Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Z4kN8nDsrb7sFEsQvwC-1YneLds.roa
File: Z4kN8nDsrb7sFEsQvwC-1YneLds.roa (raw, json)
Hash identifier: RYq7W3ftzHW7v8PnyhRA0Yz8QSctQ/uuBL07f/0XUZc=
Subject key identifier: 67:89:0D:F2:70:EC:AD:BE:EC:14:4B:10:BF:00:BE:D5:89:DE:2D:DB
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 0194AC3F238812A6B8497D423D733466B283
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Z4kN8nDsrb7sFEsQvwC-1YneLds.roa
Signing time: Tue 28 Jan 2025 09:30:06 +0000
ROA not before: Tue 28 Jan 2025 09:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60530
IP address blocks: 5.152.144.0/22 maxlen: 24
5.152.148.0/23 maxlen: 24
5.152.154.0/23 maxlen: 24
5.152.156.0/22 maxlen: 24
185.30.44.0/22 maxlen: 24
2a00:ab20::/29 maxlen: 32
2a11:cf40::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:3f:23:88:12:a6:b8:49:7d:42:3d:73:34:66:b2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 28 09:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67890df270ecadbeec144b10bf00bed589de2ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:8c:00:cd:21:5c:17:de:64:a8:b6:a6:ae:
3e:b1:29:df:e1:40:2e:fe:34:be:bf:10:af:46:cc:
c0:3e:fc:60:2d:82:0c:c5:a0:f9:7e:92:ca:bb:cb:
87:69:6f:1b:07:1a:4a:73:2a:fe:ed:fc:cb:55:2c:
ba:c1:d2:7a:3d:7f:8e:df:90:0b:59:2d:5b:89:65:
e4:cd:13:ef:9c:c1:23:cc:2b:79:29:12:99:72:db:
91:cf:a4:ee:cc:5b:42:75:e4:18:e7:e8:f0:f0:66:
02:02:f7:fe:ca:df:fb:6e:b8:f3:52:9d:af:8e:a7:
be:57:8e:2e:23:8c:63:90:e5:4e:d7:3e:cf:9a:9d:
f2:07:0f:0c:a1:64:98:78:36:f2:29:91:f5:d7:4f:
31:81:3b:d7:fa:bf:f2:30:cf:da:a8:f5:17:53:c4:
11:9d:80:0b:d3:75:1e:c9:c5:b6:d5:d0:79:e5:88:
27:f6:d9:ff:a2:d4:0d:c4:57:22:84:75:17:34:45:
94:c3:9e:5a:5b:ca:4a:01:d1:10:bf:6f:15:fc:d1:
67:13:4b:5a:a7:40:97:d3:e7:b8:a7:45:cf:0c:08:
53:7d:6a:39:a7:03:19:7f:da:98:3b:76:0f:58:2c:
37:42:ad:ea:f6:70:e7:b2:55:55:9f:f9:cd:ad:a4:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:89:0D:F2:70:EC:AD:BE:EC:14:4B:10:BF:00:BE:D5:89:DE:2D:DB
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/Z4kN8nDsrb7sFEsQvwC-1YneLds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.144.0-5.152.149.255
5.152.154.0-5.152.159.255
185.30.44.0/22
IPv6:
2a00:ab20::/29
2a11:cf40::/29
Signature Algorithm: sha256WithRSAEncryption
0e:0b:48:69:07:a4:ad:e0:61:4d:4e:b9:1d:ec:1e:ff:4a:9c:
bb:b2:74:c3:3b:ab:a6:35:72:cb:e6:70:8a:d7:72:46:97:d7:
d6:2f:be:f0:37:cf:ec:88:e4:16:3b:1a:7a:eb:66:36:98:78:
23:ad:e3:27:a2:fe:80:92:f9:6a:15:10:74:ef:01:24:e2:91:
2b:6c:70:75:2b:5d:1f:f4:14:ac:56:ce:3e:b9:65:7c:64:c6:
77:76:11:5d:1f:92:f0:66:33:5d:c6:9e:5d:45:b5:b5:e5:cf:
38:2a:a2:24:62:46:1a:e4:b9:36:84:c0:55:fd:32:28:8e:86:
b2:cd:9d:2d:38:1a:3f:71:08:95:cb:ce:18:7c:5a:26:8c:89:
09:81:64:bc:fe:48:27:66:ca:27:7d:52:5a:44:e3:09:61:14:
c9:2b:76:e2:80:9e:e0:cd:6b:ed:2e:7c:69:83:10:a7:33:38:
e0:4b:74:b6:6c:34:84:2a:16:3c:f3:ac:df:a1:9d:a9:73:39:
9f:a1:2c:e8:3d:50:d0:3d:67:b4:a5:55:e1:d3:0d:12:a0:75:
ae:87:08:32:bd:58:f6:f2:9c:54:1f:45:1a:67:82:7f:31:f5:
91:83:d5:99:2c:ae:64:70:9f:c2:8b:9e:ca:97:56:99:65:36:
a7:1e:64:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZSsPyOIEqa4SX1CPXM0ZrKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjUwMTI4MDkzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzg5MGRmMjcwZWNhZGJlZWMxNDRiMTBiZjAwYmVkNTg5ZGUyZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TmMAM0hXBfeZKi2pq4+sSnf4UAu
/jS+vxCvRszAPvxgLYIMxaD5fpLKu8uHaW8bBxpKcyr+7fzLVSy6wdJ6PX+O35AL
WS1biWXkzRPvnMEjzCt5KRKZctuRz6TuzFtCdeQY5+jw8GYCAvf+yt/7brjzUp2v
jqe+V44uI4xjkOVO1z7Pmp3yBw8MoWSYeDbyKZH1108xgTvX+r/yMM/aqPUXU8QR
nYAL03UeycW21dB55Ygn9tn/otQNxFcihHUXNEWUw55aW8pKAdEQv28V/NFnE0ta
p0CX0+e4p0XPDAhTfWo5pwMZf9qYO3YPWCw3Qq3q9nDnslVVn/nNraRLwQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGeJDfJw7K2+7BRLEL8AvtWJ3i3bMB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvWjRrTjhuRHNyYjdzRkVzUXZ3Qy0xWW5lTGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAoBAIAATAiMAwDBAQFmJAD
BAEFmJQwDAMEAQWYmgMEBQWYgAMEArkeLDAUBAIAAjAOAwUDKgCrIAMFAyoRz0Aw
DQYJKoZIhvcNAQELBQADggEBAA4LSGkHpK3gYU1OuR3sHv9KnLuydMM7q6Y1csvm
cIrXckaX19YvvvA3z+yI5BY7GnrrZjaYeCOt4yei/oCS+WoVEHTvASTikStscHUr
XR/0FKxWzj65ZXxkxnd2EV0fkvBmM13Gnl1FtbXlzzgqoiRiRhrkuTaEwFX9MiiO
hrLNnS04Gj9xCJXLzhh8WiaMiQmBZLz+SCdmyid9UlpE4wlhFMkrduKAnuDNa+0u
fGmDEKczOOBLdLZsNIQqFjzzrN+hnalzOZ+hLOg9UNA9Z7SlVeHTDRKgda6HCDK9
WPbynFQfRRpngn8x9ZGD1ZksrmRwn8KLnsqXVpllNqceZNA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:52:16 2025 by rpki-client