Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/HdSBNGacmxWCQhN2PVmHGruFWqE.roa
File: HdSBNGacmxWCQhN2PVmHGruFWqE.roa (raw, json)
Hash identifier: C6GZs6tNvcofEJLa2PldN9K+W2f6u/o1UkTBcTuUZDo=
Subject key identifier: 1D:D4:81:34:66:9C:9B:15:82:42:13:76:3D:59:87:1A:BB:85:5A:A1
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 0194221FB6564062C06D8857A76BF4CBD751
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/HdSBNGacmxWCQhN2PVmHGruFWqE.roa
Signing time: Wed 01 Jan 2025 13:48:11 +0000
ROA not before: Wed 01 Jan 2025 13:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.0.0/20 maxlen: 20
5.191.16.0/20 maxlen: 20
5.191.32.0/20 maxlen: 20
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.48.0/20 maxlen: 20
5.191.64.0/20 maxlen: 20
5.191.80.0/20 maxlen: 20
5.191.90.0/24 maxlen: 24
5.191.96.0/20 maxlen: 20
5.191.100.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/20 maxlen: 20
5.191.112.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/20 maxlen: 20
5.191.128.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.144.0/20 maxlen: 20
5.191.160.0/20 maxlen: 20
5.191.176.0/20 maxlen: 20
5.191.192.0/20 maxlen: 20
5.191.208.0/20 maxlen: 20
5.191.224.0/20 maxlen: 20
217.168.176.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b6:56:40:62:c0:6d:88:57:a7:6b:f4:cb:d7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Jan 1 13:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dd48134669c9b15824213763d59871abb855aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:0c:50:4f:7e:6f:49:5f:c1:18:6e:e2:a4:92:
a3:fc:91:6b:fb:19:49:be:bb:b3:34:85:a4:b0:78:
b8:e6:98:3a:07:d0:53:d2:23:76:86:4d:4a:9b:b7:
b2:8c:e8:34:3e:62:70:6a:b2:84:06:11:6d:9f:e0:
a5:24:de:a0:a5:69:70:8d:05:eb:8d:f7:54:6a:06:
a1:53:7a:55:4e:e2:72:36:a8:c3:1a:e5:2f:a9:ac:
99:26:72:71:fc:a9:81:b3:a0:3d:b9:99:ad:0b:a5:
a3:a5:d3:13:63:05:9b:02:5c:f4:2d:b1:5c:23:5f:
55:1e:37:79:3d:14:92:9e:97:7d:4d:71:c7:89:f7:
c4:38:36:86:3c:a3:0d:86:6c:f5:cf:20:36:b4:26:
6d:96:73:04:13:92:cd:36:bc:f0:1e:95:82:e4:9a:
68:d4:4b:a5:4e:2e:dc:bc:b4:2a:30:7c:e3:6e:6f:
8c:ed:2a:84:eb:49:4a:de:08:65:0f:2e:7a:21:9c:
d2:63:8f:f0:3c:0f:80:16:4e:df:c1:48:b8:a2:91:
ad:7f:d1:c3:54:bf:4e:db:53:91:f7:d5:f6:38:33:
ab:ae:a6:dd:f9:ea:11:70:88:a5:29:5c:d7:e9:11:
6c:14:7c:7f:f8:7d:8b:06:46:48:5c:10:6e:c7:82:
11:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D4:81:34:66:9C:9B:15:82:42:13:76:3D:59:87:1A:BB:85:5A:A1
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/HdSBNGacmxWCQhN2PVmHGruFWqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.0.0-5.191.239.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
65:f4:11:ef:c0:13:4d:cb:d6:24:f3:d1:26:67:d3:30:1f:98:
8a:64:d8:ea:05:58:d3:ca:08:67:c5:8e:8c:97:b1:bc:65:25:
b9:73:76:f3:a5:49:62:21:13:3c:2e:08:c9:58:bb:af:60:00:
3a:e9:c8:6f:1e:18:91:ea:b6:c2:ca:bc:56:a6:08:cf:e4:30:
45:35:ce:86:c3:37:70:2b:fc:40:cc:64:3f:a7:14:3d:3e:1e:
f0:57:d8:fe:8b:75:7c:41:70:ae:b1:59:0a:86:1a:7b:a9:f8:
a0:5e:6e:5e:c3:b4:da:6b:f7:b5:af:70:6b:04:26:af:5b:10:
60:13:20:6c:39:64:1c:f7:f5:9d:68:04:12:7a:cc:a5:05:7e:
36:a0:3b:bb:b7:92:a0:c1:34:92:31:de:5a:a1:9b:45:58:74:
a2:56:21:b8:fb:d0:ce:0a:03:ea:4d:bb:c1:f5:05:88:b1:2d:
5e:b5:aa:a5:65:40:55:31:91:69:ca:bd:90:61:80:b8:c8:be:
75:88:60:54:b3:6c:3b:26:1f:28:c1:a8:3a:fd:92:5f:76:26:
d1:e0:20:e5:11:b0:77:96:d6:be:c4:5e:fd:d5:6f:ea:ac:09:
73:6c:32:fc:7a:2e:f9:8d:08:8b:16:7e:e9:65:d2:8b:f2:d9:
23:ea:9f:7f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQiH7ZWQGLAbYhXp2v0y9dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjUwMTAxMTM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ0ODEzNDY2OWM5YjE1ODI0MjEzNzYzZDU5ODcxYWJiODU1YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9wxQT35vSV/BGG7ipJKj/JFr+xlJ
vruzNIWksHi45pg6B9BT0iN2hk1Km7eyjOg0PmJwarKEBhFtn+ClJN6gpWlwjQXr
jfdUagahU3pVTuJyNqjDGuUvqayZJnJx/KmBs6A9uZmtC6WjpdMTYwWbAlz0LbFc
I19VHjd5PRSSnpd9TXHHiffEODaGPKMNhmz1zyA2tCZtlnMEE5LNNrzwHpWC5Jpo
1EulTi7cvLQqMHzjbm+M7SqE60lK3ghlDy56IZzSY4/wPA+AFk7fwUi4opGtf9HD
VL9O21OR99X2ODOrrqbd+eoRcIilKVzX6RFsFHx/+H2LBkZIXBBux4IRVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB3UgTRmnJsVgkITdj1Zhxq7hVqhMB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvSGRTQk5HYWNteFdDUWhOMlBWbUhHcnVGV3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwAFvwME
BAW/4AMEBNmosDANBgkqhkiG9w0BAQsFAAOCAQEAZfQR78ATTcvWJPPRJmfTMB+Y
imTY6gVY08oIZ8WOjJexvGUluXN286VJYiETPC4IyVi7r2AAOunIbx4Ykeq2wsq8
VqYIz+QwRTXOhsM3cCv8QMxkP6cUPT4e8FfY/ot1fEFwrrFZCoYae6n4oF5uXsO0
2mv3ta9wawQmr1sQYBMgbDlkHPf1nWgEEnrMpQV+NqA7u7eSoME0kjHeWqGbRVh0
olYhuPvQzgoD6k27wfUFiLEtXrWqpWVAVTGRacq9kGGAuMi+dYhgVLNsOyYfKMGo
Ov2SX3Ym0eAg5RGwd5bWvsRe/dVv6qwJc2wy/Hou+Y0IixZ+6WXSi/LZI+qffw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:40:54 2025 by rpki-client