Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/3mOoENhQssYcE0_jNIiNCd1IJhM.roa
File: 3mOoENhQssYcE0_jNIiNCd1IJhM.roa (raw, json)
Hash identifier: NxDjxUHodJorGdwgiCzGcQ9QT0JyGcub9gsrImCrSi0=
Subject key identifier: DE:63:A8:10:D8:50:B2:C6:1C:13:4F:E3:34:88:8D:09:DD:48:26:13
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 019420D66670DECC62BC684633043294DB5C
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/3mOoENhQssYcE0_jNIiNCd1IJhM.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.112.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.119.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
185.24.255.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:d::/48 maxlen: 48
2a04:2f00:e::/48 maxlen: 48
2a04:2f00:ff01::/48 maxlen: 48
2a04:2f00:ff02::/48 maxlen: 48
2a04:2f00:ff03::/48 maxlen: 48
2a04:2f00:ff06::/48 maxlen: 48
2a04:2f00:ff08::/48 maxlen: 48
2a04:2f00:ff09::/48 maxlen: 48
2a04:2f01:3::/48 maxlen: 48
2a04:2f01:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:66:70:de:cc:62:bc:68:46:33:04:32:94:db:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de63a810d850b2c61c134fe334888d09dd482613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bb:06:cd:94:f1:49:49:00:3c:e4:79:8c:51:
0d:37:a0:1c:05:b6:d2:a6:b2:36:f2:81:a1:2f:43:
5b:a0:e3:0c:90:f5:c9:a0:a6:e0:6c:1f:c7:63:b6:
4e:49:cb:35:d5:51:83:28:a5:ec:3a:81:a3:c0:4d:
fc:a0:05:a9:9d:70:c8:be:4f:7e:cb:94:e1:06:67:
b8:01:37:88:9e:4c:37:04:93:75:e8:17:30:da:22:
96:b9:20:5a:cc:af:9d:72:2f:45:8f:d5:19:17:6a:
1d:8b:5b:cd:16:fe:4b:24:e4:f0:ae:b8:44:8d:eb:
dc:75:d1:8f:58:5a:4a:16:50:cc:58:e0:55:86:7c:
c5:1f:e2:2f:be:9e:31:bf:0e:65:7e:17:82:69:92:
28:88:77:f9:e5:10:29:73:38:1d:43:6d:7a:ce:9d:
bd:e5:81:e5:55:9c:e5:09:73:6f:38:c1:74:75:cb:
5b:10:73:89:d6:5f:e3:97:7a:38:55:54:22:29:79:
62:27:17:09:d8:54:6a:e3:90:b1:a9:2e:6e:d2:04:
15:be:4f:cf:89:35:36:8f:fd:f3:fa:95:05:ae:ed:
04:1b:e9:b3:5d:0d:b4:3e:7b:58:f6:9c:63:ff:89:
ad:fb:b2:72:1c:0a:05:48:bb:51:20:2d:29:c8:0a:
28:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:63:A8:10:D8:50:B2:C6:1C:13:4F:E3:34:88:8D:09:DD:48:26:13
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/3mOoENhQssYcE0_jNIiNCd1IJhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/22
5.145.117.0-5.145.119.255
185.24.252.0/22
IPv6:
2a04:2f00::/48
2a04:2f00:3::/48
2a04:2f00:d::-2a04:2f00:e:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff01::-2a04:2f00:ff03:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff06::/48
2a04:2f00:ff08::/47
2a04:2f01:3::-2a04:2f01:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:31:d9:8c:11:eb:c8:1e:17:71:42:38:75:d1:f7:cf:30:a6:
9a:cf:bd:10:82:32:f6:99:bd:7b:64:7a:97:5d:db:1a:7b:85:
a6:d6:5a:ae:3d:4f:f3:0f:b8:e4:e1:0f:81:59:55:4d:4e:00:
db:a2:2b:8b:ce:a5:c3:fd:7d:7a:f6:52:b2:b8:7a:c8:f0:a7:
d5:88:26:c7:ea:41:c6:57:89:48:49:4a:06:f9:32:ff:17:24:
15:a9:9b:b5:4e:35:9f:8a:dc:d6:74:9f:2e:63:1a:37:b8:33:
4d:f2:c1:f0:10:23:5c:20:2f:f8:ae:f0:2d:82:e4:d1:8a:f3:
50:83:c4:96:f9:75:ee:f4:b1:12:45:65:63:1f:82:51:c3:0d:
09:c9:62:f0:6b:12:7f:cd:3d:fa:ef:10:22:6d:ca:10:1d:c5:
b1:1f:fe:08:3f:89:b1:07:70:c1:0f:ae:42:ad:a1:e4:28:0f:
1a:69:90:0a:86:73:e7:28:87:ee:11:1f:80:dc:ba:94:eb:65:
2f:25:8a:8f:37:a6:71:d2:c1:d5:16:2c:52:92:90:f8:e0:36:
ae:a8:1d:0c:f9:97:4e:f9:ac:13:e8:f0:df:3a:09:8a:b3:01:
7b:6a:88:9f:51:7a:83:e7:fb:30:9f:71:5f:9d:da:9c:c1:03:
f8:d5:21:c2
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZQg1mZw3sxivGhGMwQylNtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYzYTgxMGQ4NTBiMmM2MWMxMzRmZTMzNDg4OGQwOWRkNDgyNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLsGzZTxSUkAPOR5jFENN6AcBbbS
prI28oGhL0NboOMMkPXJoKbgbB/HY7ZOScs11VGDKKXsOoGjwE38oAWpnXDIvk9+
y5ThBme4ATeInkw3BJN16Bcw2iKWuSBazK+dci9Fj9UZF2odi1vNFv5LJOTwrrhE
jevcddGPWFpKFlDMWOBVhnzFH+Ivvp4xvw5lfheCaZIoiHf55RApczgdQ216zp29
5YHlVZzlCXNvOMF0dctbEHOJ1l/jl3o4VVQiKXliJxcJ2FRq45CxqS5u0gQVvk/P
iTU2j/3z+pUFru0EG+mzXQ20PntY9pxj/4mt+7JyHAoFSLtRIC0pyAooiwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFN5jqBDYULLGHBNP4zSIjQndSCYTMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvM21Pb0VOaFFzc1ljRTBfak5JaU5DZDFJSmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijAgBAIAATAaAwQCBZFw
MAwDBAAFkXUDBAMFkXADBAK5GPwwZgQCAAIwYAMHACoELwAAAAMHACoELwAAAzAS
AwcAKgQvAAANAwcAKgQvAAAOMBIDBwAqBC8A/wEDBwIqBC8A/wADBwAqBC8A/wYD
BwEqBC8A/wgwEgMHACoELwEAAwMHACoELwEABDANBgkqhkiG9w0BAQsFAAOCAQEA
IzHZjBHryB4XcUI4ddH3zzCmms+9EIIy9pm9e2R6l13bGnuFptZarj1P8w+45OEP
gVlVTU4A26Iri86lw/19evZSsrh6yPCn1Ygmx+pBxleJSElKBvky/xckFambtU41
n4rc1nSfLmMaN7gzTfLB8BAjXCAv+K7wLYLk0YrzUIPElvl17vSxEkVlYx+CUcMN
Ccli8GsSf809+u8QIm3KEB3FsR/+CD+JsQdwwQ+uQq2h5CgPGmmQCoZz5yiH7hEf
gNy6lOtlLyWKjzemcdLB1RYsUpKQ+OA2rqgdDPmXTvmsE+jw3zoJirMBe2qIn1F6
g+f7MJ9xX53anMED+NUhwg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:55:39 2025 by rpki-client