Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/lzfdj3sYjKwxJ-lEm4PMRG_z-x0.roa
File: lzfdj3sYjKwxJ-lEm4PMRG_z-x0.roa (raw, json)
Hash identifier: k0S/RTqMQtMqoYVsegJF/SGrW/zlHJLMymOnkkPiIpo=
Subject key identifier: 97:37:DD:8F:7B:18:8C:AC:31:27:E9:44:9B:83:CC:44:6F:F3:FB:1D
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 0194266B82D25EC3FF35B21579E005D748D1
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/lzfdj3sYjKwxJ-lEm4PMRG_z-x0.roa
Signing time: Thu 02 Jan 2025 09:49:27 +0000
ROA not before: Thu 02 Jan 2025 09:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 5.224.0.0/15 maxlen: 15
31.4.0.0/16 maxlen: 24
37.222.0.0/15 maxlen: 24
46.24.0.0/14 maxlen: 14
46.25.0.0/21 maxlen: 21
46.25.60.0/22 maxlen: 22
46.136.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 24
77.208.0.0/14 maxlen: 24
77.224.0.0/13 maxlen: 13
87.124.192.0/18 maxlen: 18
87.125.0.0/16 maxlen: 24
87.235.0.0/16 maxlen: 16
89.6.0.0/15 maxlen: 15
93.113.16.0/21 maxlen: 21
93.113.136.0/21 maxlen: 21
94.248.64.0/18 maxlen: 18
95.60.0.0/14 maxlen: 14
95.60.32.0/21 maxlen: 21
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
178.57.128.0/18 maxlen: 18
178.139.0.0/16 maxlen: 22
188.84.0.0/14 maxlen: 14
188.86.112.0/22 maxlen: 22
188.211.228.0/22 maxlen: 22
193.125.0.0/16 maxlen: 16
194.220.0.0/16 maxlen: 16
212.73.32.0/19 maxlen: 24
212.145.0.0/16 maxlen: 16
212.166.128.0/17 maxlen: 23
217.130.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:82:d2:5e:c3:ff:35:b2:15:79:e0:05:d7:48:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 2 09:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9737dd8f7b188cac3127e9449b83cc446ff3fb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:08:60:d7:39:30:a2:5e:37:8a:f9:ce:42:bd:
70:24:3c:16:d2:31:4b:23:67:f5:42:a8:4a:2a:aa:
de:ea:51:d7:e2:7a:66:83:63:14:c7:eb:8f:4f:70:
16:9c:9e:7e:01:05:49:49:eb:d1:a4:fa:44:d3:68:
fb:66:8c:ee:21:16:75:6f:63:81:c4:c3:9f:69:6a:
a6:b1:b9:88:95:de:48:6c:58:9f:e6:d7:a4:ac:61:
c2:59:cc:a9:6e:01:f3:49:c1:d5:9b:a7:65:82:0d:
05:1b:9b:1d:1c:ca:7b:b2:93:a3:cc:0b:23:8c:d3:
4e:7f:2d:72:52:cb:43:f9:56:85:ee:ba:3a:f0:e7:
ef:60:a8:88:63:b1:fe:ac:14:78:d7:38:09:2b:58:
b4:93:73:62:52:77:44:68:cc:37:25:b0:fd:1e:da:
4d:0d:24:fb:87:22:39:d3:b7:25:41:be:10:bc:41:
f9:70:21:43:dc:20:44:79:06:81:4c:ec:83:81:c6:
3e:2d:18:6d:91:85:db:db:48:a6:14:bc:9a:a8:00:
bf:63:7d:9b:77:d6:a4:c1:d2:b6:75:71:0d:5e:36:
9e:3a:2b:89:d8:7d:98:22:75:e3:a1:65:ed:62:eb:
5b:1e:7c:ae:43:8d:b0:43:ef:56:28:ff:5c:f4:df:
