Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Nxb95AjDYyihX948d4SpKIggZQ.roa
File: 5Nxb95AjDYyihX948d4SpKIggZQ.roa (raw, json)
Hash identifier: LXnf6zKJW6C6S9ESb5TMXAjwJki5kjy7RI6/DxC0q14=
Subject key identifier: E4:DC:5B:F7:90:23:0D:8C:A2:85:7F:78:F1:DE:12:A4:A2:20:81:94
Certificate issuer: /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial: 019425FC8826CEE028EA401656F7FB36A50F
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Nxb95AjDYyihX948d4SpKIggZQ.roa
Signing time: Thu 02 Jan 2025 07:48:14 +0000
ROA not before: Thu 02 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50500
IP address blocks: 185.114.88.0/24 maxlen: 24
185.114.89.0/24 maxlen: 24
185.114.90.0/24 maxlen: 24
185.114.91.0/24 maxlen: 24
185.134.177.0/24 maxlen: 24
185.134.178.0/24 maxlen: 24
185.134.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:88:26:ce:e0:28:ea:40:16:56:f7:fb:36:a5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
Validity
Not Before: Jan 2 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4dc5bf790230d8ca2857f78f1de12a4a2208194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:59:e3:b4:f7:e9:12:e8:36:51:7a:a9:2c:bd:
ab:38:e5:02:0d:26:42:50:19:b8:a0:ec:db:fd:7f:
60:32:72:23:da:01:fc:ba:0a:12:b7:d4:4a:14:97:
0e:cb:48:fd:57:84:e0:4b:17:09:f7:ce:fb:e7:15:
38:84:f1:56:59:84:31:d4:08:6f:0d:c0:17:45:2d:
0e:7a:8f:a9:8b:ba:ba:9b:00:2c:94:3e:bf:d1:24:
bd:19:5f:18:c8:72:3d:eb:a2:67:39:54:2e:b2:95:
47:ef:6d:f5:c1:97:23:ef:90:f0:22:14:d7:11:a8:
25:71:8b:8e:1e:a8:65:15:6c:12:a4:f3:53:c1:4e:
81:1f:c3:b4:ac:28:47:e5:de:26:11:2f:27:ee:01:
fb:ea:63:ed:7f:69:61:88:1b:f5:d1:1a:ba:70:c0:
dc:40:49:36:2c:7a:52:51:65:4d:b1:95:a1:cb:2f:
7d:b8:e0:cc:ca:27:fd:1e:5d:07:d3:37:b6:53:52:
c5:9a:6a:e1:06:4c:0d:d3:77:ed:4d:48:08:b9:14:
10:ff:10:cd:cc:87:35:0a:28:84:5b:a6:f2:5c:f3:
4a:71:63:13:c5:e3:b5:27:10:86:22:42:c9:83:32:
c1:dd:74:4e:c1:69:e1:35:de:85:40:e9:92:cd:99:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DC:5B:F7:90:23:0D:8C:A2:85:7F:78:F1:DE:12:A4:A2:20:81:94
X509v3 Authority Key Identifier:
keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Nxb95AjDYyihX948d4SpKIggZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.88.0/22
185.134.177.0-185.134.179.255
Signature Algorithm: sha256WithRSAEncryption
0e:cb:54:fd:f7:e6:db:85:60:5f:cb:9e:0d:0c:cf:ad:c8:dc:
b1:a3:22:18:79:cd:1d:25:68:44:70:71:b4:06:5b:97:53:04:
b9:56:b3:02:ad:6f:35:38:1c:4f:ff:d6:a8:54:99:50:37:68:
89:e0:6a:b3:c0:3a:16:70:f3:9f:c4:7e:de:16:aa:a4:86:fe:
40:69:de:42:38:46:65:c6:1b:7a:f1:42:0b:db:19:36:1a:d5:
fb:0c:b9:37:a7:52:aa:a6:5d:8c:ab:96:2e:55:03:82:77:c3:
86:f2:f3:f5:17:e1:1c:d8:ec:cd:e8:e6:9f:22:57:2a:27:81:
9f:8e:61:89:df:ab:5e:98:bb:6d:c0:38:5e:a2:7d:fd:a2:64:
f3:d1:a1:ca:71:7f:44:90:78:eb:e4:bc:45:a0:8e:2d:68:df:
26:84:3b:61:1c:d9:62:6e:00:73:40:9f:3f:e2:bd:e4:04:0a:
9b:45:99:ef:14:2c:52:fb:3e:5d:e3:ba:bf:aa:b9:40:49:01:
de:57:a2:a6:3a:3c:21:92:eb:61:30:ca:a2:81:98:f2:e4:9f:
13:fa:d0:bd:55:79:a2:4a:77:ef:d6:22:88:62:80:dd:f0:5c:
73:b1:26:d6:02:96:1a:9f:c4:d4:d4:9e:73:a7:fd:71:ab:48:
33:5a:36:43
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/IgmzuAo6kAWVvf7NqUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjUwMTAyMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjNWJmNzkwMjMwZDhjYTI4NTdmNzhmMWRlMTJhNGEyMjA4MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1njtPfpEug2UXqpLL2rOOUCDSZC
UBm4oOzb/X9gMnIj2gH8ugoSt9RKFJcOy0j9V4TgSxcJ98775xU4hPFWWYQx1Ahv
DcAXRS0Oeo+pi7q6mwAslD6/0SS9GV8YyHI966JnOVQuspVH7231wZcj75DwIhTX
EaglcYuOHqhlFWwSpPNTwU6BH8O0rChH5d4mES8n7gH76mPtf2lhiBv10Rq6cMDc
QEk2LHpSUWVNsZWhyy99uODMyif9Hl0H0ze2U1LFmmrhBkwN03ftTUgIuRQQ/xDN
zIc1CiiEW6byXPNKcWMTxeO1JxCGIkLJgzLB3XROwWnhNd6FQOmSzZl4ewIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOTcW/eQIw2MooV/ePHeEqSiIIGUMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvNU54Yjk1QWpEWXlpaFg5NDhkNFNwS0lnZ1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuXJYMAwD
BAC5hrEDBAK5hrAwDQYJKoZIhvcNAQELBQADggEBAA7LVP335tuFYF/Lng0Mz63I
3LGjIhh5zR0laERwcbQGW5dTBLlWswKtbzU4HE//1qhUmVA3aIngarPAOhZw85/E
ft4WqqSG/kBp3kI4RmXGG3rxQgvbGTYa1fsMuTenUqqmXYyrli5VA4J3w4by8/UX
4RzY7M3o5p8iVyongZ+OYYnfq16Yu23AOF6iff2iZPPRocpxf0SQeOvkvEWgji1o
3yaEO2Ec2WJuAHNAnz/iveQECptFme8ULFL7Pl3jur+quUBJAd5XoqY6PCGS62Ew
yqKBmPLknxP60L1VeaJKd+/WIohigN3wXHOxJtYClhqfxNTUnnOn/XGrSDNaNkM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:49:07 2025 by rpki-client