Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VVhgzZrYLLn9orfI2ZSOrS1btJg.roa
File: VVhgzZrYLLn9orfI2ZSOrS1btJg.roa (raw, json)
Hash identifier: IQOLxYvSf8c5mMO9fzf9wtLV1KaA65JwHH/oG6PjlEI=
Subject key identifier: 55:58:60:CD:9A:D8:2C:B9:FD:A2:B7:C8:D9:94:8E:AD:2D:5B:B4:98
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019567DAFDACE94A73029331C224974EC0EA
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VVhgzZrYLLn9orfI2ZSOrS1btJg.roa
Signing time: Wed 05 Mar 2025 19:49:19 +0000
ROA not before: Wed 05 Mar 2025 19:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
45.12.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:da:fd:ac:e9:4a:73:02:93:31:c2:24:97:4e:c0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 5 19:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=555860cd9ad82cb9fda2b7c8d9948ead2d5bb498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fa:f1:bd:6b:ab:d9:70:6b:30:c0:33:f5:73:
81:01:5b:20:03:5e:da:d5:93:47:d4:44:4d:ae:ed:
ee:c2:e7:10:05:51:f9:20:86:ea:e6:e5:81:93:f1:
87:f0:bf:26:fc:36:84:65:bd:a4:89:f8:c8:62:a8:
8b:72:11:ba:2b:02:b7:b5:3f:d5:74:51:b0:cf:a6:
70:b4:62:4e:29:ca:d5:44:a0:6f:cb:80:7f:91:cf:
01:52:72:87:ba:fd:1f:2f:91:d1:1a:9f:8b:1f:48:
31:70:06:f5:a8:da:66:e8:8b:83:34:98:86:e0:df:
f4:16:35:13:90:55:71:6f:0d:d1:a7:b2:4b:60:8d:
03:77:db:1c:e6:2f:07:b8:39:d9:db:42:ef:b7:6c:
e3:17:b8:e4:b6:c0:c7:f3:d3:5a:68:4e:0b:77:98:
0d:0d:4c:98:74:9b:de:44:e2:c9:13:89:c3:26:57:
57:86:19:50:be:3a:5d:b4:bc:71:41:79:a5:4a:51:
b8:21:d1:15:5b:5b:88:f2:16:f1:95:2d:e7:ba:5f:
dd:57:eb:13:04:b0:26:a3:78:58:76:2c:f6:ff:e1:
a2:6c:75:a2:2a:57:1c:34:11:c0:40:d0:55:ee:c3:
cc:2e:cb:d2:10:87:8a:14:ab:19:a0:55:81:53:95:
62:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:58:60:CD:9A:D8:2C:B9:FD:A2:B7:C8:D9:94:8E:AD:2D:5B:B4:98
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VVhgzZrYLLn9orfI2ZSOrS1btJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.178.97.0/24
31.192.240.0/21
45.12.216.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ba:b9:a9:c5:da:29:1e:7d:7e:dc:2e:e7:c8:9c:05:1a:31:
13:2a:c1:7a:97:3a:52:be:f5:61:01:a3:51:0b:dc:6a:f1:33:
d8:fe:95:4c:ee:cb:f3:34:61:f7:6c:90:74:a3:b9:77:1f:9f:
20:3c:d2:bf:e3:e6:76:b9:36:3a:1b:83:c6:6e:2d:ff:52:ae:
87:11:b0:f1:00:b1:09:4b:12:42:94:a3:2b:cc:75:bf:01:1f:
99:7a:5b:ae:b9:fd:92:ed:23:27:82:e5:2a:f5:96:9a:3d:7d:
fc:44:63:31:9f:97:a2:4f:56:28:9d:29:d6:7e:65:cf:49:a2:
1e:9c:a1:cd:a4:eb:be:27:08:f4:51:a3:86:50:23:26:b9:3f:
50:3b:d9:89:0e:e7:89:61:30:f5:83:13:e9:9a:d5:62:2b:b4:
ba:f3:d4:8f:93:07:62:9b:fb:00:6f:fe:10:2a:f4:17:ee:3c:
fa:9f:40:20:d1:7f:8a:4a:9f:d1:b0:f1:5e:96:22:0d:97:93:
65:64:bd:5f:6b:f1:1a:93:0e:aa:19:70:f4:63:f3:f6:37:09:
97:f0:a1:a4:61:82:26:8d:fb:fb:a8:e7:4e:b6:34:fc:5b:2a:
ca:86:1d:d8:dd:de:76:f3:64:83:97:77:cc:e7:85:ad:a4:ed:
03:ed:04:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVn2v2s6UpzApMxwiSXTsDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMzA1MTk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU4NjBjZDlhZDgyY2I5ZmRhMmI3YzhkOTk0OGVhZDJkNWJiNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPrxvWur2XBrMMAz9XOBAVsgA17a
1ZNH1ERNru3uwucQBVH5IIbq5uWBk/GH8L8m/DaEZb2kifjIYqiLchG6KwK3tT/V
dFGwz6ZwtGJOKcrVRKBvy4B/kc8BUnKHuv0fL5HRGp+LH0gxcAb1qNpm6IuDNJiG
4N/0FjUTkFVxbw3Rp7JLYI0Dd9sc5i8HuDnZ20Lvt2zjF7jktsDH89NaaE4Ld5gN
DUyYdJveROLJE4nDJldXhhlQvjpdtLxxQXmlSlG4IdEVW1uI8hbxlS3nul/dV+sT
BLAmo3hYdiz2/+GibHWiKlccNBHAQNBV7sPMLsvSEIeKFKsZoFWBU5ViiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFVYYM2a2Cy5/aK3yNmUjq0tW7SYMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvVlZoZ3pacllMTG45b3JmSTJaU09yUzFidEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABSf4AwQA
BbJhAwQDH8DwAwQALQzYMA0GCSqGSIb3DQEBCwUAA4IBAQBDurmpxdopHn1+3C7n
yJwFGjETKsF6lzpSvvVhAaNRC9xq8TPY/pVM7svzNGH3bJB0o7l3H58gPNK/4+Z2
uTY6G4PGbi3/Uq6HEbDxALEJSxJClKMrzHW/AR+Zeluuuf2S7SMnguUq9ZaaPX38
RGMxn5eiT1YonSnWfmXPSaIenKHNpOu+Jwj0UaOGUCMmuT9QO9mJDueJYTD1gxPp
mtViK7S689SPkwdim/sAb/4QKvQX7jz6n0Ag0X+KSp/RsPFeliINl5NlZL1fa/Ea
kw6qGXD0Y/P2NwmX8KGkYYImjfv7qOdOtjT8WyrKhh3Y3d5282SDl3fM54WtpO0D
7QRB
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:20:10 2025 by rpki-client