Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/uhzHg_0oTjSNISZWz69g2JwlZBI.roa
File: uhzHg_0oTjSNISZWz69g2JwlZBI.roa (raw, json)
Hash identifier: SYDZB0vXv8S1CegMsOsTpWapvWlbrYaUA5uYqL/hcv4=
Subject key identifier: BA:1C:C7:83:FD:28:4E:34:8D:21:26:56:CF:AF:60:D8:9C:25:64:12
Certificate issuer: /CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Certificate serial: 01942521D083D2CB3A7174B09FD155E917F3
Authority key identifier: F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/uhzHg_0oTjSNISZWz69g2JwlZBI.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42277
IP address blocks: 5.249.192.0/19 maxlen: 19
37.188.0.0/18 maxlen: 18
46.62.0.0/17 maxlen: 17
77.241.16.0/21 maxlen: 21
77.241.20.0/22 maxlen: 22
94.247.248.0/22 maxlen: 24
94.247.248.0/24 maxlen: 24
94.247.252.0/22 maxlen: 22
176.241.192.0/19 maxlen: 19
178.249.240.0/21 maxlen: 21
2a02:51c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d0:83:d2:cb:3a:71:74:b0:9f:d1:55:e9:17:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba1cc783fd284e348d212656cfaf60d89c256412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:2b:6d:5d:1e:e1:c6:9b:44:d5:7b:52:50:
a5:f9:76:f7:8c:d8:bd:94:2a:60:64:26:7b:c5:fd:
e3:99:a9:da:a2:25:88:7b:14:f6:10:28:be:c4:87:
a2:48:ae:21:1e:e5:dc:b2:d9:13:bf:cd:7e:6a:63:
8f:e6:80:47:54:e6:08:0a:e2:4e:02:c5:a3:a8:21:
a8:be:1c:65:e1:ec:99:98:fb:60:14:9f:ad:0b:e7:
28:f8:0e:f1:9a:18:47:34:ef:4d:0a:dd:8a:49:5a:
ab:b0:b3:40:a5:80:4a:a7:ad:98:85:63:5c:97:34:
2b:96:7d:30:69:eb:22:74:53:02:f1:70:47:ab:b6:
38:b7:4a:cd:02:62:46:44:44:9c:9d:a0:e0:73:a5:
19:db:03:ed:ab:9b:f1:c1:c9:01:33:ee:5a:eb:84:
0e:99:b8:5a:ad:4a:9f:21:ca:b7:17:04:9a:4e:3d:
d3:c9:56:5b:bd:85:1c:3b:d7:ec:e6:30:89:2b:09:
3f:d1:ff:c7:c1:4c:df:c5:f5:49:d9:ec:e1:fe:58:
c5:fe:66:37:f2:79:48:ee:b8:aa:f6:39:f0:37:c4:
0c:fb:e4:3a:58:36:eb:be:63:5a:be:f3:3e:91:c5:
88:85:93:25:af:cc:ba:2b:54:a6:25:b5:0e:ca:bf:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1C:C7:83:FD:28:4E:34:8D:21:26:56:CF:AF:60:D8:9C:25:64:12
X509v3 Authority Key Identifier:
keyid:F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/uhzHg_0oTjSNISZWz69g2JwlZBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.192.0/19
37.188.0.0/18
46.62.0.0/17
77.241.16.0/21
94.247.248.0/21
176.241.192.0/19
178.249.240.0/21
IPv6:
2a02:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:25:1d:f8:bc:93:b8:ec:56:ac:fa:33:c0:b3:27:be:b1:74:
