Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/_5aThoYvjMsITc0AmZUahNTEazc.roa
File: _5aThoYvjMsITc0AmZUahNTEazc.roa (raw, json)
Hash identifier: iey0wwdJxsog8xLwNAgdWxYbkCyS7fS72sYT3LN2fPQ=
Subject key identifier: FF:96:93:86:86:2F:8C:CB:08:4D:CD:00:99:95:1A:84:D4:C4:6B:37
Certificate issuer: /CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Certificate serial: 01942825F125C983A30249A3853172C5BEC5
Authority key identifier: 40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/_5aThoYvjMsITc0AmZUahNTEazc.roa
Signing time: Thu 02 Jan 2025 17:52:42 +0000
ROA not before: Thu 02 Jan 2025 17:52:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201299
IP address blocks: 176.52.180.0/22 maxlen: 22
176.52.181.0/24 maxlen: 24
176.52.182.0/24 maxlen: 24
176.52.183.0/24 maxlen: 24
2a07:cbc0::/29 maxlen: 42
2a07:cbc0:100::/42 maxlen: 42
2a07:cbc0:140::/42 maxlen: 42
2a07:cbc0:180::/42 maxlen: 42
2a07:cbc0:1c0::/42 maxlen: 42
2a07:cbc0:200::/42 maxlen: 42
2a07:cbc0:300::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:f1:25:c9:83:a3:02:49:a3:85:31:72:c5:be:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40163dd4414ef3e792e00501f34efce9440a9c4e
Validity
Not Before: Jan 2 17:52:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff969386862f8ccb084dcd0099951a84d4c46b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0b:f6:37:fc:96:4a:65:85:ac:44:69:56:5f:
2c:0d:ff:41:7f:02:32:ff:86:9d:82:cf:9f:af:8b:
98:d0:fc:85:9c:63:2a:50:c7:45:03:de:30:d2:37:
25:ac:04:4d:b5:bb:c7:17:52:fe:be:43:71:29:80:
a5:54:b6:ff:0c:21:7b:a0:19:8b:74:dc:34:c9:8f:
06:02:a5:82:5e:c1:33:99:05:84:bf:db:46:a3:a5:
70:28:4f:bb:8e:ec:99:91:0f:9a:c3:87:e0:25:ce:
a5:b2:10:3b:25:6b:db:97:64:9b:a4:ce:ba:c1:85:
e5:50:dc:a8:43:31:07:89:16:9f:bc:80:04:c4:dd:
7f:ef:aa:25:ea:07:8b:07:72:58:fe:aa:20:11:6f:
5c:0f:42:63:5d:8d:f7:29:5d:02:ca:ec:cf:49:dc:
84:70:cf:0e:75:17:db:81:84:49:2e:a6:76:ce:73:
bf:c1:96:e5:66:4f:9c:19:47:98:60:58:a6:5e:f8:
4c:36:5c:27:b7:f9:32:a4:66:9f:70:d6:2a:00:0d:
c1:f6:c4:7d:1b:c8:90:cd:bf:50:81:7c:52:95:a6:
e3:33:63:41:1b:02:9d:a1:bf:62:a9:46:d9:35:10:
a4:3f:ea:66:d4:c9:05:23:9b:1f:73:29:51:42:0e:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:96:93:86:86:2F:8C:CB:08:4D:CD:00:99:95:1A:84:D4:C4:6B:37
X509v3 Authority Key Identifier:
keyid:40:16:3D:D4:41:4E:F3:E7:92:E0:05:01:F3:4E:FC:E9:44:0A:9C:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QBY91EFO8-eS4AUB80786UQKnE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/_5aThoYvjMsITc0AmZUahNTEazc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/521438-3e04-4d72-88de-3622ac7d65cc/1/QBY91EFO8-eS4AUB80786UQKnE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.180.0/22
