Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/gcLYIM7NGFOjlEOaeCFYBSRJsQU.roa
File: gcLYIM7NGFOjlEOaeCFYBSRJsQU.roa (raw, json)
Hash identifier: Gb37A8lctlHsApBbJF+wFlN+wBQgxlqZQzSQ9DIxfCE=
Subject key identifier: 81:C2:D8:20:CE:CD:18:53:A3:94:43:9A:78:21:58:05:24:49:B1:05
Certificate issuer: /CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Certificate serial: 01942369C3DE8603F349A97F9F2EB20B2F69
Authority key identifier: 5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/gcLYIM7NGFOjlEOaeCFYBSRJsQU.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61137
IP address blocks: 5.53.96.0/21 maxlen: 21
5.53.96.0/22 maxlen: 22
5.53.100.0/24 maxlen: 24
91.229.64.0/24 maxlen: 24
91.229.65.0/24 maxlen: 24
109.205.28.0/23 maxlen: 23
185.76.128.0/22 maxlen: 22
185.76.130.0/24 maxlen: 24
185.76.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c3:de:86:03:f3:49:a9:7f:9f:2e:b2:0b:2f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4a47d582bb0e9680f89258ab96d05867d352ef
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81c2d820cecd1853a394439a782158052449b105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fa:b6:7a:c1:70:e3:e2:62:be:f8:a3:0c:23:
bc:14:75:02:0a:60:fc:59:1a:5e:fa:75:b5:95:47:
91:90:57:a6:e2:42:77:1d:b3:3a:e9:b8:93:05:1f:
17:ab:a3:14:c7:5d:e7:b0:87:50:42:7f:24:8a:9a:
38:e1:49:74:26:4c:a6:92:3b:e2:a5:4f:ca:cb:e3:
d6:51:f4:79:37:cf:06:ca:2f:c4:ab:6b:79:0c:75:
43:cd:4a:8a:bf:76:c5:8a:0c:1a:19:ad:78:74:53:
bb:72:d1:7d:5f:8a:3d:61:fc:8b:a7:ef:0c:91:53:
bc:12:04:84:bf:5b:ea:1b:38:f0:7b:ba:e5:bb:03:
12:48:57:88:9f:da:0c:71:91:90:bc:ae:53:5f:8a:
66:aa:df:51:89:1d:f6:06:1f:19:73:70:90:cf:9f:
fb:14:41:fb:99:d8:16:6a:00:74:f2:03:e7:de:f3:
3c:c9:e6:b8:89:4a:5d:e4:ad:ba:5c:36:19:42:4d:
21:f4:d7:ef:3f:03:01:69:e6:53:1e:c2:f3:f1:2e:
bc:f6:14:65:33:b3:d7:b9:ae:90:a2:7c:56:be:41:
85:6e:b5:f6:40:63:5f:58:41:c1:94:95:3b:bc:f4:
b2:32:84:f5:a6:1b:4c:c7:0e:7f:46:fd:32:04:aa:
50:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C2:D8:20:CE:CD:18:53:A3:94:43:9A:78:21:58:05:24:49:B1:05
X509v3 Authority Key Identifier:
keyid:5A:4A:47:D5:82:BB:0E:96:80:F8:92:58:AB:96:D0:58:67:D3:52:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkpH1YK7DpaA-JJYq5bQWGfTUu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/gcLYIM7NGFOjlEOaeCFYBSRJsQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4b7576-2b9c-43af-8817-6b0065508996/1/WkpH1YK7DpaA-JJYq5bQWGfTUu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.96.0/21
