Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/79b7a1-b3c8-45a6-b991-7c78eb5b2d94/1/5-_m5sx2pOrKBnn6vsQwme9LIWs.roa
File: 5-_m5sx2pOrKBnn6vsQwme9LIWs.roa (raw, json)
Hash identifier: h/D8Ki0B/ZgXWanH4BZ9jNHNZb1ZLuVPvKx+u3l030A=
Subject key identifier: E7:EF:E6:E6:CC:76:A4:EA:CA:06:79:FA:BE:C4:30:99:EF:4B:21:6B
Certificate issuer: /CN=595b7899893b9e248be6155df445f630ae5d6872
Certificate serial: 0194266B3C18DBAC01B17120EA9137F679FD
Authority key identifier: 59:5B:78:99:89:3B:9E:24:8B:E6:15:5D:F4:45:F6:30:AE:5D:68:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVt4mYk7niSL5hVd9EX2MK5daHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/79b7a1-b3c8-45a6-b991-7c78eb5b2d94/1/5-_m5sx2pOrKBnn6vsQwme9LIWs.roa
Signing time: Thu 02 Jan 2025 09:49:09 +0000
ROA not before: Thu 02 Jan 2025 09:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21369
IP address blocks: 157.203.6.0/24 maxlen: 24
157.203.7.0/24 maxlen: 24
157.203.36.0/24 maxlen: 24
157.203.37.0/24 maxlen: 24
157.203.40.0/24 maxlen: 24
157.203.41.0/24 maxlen: 24
157.203.42.0/24 maxlen: 24
157.203.43.0/24 maxlen: 24
157.203.48.0/24 maxlen: 24
157.203.49.0/24 maxlen: 24
157.203.52.0/24 maxlen: 24
157.203.53.0/24 maxlen: 24
157.203.56.0/24 maxlen: 24
157.203.57.0/24 maxlen: 24
157.203.59.0/24 maxlen: 24
157.203.60.0/24 maxlen: 24
157.203.61.0/24 maxlen: 24
157.203.62.0/24 maxlen: 24
157.203.120.0/24 maxlen: 24
157.203.142.0/24 maxlen: 24
157.203.143.0/24 maxlen: 24
157.203.176.0/24 maxlen: 24
157.203.177.0/24 maxlen: 24
157.203.178.0/24 maxlen: 24
157.203.179.0/24 maxlen: 24
157.203.180.0/24 maxlen: 24
157.203.181.0/24 maxlen: 24
157.203.242.0/24 maxlen: 24
157.203.243.0/24 maxlen: 24
157.203.254.0/24 maxlen: 24
157.203.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:3c:18:db:ac:01:b1:71:20:ea:91:37:f6:79:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=595b7899893b9e248be6155df445f630ae5d6872
Validity
Not Before: Jan 2 09:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7efe6e6cc76a4eaca0679fabec43099ef4b216b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:36:9f:70:1d:2e:ce:ca:65:0e:70:cb:1b:e6:
40:2f:70:ed:88:79:ec:28:ec:1b:34:b3:68:a6:b4:
f4:2d:10:d5:71:54:9f:75:1d:73:63:c6:4d:e5:5b:
25:23:11:f1:49:71:ed:2c:5f:96:7f:7d:21:a8:31:
f3:bb:55:b4:25:68:9e:0d:51:b7:83:7b:3b:77:8d:
26:a3:11:c7:64:c7:72:cf:8a:23:30:5b:8c:0f:3a:
c8:c5:ab:49:88:d0:ef:e7:27:e3:34:f5:56:b2:6b:
01:e7:d1:9f:69:47:83:d1:2f:d3:00:a8:21:98:69:
83:70:3e:64:5d:34:cb:cd:c1:3f:92:49:03:2a:af:
75:91:62:b7:8e:d8:df:b6:85:83:e6:78:28:b8:f4:
e4:1e:e7:ca:37:2f:5d:fb:35:a0:b6:be:8a:bf:7c:
92:22:f8:a1:05:98:3b:03:d3:76:39:9b:15:c9:af:
ca:94:3f:82:b0:8f:d8:2c:b7:1f:2d:14:1c:56:fd:
f7:b2:e5:77:a3:f5:14:92:34:4b:bc:c6:58:f1:b3:
08:e3:2f:cb:56:a6:7e:f4:d4:0b:02:59:52:99:ba:
cd:f0:f7:fc:18:ae:12:2f:51:a8:1e:54:21:90:77:
0a:07:e1:3d:5b:e9:30:0f:25:29:90:f8:d2:01:5e:
eb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EF:E6:E6:CC:76:A4:EA:CA:06:79:FA:BE:C4:30:99:EF:4B:21:6B
X509v3 Authority Key Identifier:
