Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/Sh2m4fLT9mhka9CmN4ZCzi6qFXY.roa
File: Sh2m4fLT9mhka9CmN4ZCzi6qFXY.roa (raw, json)
Hash identifier: /ewDMH8qYlXHtV2NqszRO/NutuFWj/5k+90mUJz1nnA=
Subject key identifier: 4A:1D:A6:E1:F2:D3:F6:68:64:6B:D0:A6:37:86:42:CE:2E:AA:15:76
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 0194236927430DA4902201A2DF7324DFAB38
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/Sh2m4fLT9mhka9CmN4ZCzi6qFXY.roa
Signing time: Wed 01 Jan 2025 19:48:01 +0000
ROA not before: Wed 01 Jan 2025 19:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60404
IP address blocks: 5.2.64.0/20 maxlen: 20
5.2.67.0/24 maxlen: 24
5.2.70.0/24 maxlen: 24
5.255.96.0/19 maxlen: 19
103.251.164.0/22 maxlen: 22
150.129.8.0/22 maxlen: 22
150.129.8.0/24 maxlen: 24
185.31.172.0/22 maxlen: 22
192.76.150.0/24 maxlen: 24
192.76.153.0/24 maxlen: 24
192.76.160.0/24 maxlen: 24
192.76.163.0/24 maxlen: 24
2a01:6340::/29 maxlen: 29
2a04:52c0::/32 maxlen: 32
2a04:52c0:5001::/48 maxlen: 64
2a0f:6bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:27:43:0d:a4:90:22:01:a2:df:73:24:df:ab:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Jan 1 19:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a1da6e1f2d3f668646bd0a6378642ce2eaa1576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:f1:c9:7a:96:f3:40:cc:05:72:3e:88:98:
f9:4f:d7:a6:53:8b:8b:df:2b:99:a8:66:e2:ff:28:
84:d9:8a:5d:4f:76:39:0f:57:e5:40:24:eb:8f:98:
02:98:77:f4:0c:68:5d:c9:b8:bf:8d:c6:39:6c:ca:
79:aa:60:cc:a9:d3:0e:cb:4e:09:d3:6e:86:d2:af:
57:a7:58:8f:87:0c:67:85:4c:d5:0b:01:c0:b0:72:
00:8e:c2:78:01:c7:95:e7:18:c5:82:72:fa:5d:97:
df:ff:86:5a:b8:d4:f9:fc:54:a9:e4:82:d6:c8:f3:
b6:53:e1:2b:69:82:db:58:3c:61:a1:d1:6d:8a:2e:
79:cc:f2:7b:33:d2:9d:1a:32:6a:b2:97:4c:8f:39:
6b:1c:bf:c3:d5:30:29:59:07:13:73:f8:5c:c1:03:
a5:3d:26:aa:0f:1b:08:ec:14:6e:85:fd:74:3d:48:
b3:1e:4a:20:ad:70:fc:36:7e:03:d4:7b:88:45:d1:
ec:3d:fa:d6:9c:66:34:d2:90:8d:74:b8:1f:8a:0c:
c8:94:6e:42:02:b9:14:3f:6f:be:5a:8f:ce:76:9f:
df:16:d9:d8:69:2b:5b:7f:84:83:7c:dc:ff:a2:ef:
82:ae:54:12:8a:85:41:3a:cf:86:01:01:e9:ca:31:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1D:A6:E1:F2:D3:F6:68:64:6B:D0:A6:37:86:42:CE:2E:AA:15:76
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/Sh2m4fLT9mhka9CmN4ZCzi6qFXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.64.0/20
5.255.96.0/19
103.251.164.0/22
150.129.8.0/22
185.31.172.0/22
192.76.150.0/24
192.76.153.0/24
192.76.160.0/24
192.76.163.0/24
IPv6:
2a01:6340::/29
2a04:52c0::/32
2a0f:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:7f:91:f3:96:f2:b7:a0:f2:1b:0d:e9:d7:aa:52:69:d7:d2:
7a:20:c1:74:76:ea:5e:a2:87:90:0f:c2:56:7a:e9:13:ca:0c:
14:f2:ec:65:e4:70:88:8e:da:9e:65:74:dd:1f:65:a3:60:80:
37:57:a0:31:58:63:85:e3:3c:3b:34:c2:c4:93:35:3a:84:d3:
a4:29:b0:fd:47:3f:1e:84:7b:be:56:24:1e:6d:f1:fb:e4:b1:
48:78:7f:61:30:2e:aa:8a:71:93:42:95:e1:72:38:30:be:ac:
4d:65:e0:3c:a1:e6:14:eb:07:36:27:6c:e4:e4:39:f2:26:91:
c1:a5:fa:cf:bc:c4:6c:b2:43:8d:91:0a:e0:1f:bc:a2:73:7a:
54:de:79:36:ce:fd:75:63:85:2d:ce:9b:76:e7:41:80:0e:c8:
51:b0:57:f0:0a:28:6b:d0:94:ab:f2:15:d2:97:18:0e:db:dc:
0a:d8:64:48:e8:d5:5e:d8:bd:16:58:69:38:fd:09:dd:b4:cf:
46:b6:20:69:9d:a8:43:77:96:33:dc:79:1e:ba:b7:53:34:0c:
bd:b6:da:33:c7:f3:30:52:7c:f1:80:22:1c:4a:18:0c:e5:1d:
62:54:5d:07:63:21:2c:69:68:ce:60:fe:31:8b:ac:6c:a7:b4:
41:d3:a9:9c
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQjaSdDDaSQIgGi33Mk36s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjUwMTAxMTk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFkYTZlMWYyZDNmNjY4NjQ2YmQwYTYzNzg2NDJjZTJlYWExNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8TxyXqW80DMBXI+iJj5T9emU4uL
3yuZqGbi/yiE2YpdT3Y5D1flQCTrj5gCmHf0DGhdybi/jcY5bMp5qmDMqdMOy04J
026G0q9Xp1iPhwxnhUzVCwHAsHIAjsJ4AceV5xjFgnL6XZff/4ZauNT5/FSp5ILW
yPO2U+EraYLbWDxhodFtii55zPJ7M9KdGjJqspdMjzlrHL/D1TApWQcTc/hcwQOl
PSaqDxsI7BRuhf10PUizHkogrXD8Nn4D1HuIRdHsPfrWnGY00pCNdLgfigzIlG5C
ArkUP2++Wo/Odp/fFtnYaStbf4SDfNz/ou+CrlQSioVBOs+GAQHpyjEjMQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFEodpuHy0/ZoZGvQpjeGQs4uqhV2MB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvU2gybTRmTFQ5bWhrYTlDbU40WkN6aTZxRlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEBQJAAwQF
Bf9gAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQAwEyjMBsE
AgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQADggEBACx/
kfOW8reg8hsN6deqUmnX0nogwXR26l6ih5APwlZ66RPKDBTy7GXkcIiO2p5ldN0f
ZaNggDdXoDFYY4XjPDs0wsSTNTqE06QpsP1HPx6Ee75WJB5t8fvksUh4f2EwLqqK
cZNCleFyODC+rE1l4Dyh5hTrBzYnbOTkOfImkcGl+s+8xGyyQ42RCuAfvKJzelTe
eTbO/XVjhS3Om3bnQYAOyFGwV/AKKGvQlKvyFdKXGA7b3ArYZEjo1V7YvRZYaTj9
Cd20z0a2IGmdqEN3ljPceR66t1M0DL222jPH8zBSfPGAIhxKGAzlHWJUXQdjISxp
aM5g/jGLrGyntEHTqZw=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:35 2025 by rpki-client