Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IuLax30Qv5bBysnxO_6IznKsU-s.roa
File: IuLax30Qv5bBysnxO_6IznKsU-s.roa (raw, json)
Hash identifier: ufXvEjexbBOn5Icah6XFTBi5ev4De8imScoIa5ucSKg=
Subject key identifier: 22:E2:DA:C7:7D:10:BF:96:C1:CA:C9:F1:3B:FE:88:CE:72:AC:53:EB
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 019426D97D33F3DF6CC524829280145A285D
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IuLax30Qv5bBysnxO_6IznKsU-s.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34757
IP address blocks: 5.44.168.0/23 maxlen: 24
109.111.176.0/20 maxlen: 24
193.238.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7d:33:f3:df:6c:c5:24:82:92:80:14:5a:28:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22e2dac77d10bf96c1cac9f13bfe88ce72ac53eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a8:ff:09:a4:d1:32:f4:c4:62:62:2d:c0:30:
09:bd:f1:21:9c:e9:b6:0c:2a:15:20:a6:88:07:72:
66:91:81:86:e8:59:27:9a:f9:de:d7:36:62:b3:f7:
f1:05:57:2f:86:37:a0:55:5c:fc:16:5d:d7:4f:b5:
d5:98:95:3d:17:d5:79:51:3e:f6:47:9b:53:ed:26:
10:24:49:35:9a:9d:42:77:19:87:2d:99:0e:ed:a4:
16:d5:c0:3b:62:73:a9:96:62:1f:d6:bc:01:fb:4c:
cd:60:25:8a:83:87:b2:37:23:27:1e:59:85:8e:4a:
1e:40:a9:d0:9c:4f:f1:87:6b:fd:3d:77:9f:51:8d:
3b:4a:3a:ac:03:a4:4e:e6:48:46:85:5c:93:3d:95:
44:ae:38:40:5a:25:96:25:1e:f4:3a:5c:82:4d:06:
f0:e1:95:1b:f8:f8:12:6e:ac:e7:eb:23:05:aa:4c:
79:99:ab:22:3f:52:d9:81:f0:a8:1a:0f:a0:46:f5:
5e:76:b0:eb:4f:20:10:d0:4b:a8:78:1f:14:3d:9c:
3a:ce:b9:4e:76:70:b6:3f:7e:6c:16:2a:b9:e1:07:
7e:f9:b0:4a:72:51:d9:d1:57:e7:87:fc:31:45:4f:
1a:e6:a0:47:b3:0b:dc:01:6a:96:ba:9a:dc:34:89:
a4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E2:DA:C7:7D:10:BF:96:C1:CA:C9:F1:3B:FE:88:CE:72:AC:53:EB
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IuLax30Qv5bBysnxO_6IznKsU-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.168.0/23
109.111.176.0/20
193.238.128.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:d8:cf:cb:73:cc:12:31:77:d1:76:98:08:1d:46:8e:94:0f:
f5:dd:5f:95:75:9b:4c:8c:d3:2f:42:e9:f7:65:cf:57:7f:a4:
21:b2:4d:04:de:94:8f:2f:6c:e8:e6:07:5c:5b:8c:56:c7:2a:
b0:0c:cf:28:1b:b7:5d:e8:da:84:d1:38:d8:75:a5:f1:af:40:
a2:40:4b:2a:5a:bb:31:86:ec:52:28:52:ca:26:a6:ff:a1:6d:
c8:ab:3f:d4:3d:d9:e5:a2:c4:5f:6a:ae:c7:ac:8a:89:04:5f:
66:ed:5d:74:6c:12:f4:5c:f3:99:dd:5f:5c:00:d2:4e:a5:9f:
11:48:e6:35:c5:d5:74:03:4d:e2:b5:e2:d0:30:8b:ca:cc:18:
32:38:64:52:e8:97:8b:ae:e0:2c:de:59:a1:33:11:b3:20:a9:
5f:a1:dd:99:bc:54:a8:a0:5e:eb:c9:57:c2:09:b4:bb:a7:00:
bf:ab:f6:d1:89:84:66:2b:f8:1e:d8:10:02:8a:fd:7b:63:db:
28:9a:cb:57:ee:14:e9:a7:f7:63:24:0e:10:54:55:14:d9:bc:
59:dd:f7:e3:7d:ce:7f:24:4b:ea:54:6a:9f:d5:bc:40:1b:2a:
c9:71:f0:60:e0:41:8b:9f:de:35:27:bf:cf:22:8e:9b:70:04:
75:1f:74:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2X0z899sxSSCkoAUWihdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmUyZGFjNzdkMTBiZjk2YzFjYWM5ZjEzYmZlODhjZTcyYWM1M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKj/CaTRMvTEYmItwDAJvfEhnOm2
DCoVIKaIB3JmkYGG6Fknmvne1zZis/fxBVcvhjegVVz8Fl3XT7XVmJU9F9V5UT72
R5tT7SYQJEk1mp1CdxmHLZkO7aQW1cA7YnOplmIf1rwB+0zNYCWKg4eyNyMnHlmF
jkoeQKnQnE/xh2v9PXefUY07SjqsA6RO5khGhVyTPZVErjhAWiWWJR70OlyCTQbw
4ZUb+PgSbqzn6yMFqkx5masiP1LZgfCoGg+gRvVedrDrTyAQ0EuoeB8UPZw6zrlO
dnC2P35sFiq54Qd++bBKclHZ0Vfnh/wxRU8a5qBHswvcAWqWuprcNImkSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCLi2sd9EL+WwcrJ8Tv+iM5yrFPrMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvSXVMYXgzMFF2NWJCeXNueE9fNkl6bktzVS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSyoAwQE
bW+wAwQCwe6AMA0GCSqGSIb3DQEBCwUAA4IBAQB82M/Lc8wSMXfRdpgIHUaOlA/1
3V+VdZtMjNMvQun3Zc9Xf6Qhsk0E3pSPL2zo5gdcW4xWxyqwDM8oG7dd6NqE0TjY
daXxr0CiQEsqWrsxhuxSKFLKJqb/oW3Iqz/UPdnlosRfaq7HrIqJBF9m7V10bBL0
XPOZ3V9cANJOpZ8RSOY1xdV0A03iteLQMIvKzBgyOGRS6JeLruAs3lmhMxGzIKlf
od2ZvFSooF7ryVfCCbS7pwC/q/bRiYRmK/ge2BACiv17Y9somstX7hTpp/djJA4Q
VFUU2bxZ3ffjfc5/JEvqVGqf1bxAGyrJcfBg4EGLn941J7/PIo6bcAR1H3Sa
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:33:49 2025 by rpki-client