91.229.64.0/23
109.205.28.0/23
185.76.128.0/22
Signature Algorithm: sha256WithRSAEncryption
02:2e:c7:00:bf:90:79:a4:00:f7:63:23:91:55:68:79:80:bc:
81:8c:af:58:fb:a2:df:01:be:7f:a3:43:e2:97:1c:4e:1d:b3:
32:9e:9b:9e:71:6e:6c:6a:33:67:b3:6d:73:d4:91:75:4d:93:
95:89:3e:d0:a5:5d:ff:29:65:10:b0:d6:44:b6:9f:7e:68:cf:
e9:8a:53:17:7b:25:4e:bf:c7:05:58:aa:71:89:82:75:fb:d2:
5e:35:3a:8e:a7:df:b4:d0:d2:6a:aa:c6:a9:bc:ed:f8:99:23:
44:16:b5:f8:76:0f:8d:90:91:9d:eb:1b:15:1b:65:a8:9d:8e:
32:0a:c0:92:7a:78:80:50:3d:8e:ea:ed:84:24:c7:e0:3e:15:
30:3b:79:39:aa:99:7d:b4:a4:3e:c3:f6:b5:08:86:c8:54:49:
23:0d:16:02:83:56:93:4c:8e:00:99:9e:0a:af:95:a8:c6:23:
d1:96:2e:00:c6:ee:00:38:96:70:47:36:9f:bd:52:2b:ff:f8:
c5:99:f2:dd:2e:d6:d7:67:86:f6:91:4f:4a:3e:d7:83:2d:af:
50:ae:7f:48:c6:92:f8:3f:f7:5f:d3:ac:cc:96:02:9d:18:da:
23:c5:9b:c9:b9:1c:bb:c9:cc:99:53:69:68:d9:31:f0:df:a0:
7f:73:58:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjacPehgPzSal/ny6yCy9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGE0N2Q1ODJiYjBlOTY4MGY4OTI1OGFiOTZkMDU4Njdk
MzUyZWYwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMyZDgyMGNlY2QxODUzYTM5NDQzOWE3ODIxNTgwNTI0NDliMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvq2esFw4+JivvijDCO8FHUCCmD8
WRpe+nW1lUeRkFem4kJ3HbM66biTBR8Xq6MUx13nsIdQQn8kipo44Ul0Jkymkjvi
pU/Ky+PWUfR5N88Gyi/Eq2t5DHVDzUqKv3bFigwaGa14dFO7ctF9X4o9YfyLp+8M
kVO8EgSEv1vqGzjwe7rluwMSSFeIn9oMcZGQvK5TX4pmqt9RiR32Bh8Zc3CQz5/7
FEH7mdgWagB08gPn3vM8yea4iUpd5K26XDYZQk0h9NfvPwMBaeZTHsLz8S689hRl
M7PXua6QonxWvkGFbrX2QGNfWEHBlJU7vPSyMoT1phtMxw5/Rv0yBKpQWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIHC2CDOzRhTo5RDmnghWAUkSbEFMB8GA1UdIwQY
MBaAFFpKR9WCuw6WgPiSWKuW0Fhn01LvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTct
NmIwMDY1NTA4OTk2LzEvZ2NMWUlNN05HRk9qbEVPYWVDRllCU1JKc1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Yjc1NzYtMmI5Yy00M2FmLTg4MTctNmIwMDY1NTA4OTk2
LzEvV2twSDFZSzdEcGFBLUpKWXE1YlFXR2ZUVXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBTVgAwQB
W+VAAwQBbc0cAwQCuUyAMA0GCSqGSIb3DQEBCwUAA4IBAQACLscAv5B5pAD3YyOR
VWh5gLyBjK9Y+6LfAb5/o0PilxxOHbMynpuecW5sajNns21z1JF1TZOViT7QpV3/
KWUQsNZEtp9+aM/pilMXeyVOv8cFWKpxiYJ1+9JeNTqOp9+00NJqqsapvO34mSNE
FrX4dg+NkJGd6xsVG2WonY4yCsCSeniAUD2O6u2EJMfgPhUwO3k5qpl9tKQ+w/a1
CIbIVEkjDRYCg1aTTI4AmZ4Kr5WoxiPRli4Axu4AOJZwRzafvVIr//jFmfLdLtbX
Z4b2kU9KPteDLa9Qrn9IxpL4P/df06zMlgKdGNojxZvJuRy7ycyZU2lo2THw36B/
c1ia
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:05:17 2025 by rpki-client