b:bf:c1:d0:
b5:ab:87:56:e4:d6:38:19:f8:c8:8b:0f:c2:37:69:99:67:7a:
a2:a0:ce:4a:eb:05:60:ae:fe:ac:2a:b4:eb:b7:23:9d:b8:0e:
c1:2c:48:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZV/mS5osrRodV9GZ/BM29RbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzEwMTAyODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIzMDdhNDZkYzVkMmE4OWYwNmNiM2M2ZmU5NGJkNzg4MmE4MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa16X0xVElvMD3bccbB1EEGsDlDR
0fhLXDmR7NHLZSmuAWuTxDxozPxycODwuM/la7SDUPx33BJJJOZNwGn0d20Acmsj
GmL+pI+Uqy6aJDy0GrG97N1QrqMHFfz7S3xh2ANApI4XSvNX0OLXp6RgonOdPcQy
QoqwIsyAAQqj05zZ5k4sYqk245nk9YphigDCVlmiE/C20PsTThETz4FUWy6xGiSl
HMhF2hq+7BksWZPX3QEdjLa7R5G6Q9R3B74NTzqd/m6qxnJULUaq6+it8gI85kSa
sZqUBoUhCUNxys2V8m7Dvel5f4dOjjM7aY2+7ZjKGunUEZ9H+gCl/xj02QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFIjB6RtxdKonwbLPG/pS9eIKoKeMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvVWlNSHBHM0YwcWlmQnNzOGItbEwxNGdxZ3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe+QAwQA
Ve+XAwQAuV+cMA0GCSqGSIb3DQEBCwUAA4IBAQDHm9pRh9ctGbFfesq9UxQJvF4V
9gaAfL13lgC4QNx15knhJcvdb6EVUCWpTDQuNMXW+afKpU2/YB354f8pHpHbM5dx
1H4xXeZFSn3uwoyFqOelXEeYCdj3Y4BoDMqZpDDQF7aYbuLr/CZ+L8r7EmGN0Y7y
d0pWT3d5YENaFCcPyZK7BHlwYkH7V9qB5AV8KsoJ9kvyEbSphurQwoA//WMGjTG1
p9nN4Jzf2j9HZ5GAVXIAxuXZnGEQT1bM5iCTTIdcezKv4iAyE8FliTnVKVFyumcf
bzu/wdC1q4dW5NY4GfjIiw/CN2mZZ3qioM5K6wVgrv6sKrTrtyOduA7BLEhz
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:46:36 2025 by rpki-client on console.sobornost.net