Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/8ywt7YsrRBMREchgHLgyKhwPgx4.roa
File: 8ywt7YsrRBMREchgHLgyKhwPgx4.roa (raw, json)
Hash identifier: aCuMcxrQC+7OXrTGuhaVav/hwtQSKlgeWzdcYZWQMpw=
Subject key identifier: F3:2C:2D:ED:8B:2B:44:13:11:11:C8:60:1C:B8:32:2A:1C:0F:83:1E
Certificate issuer: /CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Certificate serial: 0194228DA4662D61B36D68A69CAB53A533DD
Authority key identifier: 54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/8ywt7YsrRBMREchgHLgyKhwPgx4.roa
Signing time: Wed 01 Jan 2025 15:48:15 +0000
ROA not before: Wed 01 Jan 2025 15:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43872
IP address blocks: 5.253.252.0/22 maxlen: 22
45.136.108.0/24 maxlen: 24
92.118.111.0/24 maxlen: 24
176.101.169.0/24 maxlen: 24
185.183.20.0/22 maxlen: 22
185.187.61.0/24 maxlen: 24
185.253.176.0/22 maxlen: 22
193.105.189.0/24 maxlen: 24
193.247.94.0/24 maxlen: 24
193.247.101.0/24 maxlen: 24
193.247.103.0/24 maxlen: 24
193.247.165.0/24 maxlen: 24
195.234.28.0/24 maxlen: 24
217.198.183.0/24 maxlen: 24
2a0b:180::/29 maxlen: 29
2a10:c9c0::/29 maxlen: 29
2a10:cac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:a4:66:2d:61:b3:6d:68:a6:9c:ab:53:a5:33:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Validity
Not Before: Jan 1 15:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f32c2ded8b2b44131111c8601cb8322a1c0f831e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c3:af:e5:2d:13:77:41:e6:c0:20:44:cc:bc:
f2:5b:c5:a3:2a:18:56:26:5c:77:7b:26:70:11:b3:
04:d6:16:20:41:58:0c:db:59:be:61:99:12:7a:aa:
c3:26:d6:19:f5:d5:fc:eb:19:5e:e2:28:b3:19:cf:
0b:24:8f:17:1a:b8:df:21:42:fd:ce:d4:f2:21:14:
42:1d:3c:5c:e2:43:85:45:0b:11:70:ad:bf:78:cd:
e4:0f:2a:6f:82:b3:92:aa:52:36:88:a5:0c:e5:26:
8a:d6:27:39:95:c8:5c:7d:f6:77:b3:67:ab:16:93:
a0:08:d6:10:dc:8b:5f:2e:7c:3f:a2:b5:81:da:2c:
35:31:e2:25:70:1d:36:e1:73:5a:6c:88:cc:ec:76:
aa:10:c8:4e:f8:6d:3e:f1:04:89:b9:0f:a5:b2:f2:
78:0e:85:9e:d7:3c:62:db:ca:dd:00:26:21:99:86:
19:7b:9c:63:1c:b6:d9:32:fe:a7:4a:a9:bf:08:79:
b2:44:ca:08:08:c9:69:9e:33:4e:ad:5a:ce:03:81:
21:1a:35:9e:a0:ad:03:16:f6:92:6f:d1:29:02:d7:
83:60:9e:a8:a1:40:85:b7:78:34:20:1a:80:60:7e:
44:41:cf:ba:01:7f:f8:29:bf:b8:a4:ed:09:99:61:
b7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2C:2D:ED:8B:2B:44:13:11:11:C8:60:1C:B8:32:2A:1C:0F:83:1E
X509v3 Authority Key Identifier:
keyid:54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/8ywt7YsrRBMREchgHLgyKhwPgx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.252.0/22
45.136.108.0/24
92.118.111.0/24
176.101.169.0/24
185.183.20.0/22
185.187.61.0/24
185.253.176.0/22
193.105.189.0/24
193.247.94.0/24
193.247.101.0/24
