Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/PkUBswB6akpRoaWoY8idhiZO-0s.roa
File: PkUBswB6akpRoaWoY8idhiZO-0s.roa (raw, json)
Hash identifier: FTb6NXOjB3gAzHYZQp3OqT2aASeT3Lw8OwXcNy1cX04=
Subject key identifier: 3E:45:01:B3:00:7A:6A:4A:51:A1:A5:A8:63:C8:9D:86:26:4E:FB:4B
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B5F0233D1D7D1349FD95612EB0D73
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/PkUBswB6akpRoaWoY8idhiZO-0s.roa
Signing time: Thu 02 Jan 2025 09:49:18 +0000
ROA not before: Thu 02 Jan 2025 09:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 24
5.39.200.0/23 maxlen: 23
46.29.224.0/21 maxlen: 32
46.29.228.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.144.0/20 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
185.15.108.0/22 maxlen: 32
185.52.172.0/24 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a02:17a0:d000::/36 maxlen: 36
2a03:2a80::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a04:7bc7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5f:02:33:d1:d7:d1:34:9f:d9:56:12:eb:0d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4501b3007a6a4a51a1a5a863c89d86264efb4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:86:c3:7c:a7:d2:58:ff:fb:c0:35:4a:56:e6:
13:8b:17:55:31:e0:24:09:43:4e:f1:9c:ca:e1:c6:
72:b4:e7:43:6d:f9:e4:d0:31:51:07:89:a6:59:e5:
ad:ff:21:4d:6d:a6:fb:e9:75:10:59:5b:c4:45:48:
51:79:fe:91:5b:06:96:4c:15:7d:e8:b4:f4:8d:5f:
40:37:5a:42:7c:83:b9:11:68:62:d8:86:5d:17:48:
e3:de:59:b0:06:cd:85:9f:06:f7:b9:01:bc:4c:19:
d1:18:52:cc:8e:66:71:6e:ff:e6:47:3a:21:b8:56:
4e:a6:00:db:00:4b:80:a5:1e:5a:d4:e2:33:20:36:
8f:56:f2:54:86:f9:cc:9b:8a:7d:71:71:a0:ce:69:
21:79:09:32:3a:0b:86:79:70:69:7f:17:3d:7f:bc:
aa:04:bb:b1:f7:0f:c9:8e:d5:0b:6c:89:ec:41:ae:
a7:cc:a7:9b:14:33:e2:38:82:6b:bd:93:bb:47:1b:
cb:0e:e0:c4:30:51:e6:a5:8a:3f:6e:7c:f4:3d:ad:
74:3f:dd:50:ae:5f:e7:16:5a:6f:ab:7c:25:3f:f8:
74:4b:d5:42:bf:2a:23:d0:73:44:ab:61:66:f8:fa:
83:fa:6a:60:27:f4:87:13:17:6d:4c:0e:aa:a1:41:
27:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:45:01:B3:00:7A:6A:4A:51:A1:A5:A8:63:C8:9D:86:26:4E:FB:4B
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/PkUBswB6akpRoaWoY8idhiZO-0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:9f:a8:b0:de:3c:be:b7:c2:bf:ed:69:84:ef:ec:2d:36:4c:
99:da:91:f8:02:10:fc:c7:f7:e6:0b:9f:8f:ff:12:7d:6d:15:
95:c0:72:db:60:23:39:5a:ea:64:16:a4:80:20:29:92:d0:d4:
df:d4:9c:7e:b0:1c:c6:48:eb:b4:93:54:df:35:6c:10:80:73:
60:56:fd:7f:d1:e9:2b:a4:6d:87:f6:0c:65:ae:06:6f:b1:32:
ce:d9:99:5b:88:15:49:4f:27:78:96:58:c9:b4:08:2b:f9:74:
bc:7c:1e:ce:72:5f:99:18:0d:c2:f8:1d:4f:22:1e:fb:e5:f2:
c9:3f:28:5a:10:78:21:16:0b:77:63:a1:f5:98:c4:31:4b:0f:
9f:7b:0f:24:06:86:06:15:ec:d3:1d:0e:cb:fb:ef:f0:4b:81:
6c:f8:4b:73:07:bc:f3:a6:41:a3:9c:3c:00:a9:98:82:ef:2c:
45:f6:ce:30:a8:b0:a3:74:9f:1b:9c:c9:0e:e9:2b:40:9d:65:
89:13:83:89:5a:a8:9c:0f:a2:56:fe:6b:0c:3a:21:66:24:12:
09:16:fb:60:3e:23:e3:b7:ff:37:e6:a0:66:0d:81:40:85:ce:
54:9f:38:f3:e5:dc:6a:42:38:61:c7:b7:bc:fe:9a:dc:6b:5a:
23:5a:33:aa
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZQma18CM9HX0TSf2VYS6w1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQ1MDFiMzAwN2E2YTRhNTFhMWE1YTg2M2M4OWQ4NjI2NGVmYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14bDfKfSWP/7wDVKVuYTixdVMeAk
CUNO8ZzK4cZytOdDbfnk0DFRB4mmWeWt/yFNbab76XUQWVvERUhRef6RWwaWTBV9
6LT0jV9AN1pCfIO5EWhi2IZdF0jj3lmwBs2Fnwb3uQG8TBnRGFLMjmZxbv/mRzoh
uFZOpgDbAEuApR5a1OIzIDaPVvJUhvnMm4p9cXGgzmkheQkyOguGeXBpfxc9f7yq
BLux9w/JjtULbInsQa6nzKebFDPiOIJrvZO7RxvLDuDEMFHmpYo/bnz0Pa10P91Q
rl/nFlpvq3wlP/h0S9VCvyoj0HNEq2Fm+PqD+mpgJ/SHExdtTA6qoUEnEQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFD5FAbMAempKUaGlqGPInYYmTvtLMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvUGtVQnN3QjZha3BSb2FXb1k4aWRoaVpPLTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAJufqLDePL63wr/taYTv7C02TJnakfgCEPzH9+YLn4//En1tFZXA
cttgIzla6mQWpIAgKZLQ1N/UnH6wHMZI67STVN81bBCAc2BW/X/R6SukbYf2DGWu
Bm+xMs7ZmVuIFUlPJ3iWWMm0CCv5dLx8Hs5yX5kYDcL4HU8iHvvl8sk/KFoQeCEW
C3djofWYxDFLD597DyQGhgYV7NMdDsv77/BLgWz4S3MHvPOmQaOcPACpmILvLEX2
zjCosKN0nxucyQ7pK0CdZYkTg4laqJwPolb+aww6IWYkEgkW+2A+I+O3/zfmoGYN
gUCFzlSfOPPl3GpCOGHHt7z+mtxrWiNaM6o=
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:47:01 2025 by rpki-client