Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/5yn4zHauZM75VAijpeMoQrgxCO4.roa
File: 5yn4zHauZM75VAijpeMoQrgxCO4.roa (raw, json)
Hash identifier: XNQWDr0wgLOmyX40wHgFFl4XUTUYTIzKWa/lVOSFR8o=
Subject key identifier: E7:29:F8:CC:76:AE:64:CE:F9:54:08:A3:A5:E3:28:42:B8:31:08:EE
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 0194236A236BBFC2C11CC4C3239B3BE76E28
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/5yn4zHauZM75VAijpeMoQrgxCO4.roa
Signing time: Wed 01 Jan 2025 19:49:05 +0000
ROA not before: Wed 01 Jan 2025 19:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51546
IP address blocks: 88.218.20.0/22 maxlen: 22
88.218.23.0/24 maxlen: 24
185.127.228.0/22 maxlen: 22
185.176.96.0/22 maxlen: 22
185.181.44.0/22 maxlen: 22
2a03:9920::/32 maxlen: 32
2a09:9680::/29 maxlen: 29
2a0a:f80::/29 maxlen: 29
2a0a:c080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:23:6b:bf:c2:c1:1c:c4:c3:23:9b:3b:e7:6e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Jan 1 19:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e729f8cc76ae64cef95408a3a5e32842b83108ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:13:2a:83:e2:bd:3d:ba:73:51:5e:e4:69:
dd:53:c0:2f:0b:03:2d:df:e5:19:f1:57:c0:a0:a4:
76:57:fb:de:cc:70:7e:c6:4d:e4:e2:1a:cd:cd:86:
1c:ec:32:a6:c4:d5:11:cf:a7:97:03:1c:c3:d0:d1:
60:ac:cc:18:16:0c:5a:a9:08:2d:4d:b1:06:ff:9a:
59:c8:fa:3b:a9:79:61:59:78:9b:5a:6f:c5:a0:2f:
c2:41:2c:c2:cb:64:54:25:bf:54:5c:00:21:02:82:
f8:b2:f7:65:1b:bd:2a:30:97:fa:05:50:b2:6b:86:
c0:e4:6b:73:cd:d8:a8:31:79:02:00:d4:64:0d:da:
5b:36:d2:26:15:4d:79:d0:d7:c0:02:6e:9c:54:86:
9d:ac:e0:47:92:29:09:43:3e:4e:57:33:f8:e1:fd:
db:cd:82:11:72:61:5e:fa:6b:8c:54:ef:a5:e5:82:
9e:2a:8e:c7:1f:f5:8a:38:bc:16:7c:17:2f:22:92:
5a:68:2d:18:da:dd:bc:79:10:17:b2:48:1d:bc:7c:
5b:49:b5:81:d8:9a:7b:3a:10:76:1e:32:5b:a7:e6:
61:63:3f:4c:9e:8c:0b:90:a6:64:b5:a1:a3:da:db:
2b:31:31:6c:a2:f5:9b:54:78:94:2f:14:c4:fc:c1:
bb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:29:F8:CC:76:AE:64:CE:F9:54:08:A3:A5:E3:28:42:B8:31:08:EE
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/5yn4zHauZM75VAijpeMoQrgxCO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.20.0/22
185.127.228.0/22
185.176.96.0/22
185.181.44.0/22
IPv6:
2a03:9920::/32
2a09:9680::/29
2a0a:f80::/29
2a0a:c080::/29
Signature Algorithm: sha256WithRSAEncryption
13:5b:f5:3d:ac:76:5d:4c:65:c6:ed:5c:db:a7:02:28:eb:4c:
41:5d:94:1d:a2:3c:6c:39:a9:79:95:4a:93:fe:fb:93:cb:a0:
f1:8d:08:14:49:60:ce:13:e5:21:94:0c:18:e1:ea:71:ce:5e:
cd:26:1a:fa:42:ae:9b:3e:08:df:d3:47:03:f1:6d:02:f7:5c:
45:28:39:35:b3:1c:85:ce:12:8a:24:af:71:0d:25:76:6a:8a:
6f:42:cf:21:b5:51:18:47:4c:71:3c:1f:af:1a:a4:5e:14:54:
71:d4:29:24:a0:29:df:b9:41:f9:21:6e:b0:74:39:f7:5f:ca:
e8:60:c0:fe:6f:92:1f:bc:92:fe:b8:69:5b:21:06:0e:e2:d2:
f9:7c:c9:d0:4d:ee:6d:ea:77:9a:a7:55:7a:41:00:63:9c:56:
a8:90:fc:1d:ba:18:c1:fd:1f:e0:2f:a7:5c:b4:d0:a5:fa:82:
4a:c1:ff:b1:a1:dc:19:af:16:d3:28:cd:cb:75:f0:0d:44:74:
c6:61:5a:9f:ae:28:5a:70:b7:12:90:e4:86:7c:5d:61:ad:08:
c7:f5:f0:ef:24:4d:14:eb:6d:7e:90:b3:f5:b8:06:3c:4f:78:
d1:dc:ff:f8:e9:8c:30:92:03:4d:f7:57:70:d8:a6:97:8c:5a:
67:7a:5a:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQjaiNrv8LBHMTDI5s7524oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjUwMTAxMTk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI5ZjhjYzc2YWU2NGNlZjk1NDA4YTNhNWUzMjg0MmI4MzEwOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmQTKoPivT26c1Fe5GndU8AvCwMt
3+UZ8VfAoKR2V/vezHB+xk3k4hrNzYYc7DKmxNURz6eXAxzD0NFgrMwYFgxaqQgt
TbEG/5pZyPo7qXlhWXibWm/FoC/CQSzCy2RUJb9UXAAhAoL4svdlG70qMJf6BVCy
a4bA5GtzzdioMXkCANRkDdpbNtImFU150NfAAm6cVIadrOBHkikJQz5OVzP44f3b
zYIRcmFe+muMVO+l5YKeKo7HH/WKOLwWfBcvIpJaaC0Y2t28eRAXskgdvHxbSbWB
2Jp7OhB2HjJbp+ZhYz9MnowLkKZktaGj2tsrMTFsovWbVHiULxTE/MG74QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOcp+Mx2rmTO+VQIo6XjKEK4MQjuMB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvNXluNHpIYXVaTTc1VkFpanBlTW9Rcmd4Q080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCWNoUAwQC
uX/kAwQCubBgAwQCubUsMCIEAgACMBwDBQAqA5kgAwUDKgmWgAMFAyoKD4ADBQMq
CsCAMA0GCSqGSIb3DQEBCwUAA4IBAQATW/U9rHZdTGXG7VzbpwIo60xBXZQdojxs
Oal5lUqT/vuTy6DxjQgUSWDOE+UhlAwY4epxzl7NJhr6Qq6bPgjf00cD8W0C91xF
KDk1sxyFzhKKJK9xDSV2aopvQs8htVEYR0xxPB+vGqReFFRx1CkkoCnfuUH5IW6w
dDn3X8roYMD+b5IfvJL+uGlbIQYO4tL5fMnQTe5t6neap1V6QQBjnFaokPwduhjB
/R/gL6dctNCl+oJKwf+xodwZrxbTKM3LdfANRHTGYVqfrihacLcSkOSGfF1hrQjH
9fDvJE0U621+kLP1uAY8T3jR3P/46YwwkgNN91dw2KaXjFpnelqk
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:43 2025 by rpki-client