Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/sNmSuLPwop12596I--vLe1Fw_L8.roa
File: sNmSuLPwop12596I--vLe1Fw_L8.roa (raw, json)
Hash identifier: rnnFcpfS8qT33aKuf/kRcr+W7tCgIM7nW6QVvMfILWQ=
Subject key identifier: B0:D9:92:B8:B3:F0:A2:9D:76:E7:DE:88:FB:EB:CB:7B:51:70:FC:BF
Certificate issuer: /CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Certificate serial: 01941F8C40FD715725878217123EA06421B5
Authority key identifier: C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/sNmSuLPwop12596I--vLe1Fw_L8.roa
Signing time: Wed 01 Jan 2025 01:47:52 +0000
ROA not before: Wed 01 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198454
IP address blocks: 5.154.187.0/24 maxlen: 24
31.211.184.0/21 maxlen: 24
94.24.38.0/23 maxlen: 24
128.0.52.0/24 maxlen: 24
185.33.132.0/22 maxlen: 24
188.208.100.0/24 maxlen: 24
2a00:fdc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:40:fd:71:57:25:87:82:17:12:3e:a0:64:21:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Validity
Not Before: Jan 1 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0d992b8b3f0a29d76e7de88fbebcb7b5170fcbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a6:6e:df:e4:9b:f9:99:11:c9:81:d2:31:fa:
29:22:21:92:8e:e7:83:d6:49:8c:80:4d:68:46:f2:
0a:3a:c6:6a:14:d9:d9:ae:56:ce:12:cb:d3:70:0b:
68:9e:2e:81:72:b1:02:5a:e2:c2:ea:f1:da:f4:52:
79:e9:23:8e:23:33:dc:ac:34:b8:29:f4:97:65:c6:
29:b1:8a:ab:8e:ce:0a:69:12:ba:24:d6:c1:49:f3:
01:6a:8c:65:c0:b5:e5:5b:f7:ce:85:e2:4f:05:ba:
8c:aa:84:6f:c3:14:14:bd:08:d7:3b:8a:7c:0b:43:
a4:55:a1:7d:9a:35:ed:87:4b:54:89:0c:c3:2f:28:
0e:fd:10:60:58:88:34:b0:49:cc:a4:47:3c:e3:97:
f9:4e:de:c1:d7:86:3c:a6:90:b2:94:bc:ff:ec:66:
45:9d:40:37:87:c6:ca:24:52:9e:cc:e0:69:00:9c:
c9:40:84:27:2d:9a:75:84:20:c3:2f:78:81:84:f3:
5c:a1:8e:16:70:e3:be:62:be:f2:81:01:0f:72:a6:
f2:30:be:04:05:62:3a:d4:70:e1:f7:4a:b3:aa:82:
b5:3c:ce:d2:39:05:36:75:0c:ab:15:7e:1a:7a:cc:
d6:91:d7:3a:ea:2e:a1:f1:09:8f:cd:07:46:56:cd:
64:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D9:92:B8:B3:F0:A2:9D:76:E7:DE:88:FB:EB:CB:7B:51:70:FC:BF
X509v3 Authority Key Identifier:
keyid:C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/sNmSuLPwop12596I--vLe1Fw_L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.187.0/24
31.211.184.0/21
94.24.38.0/23
128.0.52.0/24
185.33.132.0/22
188.208.100.0/24
IPv6:
2a00:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
d2:a7:8a:db:67:e9:8e:2f:3f:60:89:3b:9c:f2:0b:70:b3:f0:
01:6b:52:2a:bd:f8:4c:be:39:7e:7f:7e:32:6e:54:69:d3:3c:
09:bf:00:c4:65:fe:dd:f0:4e:17:45:26:84:58:70:ce:67:9b:
ac:31:eb:93:36:5e:85:3a:13:6e:d0:a5:12:12:89:29:80:0f:
57:89:7b:fb:b0:91:44:33:63:72:16:cf:a2:88:32:36:69:96:
33:73:ed:dc:b9:7f:6d:3c:3a:be:ae:53:3c:0d:31:17:b9:31:
17:1b:79:f4:2b:43:0d:db:b4:fc:99:5e:35:fe:25:25:2b:ac:
d7:8e:f0:27:98:b5:fa:ae:01:9a:6b:ab:e2:15:19:39:ef:28:
a7:b1:58:e5:70:6c:4d:cb:e9:1b:55:04:46:15:a6:67:f4:05:
19:17:13:23:61:25:bc:bc:bd:04:6a:68:38:76:da:5f:b9:04:
ed:94:f2:5b:3c:35:99:a9:a8:71:93:62:e8:c6:1b:86:86:6d:
6d:79:36:43:ad:13:ea:73:ba:8f:0c:8d:ec:a6:22:db:e9:4f:
ed:c5:05:1d:d6:49:08:1a:d6:d3:d8:eb:49:e0:b7:45:6c:9b:
fa:77:56:b6:c2:3a:56:d7:91:cd:82:52:f8:7b:87:9e:77:24:
fb:69:00:17
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQfjED9cVclh4IXEj6gZCG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTQyZTVkNWNmYWE0NTIxNjZiYzdiNTVhNjU1NThmNTI0
ZDY3NTEwHhcNMjUwMTAxMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGQ5OTJiOGIzZjBhMjlkNzZlN2RlODhmYmViY2I3YjUxNzBmY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaZu3+Sb+ZkRyYHSMfopIiGSjueD
1kmMgE1oRvIKOsZqFNnZrlbOEsvTcAtoni6BcrECWuLC6vHa9FJ56SOOIzPcrDS4
KfSXZcYpsYqrjs4KaRK6JNbBSfMBaoxlwLXlW/fOheJPBbqMqoRvwxQUvQjXO4p8
C0OkVaF9mjXth0tUiQzDLygO/RBgWIg0sEnMpEc845f5Tt7B14Y8ppCylLz/7GZF
nUA3h8bKJFKezOBpAJzJQIQnLZp1hCDDL3iBhPNcoY4WcOO+Yr7ygQEPcqbyML4E
BWI61HDh90qzqoK1PM7SOQU2dQyrFX4aeszWkdc66i6h8QmPzQdGVs1kEQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLDZkriz8KKddufeiPvry3tRcPy/MB8GA1UdIwQY
MBaAFMAULl1c+qRSFmvHtVplVY9STWdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUt
MTk3MGRlODRhMWYwLzEvc05tU3VMUHdvcDEyNTk2SS0tdkxlMUZ3X0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUtMTk3MGRlODRhMWYw
LzEvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABZq7AwQD
H9O4AwQBXhgmAwQAgAA0AwQCuSGEAwQAvNBkMA0EAgACMAcDBQAqAP3AMA0GCSqG
SIb3DQEBCwUAA4IBAQDSp4rbZ+mOLz9giTuc8gtws/ABa1IqvfhMvjl+f34yblRp
0zwJvwDEZf7d8E4XRSaEWHDOZ5usMeuTNl6FOhNu0KUSEokpgA9XiXv7sJFEM2Ny
Fs+iiDI2aZYzc+3cuX9tPDq+rlM8DTEXuTEXG3n0K0MN27T8mV41/iUlK6zXjvAn
mLX6rgGaa6viFRk57yinsVjlcGxNy+kbVQRGFaZn9AUZFxMjYSW8vL0Eamg4dtpf
uQTtlPJbPDWZqahxk2LoxhuGhm1teTZDrRPqc7qPDI3spiLb6U/txQUd1kkIGtbT
2OtJ4LdFbJv6d1a2wjpW15HNglL4e4eedyT7aQAX
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:13:39 2025 by rpki-client