Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OkGWX9idZI-5l9QL3LE3PqWabEA.roa
File: OkGWX9idZI-5l9QL3LE3PqWabEA.roa (raw, json)
Hash identifier: MjLAECeq0W3Cj0s39TPhBbYWlbD+DgiXuZPSr9wOk60=
Subject key identifier: 3A:41:96:5F:D8:9D:64:8F:B9:97:D4:0B:DC:B1:37:3E:A5:9A:6C:40
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019527520B9B16D703FA582C04CD6142E2BD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OkGWX9idZI-5l9QL3LE3PqWabEA.roa
Signing time: Fri 21 Feb 2025 07:04:03 +0000
ROA not before: Fri 21 Feb 2025 07:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
45.128.228.0/22 maxlen: 22
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.18.98.0/24 maxlen: 24
212.52.13.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
213.166.92.0/24 maxlen: 24
213.166.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:0b:9b:16:d7:03:fa:58:2c:04:cd:61:42:e2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 21 07:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a41965fd89d648fb997d40bdcb1373ea59a6c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a7:79:73:fb:80:ed:97:c0:5d:fc:7d:14:e5:
c3:a0:c2:b5:5a:9d:25:9c:59:e5:da:a6:cf:45:f9:
5c:95:79:50:e6:90:c0:e6:8f:25:ba:2f:34:4d:71:
39:2d:d0:8b:87:cd:9b:74:7b:93:5d:a6:a7:5d:33:
79:d0:6f:ca:03:9d:af:27:ec:40:18:f3:d5:48:f0:
ed:6f:48:78:ac:50:99:ae:98:b6:dd:ab:1e:2b:6c:
bc:25:25:86:e6:61:fd:9b:7f:a0:b5:51:4e:11:74:
fd:35:13:07:80:fa:ed:ca:23:a3:ab:0a:f0:de:67:
b5:61:ae:b7:cb:20:15:11:18:25:0a:86:36:5f:51:
f0:9b:dd:32:a1:b6:04:a5:f2:0c:93:78:55:a4:e9:
1c:cd:59:1e:91:b4:37:b7:87:6f:0d:98:97:f1:a6:
47:ac:b6:e0:4d:d1:b1:f3:01:d2:74:8b:5b:90:4c:
36:62:b5:92:1c:a1:b0:6b:e4:8e:0a:b0:4c:cc:3c:
72:26:1b:86:ba:67:5c:c8:b2:69:7f:a6:22:26:2d:
ea:e8:3f:a6:06:a1:84:70:90:d2:79:58:e4:2e:b4:
b7:44:1f:7c:3c:3d:f9:c4:9f:8a:17:fb:2f:c9:bb:
1d:e7:5f:e6:6e:89:ca:ce:ec:85:39:cf:27:08:4c:
42:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:41:96:5F:D8:9D:64:8F:B9:97:D4:0B:DC:B1:37:3E:A5:9A:6C:40
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OkGWX9idZI-5l9QL3LE3PqWabEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
45.128.228.0/22
46.149.174.0/24
46.174.192.0/21
62.204.32.0/24
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
195.96.141.0/24
212.18.98.0/24
212.52.13.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
213.166.92.0/24
213.166.95.0/24
Signature Algorithm: sha256WithRSAEncryption
44:12:a7:64:96:1d:c5:13:d6:70:f6:19:10:94:af:b5:ff:b5:
8f:1b:10:3c:b5:fb:cc:ff:41:b3:f7:3b:37:a2:49:34:6f:42:
d3:af:85:20:e0:1a:fc:2b:13:93:6a:b9:cc:b2:d3:f0:7f:c0:
25:ef:36:59:44:2e:a4:9e:6b:9c:cc:30:28:77:aa:8d:bf:5c:
91:e4:75:0e:74:a8:ce:c4:7c:c2:2c:76:55:d3:f4:54:6b:e5:
26:19:fe:44:44:04:89:77:de:53:23:b5:97:e1:08:01:45:e2:
27:54:88:86:9c:9e:32:42:be:8d:0f:32:3f:e4:4b:d1:96:4d:
21:f4:90:53:43:93:87:ae:fd:06:11:19:30:31:42:39:58:f8:
3f:07:6f:db:35:18:f8:55:39:41:d2:f9:9c:1a:bb:72:02:1a:
bd:e8:cb:9b:86:95:85:91:4d:4f:06:72:1e:43:07:98:74:54:
09:31:7b:28:e9:23:de:44:57:e9:48:80:b7:95:1e:2a:f8:d8:
bc:cd:0a:96:dc:bb:fe:24:64:a3:27:83:2f:dd:d9:74:1e:b7:
f5:9c:22:d5:25:51:2e:44:7a:b7:d2:49:9a:b6:ba:48:c8:31:
f8:27:14:f5:cd:b1:3e:d2:c8:7d:74:b7:0c:e1:29:97:77:ab:
e6:ef:1d:b3
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZUnUgubFtcD+lgsBM1hQuK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMjIxMDcwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQxOTY1ZmQ4OWQ2NDhmYjk5N2Q0MGJkY2IxMzczZWE1OWE2YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqd5c/uA7ZfAXfx9FOXDoMK1Wp0l
nFnl2qbPRflclXlQ5pDA5o8lui80TXE5LdCLh82bdHuTXaanXTN50G/KA52vJ+xA
GPPVSPDtb0h4rFCZrpi23aseK2y8JSWG5mH9m3+gtVFOEXT9NRMHgPrtyiOjqwrw
3me1Ya63yyAVERglCoY2X1Hwm90yobYEpfIMk3hVpOkczVkekbQ3t4dvDZiX8aZH
rLbgTdGx8wHSdItbkEw2YrWSHKGwa+SOCrBMzDxyJhuGumdcyLJpf6YiJi3q6D+m
BqGEcJDSeVjkLrS3RB98PD35xJ+KF/svybsd51/mbonKzuyFOc8nCExCFQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFDpBll/YnWSPuZfUC9yxNz6lmmxAMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvT2tHV1g5aWRaSS01bDlRTDNMRTNQcVdhYkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAF
tnQDBAAtD/8DBAAtVgMDBAAtWiwDBAAtWi8DBAEtgIIDBAItgOQDBAAula4DBAMu
rsADBAA+zCADBACy1E4DBAC5/QIDBAC8QIwDBAC8XYgDBADDYI0DBADUEmIDBADU
NA0DBADUPAYDBADUaxgDBADUczADBADUczIDBADVplwDBADVpl8wDQYJKoZIhvcN
AQELBQADggEBAEQSp2SWHcUT1nD2GRCUr7X/tY8bEDy1+8z/QbP3OzeiSTRvQtOv
hSDgGvwrE5Nqucyy0/B/wCXvNllELqSea5zMMCh3qo2/XJHkdQ50qM7EfMIsdlXT
9FRr5SYZ/kREBIl33lMjtZfhCAFF4idUiIacnjJCvo0PMj/kS9GWTSH0kFNDk4eu
/QYRGTAxQjlY+D8Hb9s1GPhVOUHS+Zwau3ICGr3oy5uGlYWRTU8Gch5DB5h0VAkx
eyjpI95EV+lIgLeVHir42LzNCpbcu/4kZKMngy/d2XQet/WcItUlUS5EerfSSZq2
ukjIMfgnFPXNsT7SyH10twzhKZd3q+bvHbM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:29 2025 by rpki-client