7b:26:db:09:95:f9:ac:e1:01:09:17:75:f5:72:8a:21:02:09:
b3:3c:d4:a2:29:33:ed:ce:f8:e3:8c:1b:0b:4d:ae:e8:ed:0e:
33:5c:7b:ef:24:cd:2d:7c:3d:1e:a4:ce:46:6a:71:93:20:8f:
da:c3:8d:44:6b:c3:1d:fe:d8:08:93:84:59:95:81:28:97:8a:
13:00:34:4a:23:04:d2:88:25:57:24:30:41:05:83:b9:a1:a8:
d7:42:5d:e3:23:d9:96:c9:31:04:d9:dc:02:72:02:d4:b6:ef:
9b:dc:df:06:8d:a0:e3:4f:51:55:c2:e7:82:62:0e:bd:f6:24:
0c:4e:94:34:00:ff:b9:3c:f7:44:c5:fd:ad:da:82:60:c7:17:
bb:2d:ad:c2:59:a6:2c:8f:21:e8:bb:a7:c5:cc:cf:da:79:44:
1d:2a:7f:53:24:7d:2d:26:0a:17:4e:9a:af:48:71:75:de:0e:
ae:3c:98:9d:be:e7:a0:3a:fd:0b:0f:0d:73:64:d4:f0:6e:7f:
9b:37:77:bc:e3:aa:d6:5d:4a:ce:e4:ff:8e:cb:ea:a7:1d:14:
0b:48:3d:8e:fe:92:d4:82:8e:39:2c:f5:25:05:1f:37:a0:0a:
aa:31:cd:74
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQlIdCD0ss6cXSwn9FV6RfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzY2FiNjhmYmIwYzk3OTQ3NjU5NGJkZmM1NmMxOTIwNDJi
OGRlZGYwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFjYzc4M2ZkMjg0ZTM0OGQyMTI2NTZjZmFmNjBkODljMjU2NDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt8rbV0e4cabRNV7UlCl+Xb3jNi9
lCpgZCZ7xf3jmanaoiWIexT2ECi+xIeiSK4hHuXcstkTv81+amOP5oBHVOYICuJO
AsWjqCGovhxl4eyZmPtgFJ+tC+co+A7xmhhHNO9NCt2KSVqrsLNApYBKp62YhWNc
lzQrln0waesidFMC8XBHq7Y4t0rNAmJGREScnaDgc6UZ2wPtq5vxwckBM+5a64QO
mbharUqfIcq3FwSaTj3TyVZbvYUcO9fs5jCJKwk/0f/HwUzfxfVJ2ezh/ljF/mY3
8nlI7riq9jnwN8QM++Q6WDbrvmNavvM+kcWIhZMlr8y6K1SmJbUOyr9lyQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLocx4P9KE40jSEmVs+vYNicJWQSMB8GA1UdIwQY
MBaAFPPKto+7DJeUdllL38VsGSBCuN7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUt
YWE0YTgxYTJlYjIzLzEvdWh6SGdfMG9UalNOSVNaV3o2OWcySndsWkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUtYWE0YTgxYTJlYjIz
LzEvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBfnAAwQG
JbwAAwQHLj4AAwQDTfEQAwQDXvf4AwQFsPHAAwQDsvnwMA0EAgACMAcDBQAqAlHA
MA0GCSqGSIb3DQEBCwUAA4IBAQArJR34vJO47Fas+jPAsye+sXR7JtsJlfms4QEJ
F3X1coohAgmzPNSiKTPtzvjjjBsLTa7o7Q4zXHvvJM0tfD0epM5GanGTII/aw41E
a8Md/tgIk4RZlYEol4oTADRKIwTSiCVXJDBBBYO5oajXQl3jI9mWyTEE2dwCcgLU
tu+b3N8GjaDjT1FVwueCYg699iQMTpQ0AP+5PPdExf2t2oJgxxe7La3CWaYsjyHo
u6fFzM/aeUQdKn9TJH0tJgoXTpqvSHF13g6uPJidvuegOv0LDw1zZNTwbn+bN3e8
46rWXUrO5P+Oy+qnHRQLSD2O/pLUgo45LPUlBR83oAqqMc10
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:28 2025 by rpki-client on console.sobornost.net