Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ESzAw8JTl8mThKOytyZ8rjoLX8A.roa
File: ESzAw8JTl8mThKOytyZ8rjoLX8A.roa (raw, json)
Hash identifier: 1OypWU0Wv1TxQP2kB7B+4BHyXSdUzFIgBG5AWWJwEAs=
Subject key identifier: 11:2C:C0:C3:C2:53:97:C9:93:84:A3:B2:B7:26:7C:AE:3A:0B:5F:C0
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942144169B7FA2391CAB253FB5C5070CDA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ESzAw8JTl8mThKOytyZ8rjoLX8A.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
45.128.228.0/22 maxlen: 22
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.18.98.0/24 maxlen: 24
212.52.13.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:16:9b:7f:a2:39:1c:ab:25:3f:b5:c5:07:0c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=112cc0c3c25397c99384a3b2b7267cae3a0b5fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ab:dc:9e:a4:18:1e:9d:09:88:c3:11:1d:d5:
8e:be:ab:79:74:a6:74:3b:5b:e1:0a:3d:53:f8:70:
18:79:b6:8f:c6:82:e8:5a:2c:72:59:a8:a4:18:3e:
32:a2:16:40:85:b1:d1:49:f4:cf:1f:4a:c9:03:1c:
ca:e1:4f:60:ea:93:18:bd:15:4c:e0:5a:90:42:c3:
19:56:14:e7:3c:df:d8:d9:cb:de:9c:29:89:e1:cb:
77:4d:00:dd:41:4f:ef:a0:c6:b0:58:d3:3a:11:31:
cb:bc:63:73:71:45:e2:b6:fa:dc:b7:74:b8:f6:65:
9a:a1:c5:e6:26:8f:36:e9:52:5f:b2:7a:77:ac:a0:
ec:b7:b3:f9:d2:28:76:08:41:c5:32:7c:a5:c9:22:
92:b4:d3:83:94:26:4f:79:f6:33:29:af:42:15:c1:
2d:76:41:2d:54:30:23:d6:99:41:e3:55:a3:6b:16:
7a:84:d8:3f:0c:bc:14:f5:20:57:f6:bb:e8:99:72:
93:e3:a4:1b:2b:5f:3d:d1:26:4c:32:9b:91:d7:ed:
3d:35:fa:da:71:54:a5:76:7f:3a:c6:90:5b:84:e5:
06:06:e7:bd:9d:c5:90:84:54:23:d6:4c:3e:93:dc:
58:9f:35:fc:1f:d2:0f:a6:67:44:9a:15:a3:86:5e:
a7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2C:C0:C3:C2:53:97:C9:93:84:A3:B2:B7:26:7C:AE:3A:0B:5F:C0
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ESzAw8JTl8mThKOytyZ8rjoLX8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
45.128.228.0/22
46.149.174.0/24
46.174.192.0/21
62.204.32.0/24
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
195.96.141.0/24
212.18.98.0/24
212.52.13.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:55:34:4f:b8:b8:bd:87:8f:8f:da:3e:ec:44:99:62:c5:1b:
0f:14:cd:dd:c7:20:6a:37:db:39:91:6e:1d:a1:ee:ca:27:42:
57:ab:4f:bc:24:06:1d:8e:a9:66:62:16:3e:7f:c0:04:0f:3b:
7d:ab:6f:55:5e:ef:76:4a:8d:45:d9:a9:04:d8:28:0a:c0:03:
29:21:45:4a:0f:75:67:1b:92:f9:4b:2a:90:fc:6e:c3:64:c3:
32:00:2a:b1:c9:29:bc:bf:06:5a:8d:91:6b:c9:2e:a4:a7:88:
ff:3f:7e:be:93:46:35:9a:64:b0:99:a9:60:1b:9d:c9:5b:24:
cb:35:d9:c3:e6:c9:28:1d:d2:d8:40:10:e8:f9:dd:85:95:f3:
19:a8:94:59:95:e7:4e:65:ea:50:2b:47:e5:3b:6a:f2:50:1f:
53:1a:3b:0e:16:cf:f0:ee:7a:98:94:77:c5:96:db:d4:ef:ff:
c1:37:22:30:67:95:99:6a:13:8b:9b:ff:69:95:81:77:5e:4c:
d9:f6:d3:95:36:46:e0:22:cc:a6:3a:e5:88:9d:6f:f1:6e:2b:
99:11:4b:76:c7:63:ab:48:45:56:06:69:01:a4:cf:a4:c2:a1:
9f:be:68:3f:87:23:7b:8a:c4:89:b7:e2:6d:98:cd:28:17:36:
91:2b:ed:02
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQhRBabf6I5HKslP7XFBwzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJjYzBjM2MyNTM5N2M5OTM4NGEzYjJiNzI2N2NhZTNhMGI1ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6vcnqQYHp0JiMMRHdWOvqt5dKZ0
O1vhCj1T+HAYebaPxoLoWixyWaikGD4yohZAhbHRSfTPH0rJAxzK4U9g6pMYvRVM
4FqQQsMZVhTnPN/Y2cvenCmJ4ct3TQDdQU/voMawWNM6ETHLvGNzcUXitvrct3S4
9mWaocXmJo826VJfsnp3rKDst7P50ih2CEHFMnylySKStNODlCZPefYzKa9CFcEt
dkEtVDAj1plB41WjaxZ6hNg/DLwU9SBX9rvomXKT46QbK1890SZMMpuR1+09Nfra
cVSldn86xpBbhOUGBue9ncWQhFQj1kw+k9xYnzX8H9IPpmdEmhWjhl6nUQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFBEswMPCU5fJk4SjsrcmfK46C1/AMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRVN6QXc4SlRsOG1UaEtPeXR5Wjhyam9MWDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAW2
dAMEAC0P/wMEAC1WAwMEAC1aLAMEAC1aLwMEAS2AggMEAi2A5AMEAC6VrgMEAy6u
wAMEAD7MIAMEALLUTgMEALn9AgMEALxAjAMEALxdiAMEAMNgjQMEANQSYgMEANQ0
DQMEANQ8BgMEANRrGAMEANRzMAMEANRzMjANBgkqhkiG9w0BAQsFAAOCAQEAK1U0
T7i4vYePj9o+7ESZYsUbDxTN3ccgajfbOZFuHaHuyidCV6tPvCQGHY6pZmIWPn/A
BA87fatvVV7vdkqNRdmpBNgoCsADKSFFSg91ZxuS+UsqkPxuw2TDMgAqsckpvL8G
Wo2Ra8kupKeI/z9+vpNGNZpksJmpYBudyVskyzXZw+bJKB3S2EAQ6PndhZXzGaiU
WZXnTmXqUCtH5Ttq8lAfUxo7DhbP8O56mJR3xZbb1O//wTciMGeVmWoTi5v/aZWB
d15M2fbTlTZG4CLMpjrliJ1v8W4rmRFLdsdjq0hFVgZpAaTPpMKhn75oP4cje4rE
ibfibZjNKBc2kSvtAg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:32:17 2025 by rpki-client