Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/X_yuCbgOElk7t0Nndlrc9uLk_XU.roa
File: X_yuCbgOElk7t0Nndlrc9uLk_XU.roa (raw, json)
Hash identifier: zPioyhAie2r6Wx7GGJYyupW2bQRy/+no7AIsLRygNz8=
Subject key identifier: 5F:FC:AE:09:B8:0E:12:59:3B:B7:43:67:76:5A:DC:F6:E2:E4:FD:75
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 0194221F917D5EE4B166F2AE24B352A25DC3
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/X_yuCbgOElk7t0Nndlrc9uLk_XU.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.132.0/23 maxlen: 23
145.64.134.0/24 maxlen: 24
145.64.135.0/24 maxlen: 24
145.64.136.0/22 maxlen: 22
145.64.136.0/24 maxlen: 24
145.64.137.0/24 maxlen: 24
145.64.138.0/24 maxlen: 24
145.64.140.0/22 maxlen: 22
145.64.144.0/20 maxlen: 20
145.64.144.0/23 maxlen: 23
145.64.146.0/24 maxlen: 24
145.64.147.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.152.0/23 maxlen: 23
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.240.0/21 maxlen: 21
145.64.240.0/22 maxlen: 22
145.64.241.0/24 maxlen: 24
145.64.242.0/24 maxlen: 24
145.64.244.0/22 maxlen: 22
145.64.245.0/24 maxlen: 24
145.64.246.0/24 maxlen: 24
145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.248.0/24 maxlen: 24
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:91:7d:5e:e4:b1:66:f2:ae:24:b3:52:a2:5d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ffcae09b80e12593bb74367765adcf6e2e4fd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bb:e3:4b:a6:39:0c:22:80:aa:fe:62:86:0a:
32:a2:1e:b5:ea:53:ec:bc:29:1e:70:80:05:0a:a0:
2e:84:04:91:bb:a2:d1:6b:c6:ad:d1:cc:59:f6:1a:
83:0e:22:92:69:9d:10:0f:bc:74:5d:c6:ab:81:f0:
01:0e:83:0a:01:09:f8:3d:f7:20:2b:29:be:89:e6:
a8:b1:66:00:bc:0d:4c:f9:e0:e1:6f:c6:11:ee:f8:
31:e8:32:f7:2c:cd:58:d0:4c:8a:52:c8:dc:4c:48:
81:14:d6:26:97:6f:2e:c0:48:6d:89:ff:ab:93:b2:
42:9f:dc:22:1b:55:18:f8:ab:c2:95:e8:db:f0:9c:
7e:35:8f:45:79:fb:a3:d0:b6:4a:62:65:b2:10:be:
29:b4:0d:78:6a:a8:84:df:d9:89:0f:40:a4:c6:96:
df:2d:b0:e8:c9:cc:a0:31:bc:0f:7f:4a:30:8c:aa:
5e:07:73:41:b7:6e:c9:09:30:6c:da:81:ff:77:a8:
ed:4a:30:ca:5e:15:88:98:d0:06:01:b6:b8:fe:67:
1e:79:64:c7:db:9f:0b:99:15:df:71:4e:ef:28:86:
e4:d0:c8:45:ac:b9:d0:9f:8b:c2:df:c5:8d:7c:32:
96:5b:21:24:dd:2e:45:52:35:24:c7:3f:00:1e:8a:
76:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FC:AE:09:B8:0E:12:59:3B:B7:43:67:76:5A:DC:F6:E2:E4:FD:75
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/X_yuCbgOElk7t0Nndlrc9uLk_XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0-145.64.175.255
145.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
11:ba:64:cb:45:f2:1d:9f:2b:c2:23:7b:60:b1:8c:d9:1a:48:
6e:c4:64:1d:b8:db:f6:c9:90:6f:f8:e0:68:65:c5:5d:51:d9:
e9:64:35:d2:d2:92:6e:f1:e0:5c:d0:2d:94:2d:86:d8:a3:c6:
30:8c:4c:09:74:dc:6d:e4:b8:f9:4a:9d:87:4d:95:63:d3:17:
2f:48:99:b2:eb:34:3d:bb:36:1e:bc:43:06:11:71:46:a6:47:
ad:8a:56:cc:db:66:3e:f4:52:65:71:f5:e8:e1:95:49:ce:58:
3c:36:d4:c3:75:22:44:b4:44:1b:6c:4c:6e:fd:d0:1c:af:75:
6c:09:4c:24:d2:df:c6:91:c4:20:33:82:3b:ab:7a:a0:22:2e:
08:94:e8:9c:13:fe:6e:c0:7c:f4:aa:68:b6:98:63:61:3e:e6:
4c:28:8e:fc:5c:08:81:ca:50:37:42:2d:58:32:b6:53:af:1b:
88:55:79:5e:f6:66:29:35:c9:f9:19:4c:68:0d:43:ed:15:f9:
b1:1e:06:ca:16:4a:1a:77:2d:96:58:24:ab:bf:4b:d5:fa:7f:
11:83:88:9a:39:fb:3c:54:b2:82:25:df:30:dc:8c:fd:f2:ea:
48:3f:5b:84:f0:2b:6d:fc:58:e5:f1:a2:ee:c0:51:91:0f:30:
b7:a5:bf:21
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiH5F9XuSxZvKuJLNSol3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmZjYWUwOWI4MGUxMjU5M2JiNzQzNjc3NjVhZGNmNmUyZTRmZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LvjS6Y5DCKAqv5ihgoyoh616lPs
vCkecIAFCqAuhASRu6LRa8at0cxZ9hqDDiKSaZ0QD7x0XcargfABDoMKAQn4Pfcg
Kym+ieaosWYAvA1M+eDhb8YR7vgx6DL3LM1Y0EyKUsjcTEiBFNYml28uwEhtif+r
k7JCn9wiG1UY+KvClejb8Jx+NY9Fefuj0LZKYmWyEL4ptA14aqiE39mJD0Ckxpbf
LbDoycygMbwPf0owjKpeB3NBt27JCTBs2oH/d6jtSjDKXhWImNAGAba4/mceeWTH
258LmRXfcU7vKIbk0MhFrLnQn4vC38WNfDKWWyEk3S5FUjUkxz8AHop2aQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF/8rgm4DhJZO7dDZ3Za3Pbi5P11MB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvWF95dUNiZ09FbGs3dDBObmRscmM5dUxrX1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeRQIAD
BASRQKADBASRQPAwDQYJKoZIhvcNAQELBQADggEBABG6ZMtF8h2fK8Ije2CxjNka
SG7EZB242/bJkG/44GhlxV1R2elkNdLSkm7x4FzQLZQthtijxjCMTAl03G3kuPlK
nYdNlWPTFy9ImbLrND27Nh68QwYRcUamR62KVszbZj70UmVx9ejhlUnOWDw21MN1
IkS0RBtsTG790ByvdWwJTCTS38aRxCAzgjureqAiLgiU6JwT/m7AfPSqaLaYY2E+
5kwojvxcCIHKUDdCLVgytlOvG4hVeV72Zik1yfkZTGgNQ+0V+bEeBsoWShp3LZZY
JKu/S9X6fxGDiJo5+zxUsoIl3zDcjP3y6kg/W4TwK238WOXxou7AUZEPMLelvyE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:45:02 2025 by rpki-client