Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/5pSATMPZ0p7gsB8mMb7VRMdgILk.roa
File: 5pSATMPZ0p7gsB8mMb7VRMdgILk.roa (raw, json)
Hash identifier: n6iETK+1U2jYxCvuN/hxrmzW6QRPJ6PVi/YnvpAOe54=
Subject key identifier: E6:94:80:4C:C3:D9:D2:9E:E0:B0:1F:26:31:BE:D5:44:C7:60:20:B9
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 019424B3330075A0FE3FDCD24B4C31EF676A
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/5pSATMPZ0p7gsB8mMb7VRMdgILk.roa
Signing time: Thu 02 Jan 2025 01:48:31 +0000
ROA not before: Thu 02 Jan 2025 01:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24739
IP address blocks: 37.143.16.0/20 maxlen: 20
46.228.0.0/20 maxlen: 20
46.252.240.0/20 maxlen: 20
46.252.254.0/24 maxlen: 24
62.181.33.0/24 maxlen: 24
62.181.40.0/22 maxlen: 24
62.181.40.0/24 maxlen: 24
62.181.45.0/24 maxlen: 24
62.181.52.0/24 maxlen: 24
77.232.50.0/23 maxlen: 23
77.232.52.0/22 maxlen: 22
77.232.56.0/21 maxlen: 21
79.99.104.0/21 maxlen: 21
79.99.104.0/24 maxlen: 24
81.23.96.0/19 maxlen: 19
81.24.112.0/20 maxlen: 20
84.47.137.0/24 maxlen: 25
84.47.188.0/24 maxlen: 25
84.242.4.0/24 maxlen: 24
93.174.240.0/21 maxlen: 21
176.32.176.0/20 maxlen: 20
178.238.16.0/20 maxlen: 20
185.7.146.0/24 maxlen: 24
185.7.147.0/24 maxlen: 24
185.58.248.0/24 maxlen: 24
185.124.188.0/22 maxlen: 25
212.59.112.0/22 maxlen: 22
213.135.68.0/24 maxlen: 25
213.135.75.0/24 maxlen: 25
213.135.76.0/24 maxlen: 25
213.135.78.0/24 maxlen: 25
213.135.93.0/24 maxlen: 25
213.208.185.0/24 maxlen: 25
217.197.224.0/20 maxlen: 20
2a00:1020::/32 maxlen: 32
2a00:1020:7::/48 maxlen: 48
2a00:1020:b::/48 maxlen: 48
2a00:1020:c::/48 maxlen: 48
2a00:1020:d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:33:00:75:a0:fe:3f:dc:d2:4b:4c:31:ef:67:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 2 01:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e694804cc3d9d29ee0b01f2631bed544c76020b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c1:2f:bb:0c:91:e4:83:66:f1:9d:67:42:98:
81:84:4f:6f:2f:f1:47:68:21:0b:c4:e4:d8:85:30:
1d:53:00:68:d9:57:37:64:1e:8b:18:40:87:a9:40:
86:2c:80:94:af:7b:27:ef:e7:98:e7:30:d3:7b:2d:
6e:53:10:f6:25:c6:37:cc:2c:18:d9:b6:5e:99:df:
7f:2e:0d:55:51:4c:7a:18:0a:c4:06:dc:0a:cf:19:
f4:5c:94:46:f9:0d:8a:90:a2:86:a5:32:f9:84:b6:
34:bd:29:6d:1e:55:b6:a8:35:7e:8d:39:65:0d:00:
46:48:a8:4e:3f:ac:f0:d9:9b:ef:24:11:83:a2:b3:
2d:9c:77:1d:68:d8:c5:fa:1c:b7:88:cd:4c:50:39:
33:1a:6f:98:c5:a8:d4:6a:c9:f3:10:1c:84:96:f5:
db:cd:7b:f6:1c:3b:b8:9a:37:f4:9c:7e:93:f0:74:
90:4a:8e:ad:fe:f3:22:e2:5b:8a:79:0b:64:24:87:
8e:c8:99:e1:2f:36:34:04:13:16:71:12:6e:e1:16:
d2:89:dc:88:f7:94:ba:b1:28:9c:24:84:4b:37:21:
17:10:1e:e3:22:e9:32:a1:7d:f7:4c:00:80:3e:33:
6d:e4:f3:14:d6:fd:45:bf:11:89:29:b6:58:bd:8a:
8e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:94:80:4C:C3:D9:D2:9E:E0:B0:1F:26:31:BE:D5:44:C7:60:20:B9
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/5pSATMPZ0p7gsB8mMb7VRMdgILk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.16.0/20
