Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/lKpyDy3PB0VVOKumldUJ5R7DcrY.roa
File: lKpyDy3PB0VVOKumldUJ5R7DcrY.roa (raw, json)
Hash identifier: bAnBEKlnNSPWwWtu1bOB6beqo4iFn6Nt2CccoFRqSNA=
Subject key identifier: 94:AA:72:0F:2D:CF:07:45:55:38:AB:A6:95:D5:09:E5:1E:C3:72:B6
Certificate issuer: /CN=03ad6365231ed79396940920149df71c0aa08e1f
Certificate serial: 0194274839DFEFCD2C1EA3B4A5DA9462CDE2
Authority key identifier: 03:AD:63:65:23:1E:D7:93:96:94:09:20:14:9D:F7:1C:0A:A0:8E:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A61jZSMe15OWlAkgFJ33HAqgjh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/lKpyDy3PB0VVOKumldUJ5R7DcrY.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58143
IP address blocks: 5.35.168.0/24 maxlen: 24
5.35.169.0/24 maxlen: 24
5.35.170.0/24 maxlen: 24
5.35.171.0/24 maxlen: 24
5.35.172.0/24 maxlen: 24
5.35.173.0/24 maxlen: 24
5.35.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:39:df:ef:cd:2c:1e:a3:b4:a5:da:94:62:cd:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ad6365231ed79396940920149df71c0aa08e1f
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94aa720f2dcf07455538aba695d509e51ec372b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:9f:99:3b:16:92:c2:c0:fc:6b:e4:fe:67:
c0:6a:8a:c7:34:17:e3:31:3d:cd:08:3e:5b:8e:24:
c2:19:08:11:2b:bc:8e:6e:32:4a:2b:01:dd:50:40:
62:53:7a:95:a0:a6:f3:77:c3:93:12:2d:e5:4e:34:
b4:09:71:f5:8e:09:e2:17:98:f1:db:83:40:84:59:
67:2e:32:2b:63:3c:63:56:6c:17:a0:a2:7f:e5:46:
ae:33:0f:85:e7:87:56:0d:0e:b8:bb:d3:9f:da:74:
23:36:ea:8c:4a:6a:fc:90:4c:04:54:3a:84:48:67:
dd:cc:ba:dc:68:4f:52:ca:fa:f3:94:51:11:66:48:
7d:b9:28:dd:a1:5c:0f:23:7f:9e:a0:80:20:52:7a:
99:de:44:3e:e9:e7:09:05:95:82:7a:b7:aa:cd:d0:
e2:90:b4:3d:7e:39:8b:65:a6:d4:ae:61:9c:01:d2:
25:8d:97:59:c7:df:64:66:45:ba:ad:57:6c:c2:37:
33:5d:e1:51:f1:91:35:41:85:aa:1f:d2:ce:f2:ae:
fb:64:25:73:5f:cf:42:ce:39:31:fa:82:e5:4f:c6:
57:e2:00:2f:98:f8:0b:9a:32:c9:54:64:ac:c3:39:
ff:eb:9f:25:9c:fc:85:3f:9b:61:88:13:a7:7e:38:
06:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AA:72:0F:2D:CF:07:45:55:38:AB:A6:95:D5:09:E5:1E:C3:72:B6
X509v3 Authority Key Identifier:
keyid:03:AD:63:65:23:1E:D7:93:96:94:09:20:14:9D:F7:1C:0A:A0:8E:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A61jZSMe15OWlAkgFJ33HAqgjh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/lKpyDy3PB0VVOKumldUJ5R7DcrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/A61jZSMe15OWlAkgFJ33HAqgjh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.168.0-5.35.174.255