193.247.103.0/24
193.247.165.0/24
195.234.28.0/24
217.198.183.0/24
IPv6:
2a0b:180::/29
2a10:c9c0::/29
2a10:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:0b:bc:07:21:ac:02:5a:52:25:07:2c:7e:9d:37:51:f7:10:
99:70:2a:84:f7:89:b3:c8:7f:fe:70:95:69:bc:35:44:cd:81:
89:93:0c:03:61:55:39:9e:54:e0:d2:a1:cd:86:f2:b5:77:61:
94:4e:2d:f9:75:30:ab:5c:82:90:3e:7c:7d:2e:8d:0a:50:f2:
d3:10:93:c6:00:5d:f7:d7:43:ae:60:11:21:2d:e1:46:32:61:
23:cf:d7:1e:ac:26:09:3b:46:7c:8f:8f:45:d3:04:f1:07:68:
cd:c5:15:8e:10:85:c2:bc:2b:98:bb:02:1e:f3:24:9a:88:62:
a1:ba:56:e0:af:4a:c4:a0:af:cc:1c:66:2c:38:1c:4c:15:d9:
98:68:67:44:6d:82:b6:f8:94:e1:4a:c7:1e:83:aa:74:06:4c:
96:1b:62:ea:c1:8f:a7:9b:70:89:79:61:2d:a1:03:81:f3:49:
97:ae:e4:bb:fb:e0:c7:fd:a3:b2:c6:ce:68:f1:75:53:de:67:
ff:88:e0:f7:7f:f2:e5:ca:94:4b:1c:04:9a:87:da:a1:77:17:
43:1f:7b:1f:46:c7:57:01:fd:35:94:8d:39:90:ac:6c:21:96:
aa:ad:0c:e5:d9:9d:a9:6f:df:63:0e:72:55:92:99:1f:5e:3a:
e0:d2:6e:8f
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZQijaRmLWGzbWimnKtTpTPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2UyMGJmNWYyNTJiMWJkYmQyMWRjOTlkOTRjZDk3ZWE3
ZjBmZTYwHhcNMjUwMTAxMTU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzJjMmRlZDhiMmI0NDEzMTExMWM4NjAxY2I4MzIyYTFjMGY4MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsOv5S0Td0HmwCBEzLzyW8WjKhhW
Jlx3eyZwEbME1hYgQVgM21m+YZkSeqrDJtYZ9dX86xle4iizGc8LJI8XGrjfIUL9
ztTyIRRCHTxc4kOFRQsRcK2/eM3kDypvgrOSqlI2iKUM5SaK1ic5lchcffZ3s2er
FpOgCNYQ3ItfLnw/orWB2iw1MeIlcB024XNabIjM7HaqEMhO+G0+8QSJuQ+lsvJ4
DoWe1zxi28rdACYhmYYZe5xjHLbZMv6nSqm/CHmyRMoICMlpnjNOrVrOA4EhGjWe
oK0DFvaSb9EpAteDYJ6ooUCFt3g0IBqAYH5EQc+6AX/4Kb+4pO0JmWG3+wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFPMsLe2LK0QTERHIYBy4MiocD4MeMB8GA1UdIwQY
MBaAFFQ+IL9fJSsb29IdyZ2UzZfqfw/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUt
ZDVhZDk5NmExYWM4LzEvOHl3dDdZc3JSQk1SRWNoZ0hMZ3lLaHdQZ3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ZTg3YTYtNjUzNi00NTRhLWE1OWUtZDVhZDk5NmExYWM4
LzEvVkQ0Z3YxOGxLeHZiMGgzSm5aVE5sLXBfRC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEAgX9/AME
AC2IbAMEAFx2bwMEALBlqQMEArm3FAMEALm7PQMEArn9sAMEAMFpvQMEAMH3XgME
AMH3ZQMEAMH3ZwMEAMH3pQMEAMPqHAMEANnGtzAbBAIAAjAVAwUDKgsBgAMFAyoQ
ycADBQMqEMrAMA0GCSqGSIb3DQEBCwUAA4IBAQA7C7wHIawCWlIlByx+nTdR9xCZ
cCqE94mzyH/+cJVpvDVEzYGJkwwDYVU5nlTg0qHNhvK1d2GUTi35dTCrXIKQPnx9
Lo0KUPLTEJPGAF3310OuYBEhLeFGMmEjz9cerCYJO0Z8j49F0wTxB2jNxRWOEIXC
vCuYuwIe8ySaiGKhulbgr0rEoK/MHGYsOBxMFdmYaGdEbYK2+JThSsceg6p0BkyW
G2LqwY+nm3CJeWEtoQOB80mXruS7++DH/aOyxs5o8XVT3mf/iOD3f/LlypRLHASa
h9qhdxdDH3sfRsdXAf01lI05kKxsIZaqrQzl2Z2pb99jDnJVkpkfXjrg0m6P
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:19 2025 by rpki-client