46.228.0.0/20
46.252.240.0/20
62.181.33.0/24
62.181.40.0/22
62.181.45.0/24
62.181.52.0/24
77.232.50.0-77.232.63.255
79.99.104.0/21
81.23.96.0/19
81.24.112.0/20
84.47.137.0/24
84.47.188.0/24
84.242.4.0/24
93.174.240.0/21
176.32.176.0/20
178.238.16.0/20
185.7.146.0/23
185.58.248.0/24
185.124.188.0/22
212.59.112.0/22
213.135.68.0/24
213.135.75.0-213.135.76.255
213.135.78.0/24
213.135.93.0/24
213.208.185.0/24
217.197.224.0/20
IPv6:
2a00:1020::/32
Signature Algorithm: sha256WithRSAEncryption
70:cd:62:1a:a0:7a:14:2b:2b:84:c6:5e:09:f3:d6:5f:ef:bc:
bc:9b:4a:af:f0:81:d8:93:6b:9f:b3:ad:44:52:02:36:a3:32:
a8:37:36:bd:c4:8f:70:de:1d:a7:e3:3f:dd:6b:f9:53:12:8f:
76:6d:b4:1d:51:92:08:24:88:50:81:fb:28:7b:43:a8:92:fc:
0e:e6:2b:e5:85:ec:90:ea:90:b8:07:0a:96:01:98:db:a0:8e:
96:39:14:31:25:d3:81:46:77:90:37:3f:67:06:80:23:7c:f5:
e9:7b:a5:a4:4e:62:19:e1:7c:08:14:27:b2:b0:67:39:64:bc:
f5:43:d9:07:07:35:2c:e1:85:67:cd:0c:52:6c:38:49:8d:cc:
b0:29:1c:1a:06:ce:b6:75:11:a1:36:a3:a6:91:91:99:80:91:
f9:f5:93:05:c8:76:e5:77:0e:4b:1d:54:00:3f:55:63:08:98:
4c:77:b8:e4:5e:46:ba:9e:0f:ed:a4:7a:e3:e5:df:da:b1:da:
4d:77:25:64:b2:e8:89:75:67:a6:2a:f5:7c:11:3c:f8:6f:fc:
c6:4a:28:5b:16:c2:08:36:04:19:ad:8f:83:81:1d:fb:4d:c9:
ca:ff:e1:64:19:51:1d:1b:ec:6f:b1:5c:7d:f0:a5:54:ce:a5:
95:4c:77:19
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAZQkszMAdaD+P9zSS0wx72dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjUwMTAyMDE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk0ODA0Y2MzZDlkMjllZTBiMDFmMjYzMWJlZDU0NGM3NjAyMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MEvuwyR5INm8Z1nQpiBhE9vL/FH
aCELxOTYhTAdUwBo2Vc3ZB6LGECHqUCGLICUr3sn7+eY5zDTey1uUxD2JcY3zCwY
2bZemd9/Lg1VUUx6GArEBtwKzxn0XJRG+Q2KkKKGpTL5hLY0vSltHlW2qDV+jTll
DQBGSKhOP6zw2ZvvJBGDorMtnHcdaNjF+hy3iM1MUDkzGm+YxajUasnzEByElvXb
zXv2HDu4mjf0nH6T8HSQSo6t/vMi4luKeQtkJIeOyJnhLzY0BBMWcRJu4RbSidyI
95S6sSicJIRLNyEXEB7jIukyoX33TACAPjNt5PMU1v1FvxGJKbZYvYqOSwIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFOaUgEzD2dKe4LAfJjG+1UTHYCC5MB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvNXBTQVRNUFowcDdnc0I4bU1iN1ZSTWRnSUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBuQQCAAEwgbIDBAQl
jxADBAQu5AADBAQu/PADBAA+tSEDBAI+tSgDBAA+tS0DBAA+tTQwDAMEAU3oMgME
Bk3oAAMEA09jaAMEBVEXYAMEBFEYcAMEAFQviQMEAFQvvAMEAFTyBAMEA12u8AME
BLAgsAMEBLLuEAMEAbkHkgMEALk6+AMEArl8vAMEAtQ7cAMEANWHRDAMAwQA1YdL
AwQA1YdMAwQA1YdOAwQA1YddAwQA1dC5AwQE2cXgMA0EAgACMAcDBQAqABAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBwzWIaoHoUKyuExl4J89Zf77y8m0qv8IHYk2ufs61E
UgI2ozKoNza9xI9w3h2n4z/da/lTEo92bbQdUZIIJIhQgfsoe0OokvwO5ivlheyQ
6pC4BwqWAZjboI6WORQxJdOBRneQNz9nBoAjfPXpe6WkTmIZ4XwIFCeysGc5ZLz1
Q9kHBzUs4YVnzQxSbDhJjcywKRwaBs62dRGhNqOmkZGZgJH59ZMFyHbldw5LHVQA
P1VjCJhMd7jkXka6ng/tpHrj5d/asdpNdyVksuiJdWemKvV8ETz4b/zGSihbFsII
NgQZrY+DgR37TcnK/+FkGVEdG+xvsVx98KVUzqWVTHcZ
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:49 2025 by rpki-client