e9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:37:DD:8F:7B:18:8C:AC:31:27:E9:44:9B:83:CC:44:6F:F3:FB:1D
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/lzfdj3sYjKwxJ-lEm4PMRG_z-x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
93.113.136.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:79:83:1a:c3:01:28:53:9c:db:63:81:01:ad:b6:76:ee:9c:
95:0b:98:bf:e7:73:2b:19:7c:33:ab:01:05:07:d6:f8:8c:84:
d4:26:ae:95:8b:52:ea:08:fa:ba:f0:45:a6:bc:7f:c2:2b:f2:
4f:d5:82:db:2b:28:f5:b1:44:2f:05:d1:2e:e1:b5:48:09:4b:
3e:65:2c:13:c7:0e:36:41:af:4b:40:d1:6f:ce:6d:dc:bd:69:
09:73:73:7f:e5:29:14:a6:5a:99:53:8f:a0:a0:ac:5a:a8:45:
bb:a0:a2:7e:3b:a8:85:1c:87:c4:d8:63:72:4b:57:c8:72:c1:
6e:41:8b:22:bd:f9:c5:f6:06:ca:48:93:f7:f9:2c:3b:ec:c5:
f6:2b:71:13:32:9a:13:e0:62:9a:a9:28:c3:12:09:3b:c5:60:
a8:f8:a0:92:f4:83:75:34:57:8a:80:bd:7a:25:3b:e0:44:8c:
1b:4d:c1:77:bc:c1:e8:fe:a2:9b:ad:64:61:c1:97:03:7c:0e:
1e:0f:92:0b:bd:7d:15:ec:ef:1a:d3:81:d6:23:7f:5d:25:c1:
a1:3c:cb:dd:26:31:7a:f4:ce:78:d8:2d:66:03:50:9f:4b:2d:
4b:05:1b:41:50:98:69:de:55:3d:89:a8:6b:21:29:88:60:78:
72:02:fa:8a
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZQma4LSXsP/NbIVeeAF10jRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjUwMTAyMDk0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM3ZGQ4ZjdiMTg4Y2FjMzEyN2U5NDQ5YjgzY2M0NDZmZjNmYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqghg1zkwol43ivnOQr1wJDwW0jFL
I2f1QqhKKqre6lHX4npmg2MUx+uPT3AWnJ5+AQVJSevRpPpE02j7ZozuIRZ1b2OB
xMOfaWqmsbmIld5IbFif5tekrGHCWcypbgHzScHVm6dlgg0FG5sdHMp7spOjzAsj
jNNOfy1yUstD+VaF7ro68OfvYKiIY7H+rBR41zgJK1i0k3NiUndEaMw3JbD9HtpN
DST7hyI507clQb4QvEH5cCFD3CBEeQaBTOyDgcY+LRhtkYXb20imFLyaqAC/Y32b
d9akwdK2dXENXjaeOiuJ2H2YInXjoWXtYutbHnyuQ42wQ+9WKP9c9N/p/QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJc33Y97GIysMSfpRJuDzERv8/sdMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvbHpmZGozc1lqS3d4Si1sRW00UE1SR196LXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IAwQHPlcAAwMCTdADAwNN4DALAwQGV3zAAwMB
V3wDAwBX6wMDAVkGAwQDXXEQAwQDXXGIAwQGXvhAAwMCXzwDAwCUOAMDAJ+TAwQG
sjmAAwMAsosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQMEB9SmgAMD
ANmCMA0GCSqGSIb3DQEBCwUAA4IBAQBBeYMawwEoU5zbY4EBrbZ27pyVC5i/53Mr
GXwzqwEFB9b4jITUJq6Vi1LqCPq68EWmvH/CK/JP1YLbKyj1sUQvBdEu4bVICUs+
ZSwTxw42Qa9LQNFvzm3cvWkJc3N/5SkUplqZU4+goKxaqEW7oKJ+O6iFHIfE2GNy
S1fIcsFuQYsivfnF9gbKSJP3+Sw77MX2K3ETMpoT4GKaqSjDEgk7xWCo+KCS9IN1
NFeKgL16JTvgRIwbTcF3vMHo/qKbrWRhwZcDfA4eD5ILvX0V7O8a04HWI39dJcGh
PMvdJjF69M542C1mA1CfSy1LBRtBUJhp3lU9iahrISmIYHhyAvqK
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:23:54 2025 by rpki-client