Signature Algorithm: sha256WithRSAEncryption
66:9e:b9:48:9f:9a:9f:d0:e2:57:30:94:68:07:bc:b8:f9:1e:
ba:44:ef:98:e6:15:16:60:7c:c9:42:0c:c6:1b:58:38:21:c6:
7d:f2:bb:e4:95:91:57:a7:c4:3b:50:03:1e:cb:1e:d4:4d:3c:
80:54:54:98:1f:ed:81:48:78:22:a2:52:c4:10:bc:63:83:23:
97:5b:cc:8a:23:81:a2:56:ee:0a:f5:f3:16:2a:e3:60:8f:33:
5a:47:10:de:d0:c2:22:22:a0:c8:b4:0b:86:3f:63:55:9f:92:
fe:b0:7d:30:fc:46:37:3e:ef:0a:45:1c:87:06:1c:c0:e6:f5:
30:c7:df:66:6c:dd:87:88:b8:13:51:81:cd:b6:1a:40:2a:e8:
68:2a:c5:7d:39:54:23:17:54:66:f1:fb:6d:30:5f:1c:ba:8b:
7e:0e:7d:4a:2e:86:e7:0d:38:d6:5d:8f:26:6e:86:2f:f0:35:
3a:21:fb:11:4d:1d:c5:a5:47:56:41:4b:96:ee:2c:c1:7f:0c:
af:bb:b8:d6:de:57:21:0a:6e:fc:19:ea:fb:54:01:93:8b:c3:
8d:af:86:6c:41:54:bf:f4:81:12:09:00:01:32:84:f4:fe:50:
3e:91:2d:12:ef:6c:3a:b9:da:c4:a7:82:03:5a:7e:7a:b1:fe:
3d:a7:62:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSDnf780sHqO0pdqUYs3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYWQ2MzY1MjMxZWQ3OTM5Njk0MDkyMDE0OWRmNzFjMGFh
MDhlMWYwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFhNzIwZjJkY2YwNzQ1NTUzOGFiYTY5NWQ1MDllNTFlYzM3MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8mfmTsWksLA/Gvk/mfAaorHNBfj
MT3NCD5bjiTCGQgRK7yObjJKKwHdUEBiU3qVoKbzd8OTEi3lTjS0CXH1jgniF5jx
24NAhFlnLjIrYzxjVmwXoKJ/5UauMw+F54dWDQ64u9Of2nQjNuqMSmr8kEwEVDqE
SGfdzLrcaE9SyvrzlFERZkh9uSjdoVwPI3+eoIAgUnqZ3kQ+6ecJBZWCereqzdDi
kLQ9fjmLZabUrmGcAdIljZdZx99kZkW6rVdswjczXeFR8ZE1QYWqH9LO8q77ZCVz
X89Czjkx+oLlT8ZX4gAvmPgLmjLJVGSswzn/658lnPyFP5thiBOnfjgGpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJSqcg8tzwdFVTirppXVCeUew3K2MB8GA1UdIwQY
MBaAFAOtY2UjHteTlpQJIBSd9xwKoI4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTYxalpTTWUxNU9XbEFrZ0ZKMzNIQXFnamg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yMzM5NDgtZjlhMy00YjQ0LWE0YTkt
NDE0OWRlNTI4ODMzLzEvbEtweUR5M1BCMFZWT0t1bWxkVUo1UjdEY3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yMzM5NDgtZjlhMy00YjQ0LWE0YTktNDE0OWRlNTI4ODMz
LzEvQTYxalpTTWUxNU9XbEFrZ0ZKMzNIQXFnamg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMFI6gD
BAAFI64wDQYJKoZIhvcNAQELBQADggEBAGaeuUifmp/Q4lcwlGgHvLj5HrpE75jm
FRZgfMlCDMYbWDghxn3yu+SVkVenxDtQAx7LHtRNPIBUVJgf7YFIeCKiUsQQvGOD
I5dbzIojgaJW7gr18xYq42CPM1pHEN7QwiIioMi0C4Y/Y1Wfkv6wfTD8Rjc+7wpF
HIcGHMDm9TDH32Zs3YeIuBNRgc22GkAq6GgqxX05VCMXVGbx+20wXxy6i34OfUou
hucNONZdjyZuhi/wNToh+xFNHcWlR1ZBS5buLMF/DK+7uNbeVyEKbvwZ6vtUAZOL
w42vhmxBVL/0gRIJAAEyhPT+UD6RLRLvbDq52sSnggNafnqx/j2nYio=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:01:58 2025 by rpki-client