keyid:59:5B:78:99:89:3B:9E:24:8B:E6:15:5D:F4:45:F6:30:AE:5D:68:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVt4mYk7niSL5hVd9EX2MK5daHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/79b7a1-b3c8-45a6-b991-7c78eb5b2d94/1/5-_m5sx2pOrKBnn6vsQwme9LIWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/79b7a1-b3c8-45a6-b991-7c78eb5b2d94/1/WVt4mYk7niSL5hVd9EX2MK5daHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.203.6.0/23
157.203.36.0/23
157.203.40.0/22
157.203.48.0/23
157.203.52.0/23
157.203.56.0/23
157.203.59.0-157.203.62.255
157.203.120.0/24
157.203.142.0/23
157.203.176.0-157.203.181.255
157.203.242.0/23
157.203.254.0/23
Signature Algorithm: sha256WithRSAEncryption
17:cc:0e:b0:17:3f:23:b3:22:47:7c:a9:13:23:80:3d:c9:34:
48:26:ff:8a:fd:12:89:bb:a2:b9:e9:84:83:95:fb:e3:ff:8b:
41:c7:77:61:31:3f:34:a5:08:05:7f:ec:16:fe:f4:b9:d9:fa:
48:f3:56:ca:f6:b1:18:cb:7d:60:3c:6c:34:53:f9:cd:7e:fb:
78:a2:3f:4b:68:aa:29:54:24:f4:01:10:43:10:57:1b:f8:42:
8f:26:62:f2:d0:e5:15:85:09:0b:a0:94:ea:9d:62:8a:51:62:
0a:d4:f6:2f:71:9c:b5:26:ae:3d:33:29:74:b1:73:36:35:5d:
02:06:0f:78:f4:e6:ff:60:90:12:32:64:1b:a8:4a:08:29:31:
3a:81:a9:90:1e:0f:85:f6:70:de:a7:09:d8:55:b0:21:dc:40:
02:a2:78:ff:c1:8d:52:dc:6e:b7:13:2c:d2:96:ab:ff:bb:56:
81:3e:c3:37:60:9b:59:ac:2e:3f:b7:dd:f5:b8:1b:5d:70:55:
10:51:10:a1:5a:de:d0:8a:67:7a:95:34:7a:40:0f:85:6e:e8:
5a:26:c7:98:1f:d7:c0:77:33:d1:d0:0a:c1:f6:13:e9:9f:d7:
79:83:70:6e:44:23:fc:f1:fc:97:f4:2f:cc:60:b0:2b:c4:2c:
73:10:1b:08
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZQmazwY26wBsXEg6pE39nn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NWI3ODk5ODkzYjllMjQ4YmU2MTU1ZGY0NDVmNjMwYWU1
ZDY4NzIwHhcNMjUwMTAyMDk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VmZTZlNmNjNzZhNGVhY2EwNjc5ZmFiZWM0MzA5OWVmNGIyMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTafcB0uzsplDnDLG+ZAL3DtiHns
KOwbNLNoprT0LRDVcVSfdR1zY8ZN5VslIxHxSXHtLF+Wf30hqDHzu1W0JWieDVG3
g3s7d40moxHHZMdyz4ojMFuMDzrIxatJiNDv5yfjNPVWsmsB59GfaUeD0S/TAKgh
mGmDcD5kXTTLzcE/kkkDKq91kWK3jtjftoWD5ngouPTkHufKNy9d+zWgtr6Kv3yS
IvihBZg7A9N2OZsVya/KlD+CsI/YLLcfLRQcVv33suV3o/UUkjRLvMZY8bMI4y/L
VqZ+9NQLAllSmbrN8Pf8GK4SL1GoHlQhkHcKB+E9W+kwDyUpkPjSAV7rnwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOfv5ubMdqTqygZ5+r7EMJnvSyFrMB8GA1UdIwQY
MBaAFFlbeJmJO54ki+YVXfRF9jCuXWhyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1Z0NG1ZazduaVNMNWhWZDlFWDJNSzVkYUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83OWI3YTEtYjNjOC00NWE2LWI5OTEt
N2M3OGViNWIyZDk0LzEvNS1fbTVzeDJwT3JLQm5uNnZzUXdtZTlMSVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83OWI3YTEtYjNjOC00NWE2LWI5OTEtN2M3OGViNWIyZDk0
LzEvV1Z0NG1ZazduaVNMNWhWZDlFWDJNSzVkYUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBncsGAwQB
ncskAwQCncsoAwQBncswAwQBncs0AwQBncs4MAwDBACdyzsDBACdyz4DBACdy3gD
BAGdy44wDAMEBJ3LsAMEAZ3LtAMEAZ3L8gMEAZ3L/jANBgkqhkiG9w0BAQsFAAOC
AQEAF8wOsBc/I7MiR3ypEyOAPck0SCb/iv0SibuiuemEg5X74/+LQcd3YTE/NKUI
BX/sFv70udn6SPNWyvaxGMt9YDxsNFP5zX77eKI/S2iqKVQk9AEQQxBXG/hCjyZi
8tDlFYUJC6CU6p1iilFiCtT2L3GctSauPTMpdLFzNjVdAgYPePTm/2CQEjJkG6hK
CCkxOoGpkB4PhfZw3qcJ2FWwIdxAAqJ4/8GNUtxutxMs0par/7tWgT7DN2CbWawu
P7fd9bgbXXBVEFEQoVre0IpnepU0ekAPhW7oWibHmB/XwHcz0dAKwfYT6Z/XeYNw
bkQj/PH8l/QvzGCwK8QscxAbCA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:10:26 2025 by rpki-client