Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/AOVHhI-24yXRK20Zsm0F4SAvt7E.roa
File: AOVHhI-24yXRK20Zsm0F4SAvt7E.roa (raw, json)
Hash identifier: Q3udAWFfj/+sS+8fyuAMJjUqE8MMlAo4hCsobj4vcdQ=
Subject key identifier: 00:E5:47:84:8F:B6:E3:25:D1:2B:6D:19:B2:6D:05:E1:20:2F:B7:B1
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0195275209D938C54A2272779DD3B3386DAE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/AOVHhI-24yXRK20Zsm0F4SAvt7E.roa
Signing time: Fri 21 Feb 2025 07:04:02 +0000
ROA not before: Fri 21 Feb 2025 07:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12722
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
213.166.92.0/24 maxlen: 24
213.166.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:09:d9:38:c5:4a:22:72:77:9d:d3:b3:38:6d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 21 07:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00e547848fb6e325d12b6d19b26d05e1202fb7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fe:14:b5:bd:6f:71:ad:a6:17:66:5b:27:47:
45:44:f8:c6:1e:17:33:70:1f:0e:4d:20:ba:00:80:
d4:7e:33:1c:04:63:a1:58:65:49:1c:84:3a:47:d3:
cd:03:ea:e5:cd:bf:8b:ff:61:85:48:85:a4:a4:43:
23:6a:35:53:6d:ac:92:ef:fd:b8:6a:0c:26:bd:58:
6a:94:28:54:2e:14:33:69:ce:8a:3d:b0:ff:64:91:
21:9e:17:5d:9c:b9:7b:49:21:13:1b:63:e0:65:81:
7f:ca:63:a2:e5:b2:2e:cd:35:39:e2:e2:3e:d2:70:
1a:11:f3:a6:f3:59:96:19:61:86:42:0d:be:b2:95:
a4:d3:9e:1b:2d:fb:4a:2f:ad:f6:93:ce:4d:d1:ab:
60:d9:2e:e2:91:a6:5c:38:eb:bf:ee:26:70:69:b2:
b7:a6:20:ac:92:3d:f8:ad:0b:81:b2:d2:e6:16:e7:
dc:ff:6d:f6:c3:29:d5:42:1a:a5:9f:c7:0c:08:79:
7b:eb:e9:d8:22:ea:e5:51:d2:ba:ac:82:51:bf:80:
f7:ad:cc:d6:77:7c:a5:73:d5:1b:df:31:40:0e:d3:
99:b0:15:4c:38:52:2e:d4:3b:7a:0f:fe:c9:1f:ae:
2b:de:b2:7b:21:41:bd:45:4a:91:b3:2a:f1:eb:6e:
d4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E5:47:84:8F:B6:E3:25:D1:2B:6D:19:B2:6D:05:E1:20:2F:B7:B1
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/AOVHhI-24yXRK20Zsm0F4SAvt7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
46.149.174.0/24
62.204.32.0/24
83.171.212.0/22
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
213.166.92.0/24
213.166.95.0/24
Signature Algorithm: sha256WithRSAEncryption
37:3a:c5:62:ba:81:d5:12:6e:79:12:2b:41:3e:20:94:bc:74:
f9:82:d9:d4:76:d6:b6:bf:02:f0:68:e8:fd:0f:16:9c:8b:5f:
ee:99:d0:d9:79:61:19:b1:3d:02:98:02:a1:25:5d:10:01:c7:
47:72:f1:7d:a9:c4:ae:c8:0f:5e:63:5f:dc:58:81:5a:88:ac:
0a:a2:fc:19:c0:d1:a4:6b:13:30:53:82:fa:93:6a:7b:d7:67:
db:e0:65:56:6f:cd:a8:b8:e4:03:d5:63:68:b1:58:39:1e:2b:
46:e4:9e:94:2a:01:d6:23:8c:a8:50:8e:74:3d:57:76:e1:aa:
0a:9b:8d:df:f5:8b:d1:7e:6a:e3:59:32:26:2a:d6:d1:ca:73:
a3:37:a2:98:fb:ac:65:61:72:9b:62:91:e7:bd:49:71:d2:25:
63:a3:12:a6:27:8a:c9:aa:9e:d9:4f:8d:d4:34:8c:87:08:f7:
19:b0:5e:70:fb:dd:a6:11:a8:e0:f1:fb:d0:bf:5c:2d:f9:e8:
23:3c:89:a2:41:d3:68:4c:3d:96:cf:95:6e:55:60:9b:24:89:
d8:82:7a:7f:b2:35:52:e5:69:9b:9f:da:7f:f9:95:a5:42:e5:
bf:08:3d:9b:f1:e2:5f:e2:69:ab:72:6d:b6:f5:15:d5:12:0e:
47:95:e1:c7
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZUnUgnZOMVKInJ3ndOzOG2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMjIxMDcwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU1NDc4NDhmYjZlMzI1ZDEyYjZkMTliMjZkMDVlMTIwMmZiN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP4Utb1vca2mF2ZbJ0dFRPjGHhcz
cB8OTSC6AIDUfjMcBGOhWGVJHIQ6R9PNA+rlzb+L/2GFSIWkpEMjajVTbayS7/24
agwmvVhqlChULhQzac6KPbD/ZJEhnhddnLl7SSETG2PgZYF/ymOi5bIuzTU54uI+
0nAaEfOm81mWGWGGQg2+spWk054bLftKL632k85N0atg2S7ikaZcOOu/7iZwabK3
piCskj34rQuBstLmFufc/232wynVQhqln8cMCHl76+nYIurlUdK6rIJRv4D3rczW
d3ylc9Ub3zFADtOZsBVMOFIu1Dt6D/7JH64r3rJ7IUG9RUqRsyrx627UhQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFADlR4SPtuMl0SttGbJtBeEgL7exMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvQU9WSGhJLTI0eVhSSzIwWnNtMEY0U0F2dDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAAW2dAME
AC0P/wMEAC1WAwMEAC1aLAMEAC1aLwMEAS2AggMEAC6VrgMEAD7MIAMEAlOr1AME
ALLUTgMEALn9AgMEALxAjAMEALxdiAMEANQ8BgMEANRrGAMEANRzMAMEANRzMgME
ANWmXAMEANWmXzANBgkqhkiG9w0BAQsFAAOCAQEANzrFYrqB1RJueRIrQT4glLx0
+YLZ1HbWtr8C8Gjo/Q8WnItf7pnQ2XlhGbE9ApgCoSVdEAHHR3LxfanErsgPXmNf
3FiBWoisCqL8GcDRpGsTMFOC+pNqe9dn2+BlVm/NqLjkA9VjaLFYOR4rRuSelCoB
1iOMqFCOdD1XduGqCpuN3/WL0X5q41kyJirW0cpzozeimPusZWFym2KR571JcdIl
Y6MSpieKyaqe2U+N1DSMhwj3GbBecPvdphGo4PH70L9cLfnoIzyJokHTaEw9ls+V
blVgmySJ2IJ6f7I1UuVpm5/af/mVpULlvwg9m/HiX+Jpq3JttvUV1RIOR5Xhxw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:44 2025 by rpki-client