IPv6:
2a07:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
69:fb:28:2e:63:13:0b:02:05:49:4a:1e:98:fe:bc:63:ef:ae:
7d:c9:b9:55:0a:71:4a:db:cb:29:5f:52:ab:84:6d:e9:01:16:
bb:dc:9f:59:bb:e3:36:91:d3:7d:8c:7a:87:28:36:48:84:74:
95:32:b3:07:24:db:60:22:66:cb:ca:0d:46:0c:ae:bf:3f:8f:
6f:ab:0e:67:5e:86:6e:b0:dc:ad:ef:0c:8c:33:d4:f2:e5:37:
59:68:8d:00:03:8b:e3:45:74:3e:5f:0d:c0:d9:1b:d4:81:d0:
e4:bc:cd:7c:c4:89:e1:22:4e:96:6a:a4:1f:e3:82:b9:24:95:
5e:9f:6b:66:47:c8:77:d7:56:3d:2e:95:3f:b6:d6:72:dd:ff:
52:83:85:90:18:6c:0a:16:90:01:bb:3a:b0:c8:3f:e9:78:e2:
b1:3c:ff:c6:c4:5b:a9:5d:5c:6c:2f:41:dd:e4:3c:23:bb:9b:
fb:88:82:ec:3e:62:81:ad:6e:77:e4:1f:5f:df:a0:3d:09:7f:
00:12:ff:09:29:a9:99:e7:cb:6b:34:23:1f:91:de:14:ad:c4:
3a:b1:45:2b:33:55:89:3e:58:48:c8:d3:fd:4d:ea:44:fb:e3:
85:eb:5e:34:af:79:43:62:b3:27:60:eb:c0:ed:19:2d:43:74:
36:02:35:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJfElyYOjAkmjhTFyxb7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMTYzZGQ0NDE0ZWYzZTc5MmUwMDUwMWYzNGVmY2U5NDQw
YTljNGUwHhcNMjUwMTAyMTc1MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjk2OTM4Njg2MmY4Y2NiMDg0ZGNkMDA5OTk1MWE4NGQ0YzQ2YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Av2N/yWSmWFrERpVl8sDf9BfwIy
/4adgs+fr4uY0PyFnGMqUMdFA94w0jclrARNtbvHF1L+vkNxKYClVLb/DCF7oBmL
dNw0yY8GAqWCXsEzmQWEv9tGo6VwKE+7juyZkQ+aw4fgJc6lshA7JWvbl2SbpM66
wYXlUNyoQzEHiRafvIAExN1/76ol6geLB3JY/qogEW9cD0JjXY33KV0CyuzPSdyE
cM8OdRfbgYRJLqZ2znO/wZblZk+cGUeYYFimXvhMNlwnt/kypGafcNYqAA3B9sR9
G8iQzb9QgXxSlabjM2NBGwKdob9iqUbZNRCkP+pm1MkFI5sfcylRQg5LSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP+Wk4aGL4zLCE3NAJmVGoTUxGs3MB8GA1UdIwQY
MBaAFEAWPdRBTvPnkuAFAfNO/OlECpxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUt
MzYyMmFjN2Q2NWNjLzEvXzVhVGhvWXZqTXNJVGMwQW1aVWFoTlRFYXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81MjE0MzgtM2UwNC00ZDcyLTg4ZGUtMzYyMmFjN2Q2NWNj
LzEvUUJZOTFFRk84LWVTNEFVQjgwNzg2VVFLbkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsDS0MA0E
AgACMAcDBQMqB8vAMA0GCSqGSIb3DQEBCwUAA4IBAQBp+yguYxMLAgVJSh6Y/rxj
7659yblVCnFK28spX1KrhG3pARa73J9Zu+M2kdN9jHqHKDZIhHSVMrMHJNtgImbL
yg1GDK6/P49vqw5nXoZusNyt7wyMM9Ty5TdZaI0AA4vjRXQ+Xw3A2RvUgdDkvM18
xInhIk6WaqQf44K5JJVen2tmR8h311Y9LpU/ttZy3f9Sg4WQGGwKFpABuzqwyD/p
eOKxPP/GxFupXVxsL0Hd5Dwju5v7iILsPmKBrW535B9f36A9CX8AEv8JKamZ58tr
NCMfkd4UrcQ6sUUrM1WJPlhIyNP9TepE++OF6140r3lDYrMnYOvA7RktQ3Q2AjXI
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:24:31 2025 by rpki-client