Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/3rk6DTXzfhXnDvH7YjIIV0HcXhY.roa
File: 3rk6DTXzfhXnDvH7YjIIV0HcXhY.roa (raw, json)
Hash identifier: 8yMBicvXGg6+UMP8iKzu3+exUVvDmdmba1/S47z8Uyk=
Subject key identifier: DE:B9:3A:0D:35:F3:7E:15:E7:0E:F1:FB:62:32:08:57:41:DC:5E:16
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 019423D6FD786FF2AA2F38FAF9BCEDC8E9D2
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/3rk6DTXzfhXnDvH7YjIIV0HcXhY.roa
Signing time: Wed 01 Jan 2025 21:47:59 +0000
ROA not before: Wed 01 Jan 2025 21:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59674
IP address blocks: 5.250.240.0/24 maxlen: 24
5.250.241.0/24 maxlen: 24
5.250.242.0/24 maxlen: 24
5.250.243.0/24 maxlen: 24
5.250.244.0/24 maxlen: 24
5.250.245.0/24 maxlen: 24
5.250.246.0/24 maxlen: 24
5.250.247.0/24 maxlen: 24
5.250.248.0/24 maxlen: 24
5.250.249.0/24 maxlen: 24
5.250.250.0/24 maxlen: 24
5.250.251.0/24 maxlen: 24
5.250.252.0/24 maxlen: 24
185.67.122.0/24 maxlen: 24
185.67.123.0/24 maxlen: 24
2a05:e80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fd:78:6f:f2:aa:2f:38:fa:f9:bc:ed:c8:e9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Jan 1 21:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deb93a0d35f37e15e70ef1fb6232085741dc5e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f7:53:5a:a2:f8:df:b3:39:28:5f:aa:df:9b:
13:a9:5d:20:94:e9:06:90:7a:ba:7d:d0:22:de:88:
3b:ce:4c:a5:f6:5b:74:9c:31:40:1d:e7:a3:57:ba:
1e:8d:0b:d5:03:d5:f0:bd:ea:2c:15:88:56:c2:2b:
21:fb:f7:2a:93:64:26:30:0c:e0:04:92:43:79:a2:
71:db:e6:ce:3a:1e:da:d4:e4:af:c8:f7:f0:a4:96:
d6:14:ae:b9:fe:b8:02:14:ba:bb:4c:6f:cb:57:32:
8f:ac:82:28:09:d5:23:d7:5a:4d:6e:55:d0:b2:70:
93:ed:a1:0e:3d:9d:61:3b:11:33:cf:fb:4b:71:b0:
17:aa:50:0f:18:ab:93:2e:1a:28:9e:b0:fa:b3:6c:
d7:2b:08:09:1b:af:b9:69:c0:8d:b0:2e:85:96:a1:
ef:22:c5:e4:1c:1f:cb:52:2d:4d:04:a0:95:e4:9d:
cc:b3:00:5d:fe:93:96:24:3a:d7:ba:65:b1:1b:3f:
d0:8c:56:27:d9:1d:cd:73:eb:8a:c7:14:ba:bf:3a:
8c:ec:3d:a4:d4:e6:e4:93:f6:a4:43:02:08:c5:4e:
6c:db:47:bb:9c:c2:65:3d:94:03:2b:99:b0:6a:53:
a5:b4:36:12:75:7e:12:21:4d:52:dc:bf:f7:65:3b:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B9:3A:0D:35:F3:7E:15:E7:0E:F1:FB:62:32:08:57:41:DC:5E:16
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/3rk6DTXzfhXnDvH7YjIIV0HcXhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.240.0-5.250.252.255
185.67.122.0/23
IPv6:
2a05:e80::/32
Signature Algorithm: sha256WithRSAEncryption
46:c5:ed:65:47:64:e6:23:ae:5d:92:52:2e:ba:65:5f:6b:14:
42:59:1d:83:a5:e4:25:08:49:a6:a6:66:d0:bd:a4:57:f5:9c:
b2:81:1a:9d:3d:92:c4:8c:c5:5d:a4:cc:c2:00:47:28:fb:b2:
c9:a4:f3:3b:aa:c9:4c:b7:0b:40:ca:54:eb:31:36:db:6c:fa:
b3:6e:a4:ed:a8:d6:58:82:3a:90:44:af:44:ef:95:bc:c2:d1:
f0:7b:db:d9:f9:c4:62:93:86:3d:a5:e3:cb:23:12:d2:a3:9a:
75:92:c5:4e:8e:17:f6:c0:be:40:89:91:e1:4b:4d:4b:5e:30:
d0:30:bb:67:f0:e5:a9:f2:53:0e:b9:9d:95:41:08:65:a2:08:
80:ff:68:0e:5f:e3:ba:e1:ab:39:01:be:fc:58:5d:9a:cc:9d:
48:80:1b:52:13:07:8f:06:54:0a:27:01:bf:4b:65:24:d7:b9:
d9:50:a3:6a:fe:3f:98:24:25:af:a9:ee:87:16:bf:87:bd:7a:
03:b3:5c:9e:27:e8:2d:c7:2d:d4:2f:d6:ef:12:8d:c0:0d:98:
9d:1f:76:98:9a:1a:05:38:c0:9a:8a:49:aa:bd:6c:18:0d:8f:
70:9b:87:8b:00:36:ba:77:6a:07:83:2e:92:68:b2:37:d4:90:
63:ea:8e:9e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQj1v14b/KqLzj6+bztyOnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjUwMTAxMjE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI5M2EwZDM1ZjM3ZTE1ZTcwZWYxZmI2MjMyMDg1NzQxZGM1ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfdTWqL437M5KF+q35sTqV0glOkG
kHq6fdAi3og7zkyl9lt0nDFAHeejV7oejQvVA9XwveosFYhWwish+/cqk2QmMAzg
BJJDeaJx2+bOOh7a1OSvyPfwpJbWFK65/rgCFLq7TG/LVzKPrIIoCdUj11pNblXQ
snCT7aEOPZ1hOxEzz/tLcbAXqlAPGKuTLhoonrD6s2zXKwgJG6+5acCNsC6FlqHv
IsXkHB/LUi1NBKCV5J3MswBd/pOWJDrXumWxGz/QjFYn2R3Nc+uKxxS6vzqM7D2k
1Obkk/akQwIIxU5s20e7nMJlPZQDK5mwalOltDYSdX4SIU1S3L/3ZTv9+QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN65Og01834V5w7x+2IyCFdB3F4WMB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvM3JrNkRUWHpmaFhuRHZIN1lqSUlWMEhjWGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWItZWE1OTI2NGY5MDgz
LzEvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAQF+vAD
BAAF+vwDBAG5Q3owDQQCAAIwBwMFACoFDoAwDQYJKoZIhvcNAQELBQADggEBAEbF
7WVHZOYjrl2SUi66ZV9rFEJZHYOl5CUISaamZtC9pFf1nLKBGp09ksSMxV2kzMIA
Ryj7ssmk8zuqyUy3C0DKVOsxNtts+rNupO2o1liCOpBEr0TvlbzC0fB729n5xGKT
hj2l48sjEtKjmnWSxU6OF/bAvkCJkeFLTUteMNAwu2fw5anyUw65nZVBCGWiCID/
aA5f47rhqzkBvvxYXZrMnUiAG1ITB48GVAonAb9LZSTXudlQo2r+P5gkJa+p7ocW
v4e9egOzXJ4n6C3HLdQv1u8SjcANmJ0fdpiaGgU4wJqKSaq9bBgNj3Cbh4sANrp3
ageDLpJosjfUkGPqjp4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:18:07 2025 by rpki-client