Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X-bWGKhfRC9si84-e3xAxLp9ZFk.roa
File: X-bWGKhfRC9si84-e3xAxLp9ZFk.roa (raw, json)
Hash identifier: qnCB6+rR4QiD4gnYmPsLZW3PrUaVgbI2muXgdo9bo94=
Subject key identifier: 5F:E6:D6:18:A8:5F:44:2F:6C:8B:CE:3E:7B:7C:40:C4:BA:7D:64:59
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01958117DFFABE0053C96D69D0264F0C5220
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X-bWGKhfRC9si84-e3xAxLp9ZFk.roa
Signing time: Mon 10 Mar 2025 17:26:20 +0000
ROA not before: Mon 10 Mar 2025 17:26:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 81.5.156.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.152.250.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.67.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
213.152.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:17:df:fa:be:00:53:c9:6d:69:d0:26:4f:0c:52:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 10 17:26:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fe6d618a85f442f6c8bce3e7b7c40c4ba7d6459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:46:e7:34:ef:44:c4:59:c0:f6:0f:0e:7f:
28:b6:81:3e:47:89:83:b9:fa:9a:43:8c:19:3a:47:
28:6c:4e:be:59:ae:9d:fc:c6:5a:44:73:77:fa:ee:
e5:98:c3:96:d7:48:e4:5c:10:f7:f5:bd:c8:73:eb:
65:6e:7d:cf:be:87:e7:2c:62:23:cc:21:e7:9e:c2:
9e:ff:bd:0e:a4:05:45:e6:71:1b:b0:5e:97:18:75:
e7:98:af:9f:42:4f:2a:5a:7e:45:bd:b6:8d:7b:18:
55:36:c3:cb:a0:f2:d2:d1:8e:7b:96:fb:8b:38:46:
ac:d4:df:ac:7e:53:c8:fe:b4:8f:07:0b:1f:a5:a1:
92:f5:3f:86:08:e1:34:83:04:9d:88:23:07:d9:13:
ca:b3:56:bf:9c:4e:e8:c4:18:74:5d:c9:e9:c4:57:
a7:9e:36:8f:34:b2:f1:44:e3:3f:7f:55:e3:11:c5:
8e:3b:ba:0a:fa:b7:8e:46:bf:a1:95:36:7d:a1:71:
3b:3d:84:61:e4:56:d4:71:47:43:a4:60:dd:f4:a0:
c6:d9:cc:68:5a:9b:03:f2:bf:c2:9f:87:37:71:40:
dc:3b:51:89:d2:06:2a:e4:53:0e:4e:c1:6d:59:5a:
83:7c:1c:63:1b:51:c9:ac:29:df:eb:0b:0b:f8:44:
a1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E6:D6:18:A8:5F:44:2F:6C:8B:CE:3E:7B:7C:40:C4:BA:7D:64:59
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/X-bWGKhfRC9si84-e3xAxLp9ZFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.119.0/24
82.152.111.0/24
82.152.250.0/24
82.152.252.0/23
82.152.255.0/24
82.153.67.0/24
82.153.73.0/24
82.153.78.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.250.0/24
89.213.136.0/24
89.213.153.0/24
109.176.209.0/24
109.176.211.0/24
109.176.216.0/21
109.176.249.0/24
185.49.125.0/24
213.152.61.0-213.152.62.255
Signature Algorithm: sha256WithRSAEncryption
6f:62:1a:ac:42:76:5f:1f:9e:02:f2:d9:96:84:37:fe:fe:4c:
68:43:57:a7:25:52:c2:fb:ca:ec:a0:64:dd:0c:13:3c:d1:26:
16:b5:8b:f1:3a:61:ad:91:3d:34:8e:0d:c8:83:42:2e:ce:ee:
8b:c4:cf:ab:af:78:27:33:37:02:4c:c4:dc:a5:01:39:4e:26:
f8:c4:9f:09:eb:ca:d6:da:4f:aa:3b:83:87:03:40:10:7b:13:
75:34:aa:8a:a7:40:5b:66:9d:a0:6c:ff:17:5a:92:f4:e9:08:
2c:3e:8f:95:5e:dc:8c:01:75:85:88:e7:56:4c:e9:16:90:27:
27:ea:3c:3d:12:8f:ae:8e:59:f7:5a:c8:8f:81:ca:f9:91:32:
19:80:36:8d:2a:85:be:42:61:fe:28:37:86:66:cc:5f:54:61:
0a:57:29:bc:1e:53:a2:39:00:e0:44:9f:3f:03:e8:dd:63:cf:
ab:d5:5f:08:8c:c9:7c:f9:bf:37:c5:b9:63:25:a2:7b:c4:bd:
4c:23:19:23:13:62:b3:3b:4e:6e:2b:a8:ab:4e:78:ca:5f:3f:
7b:0c:14:52:13:48:69:e8:6a:a0:6c:19:1b:ae:ca:a3:c6:7a:
01:56:df:a1:7b:d5:1a:ac:89:5f:5d:5a:60:5c:56:b0:6c:50:
c4:36:67:c6
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZWBF9/6vgBTyW1p0CZPDFIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzEwMTcyNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU2ZDYxOGE4NWY0NDJmNmM4YmNlM2U3YjdjNDBjNGJhN2Q2NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy1G5zTvRMRZwPYPDn8otoE+R4mD
ufqaQ4wZOkcobE6+Wa6d/MZaRHN3+u7lmMOW10jkXBD39b3Ic+tlbn3PvofnLGIj
zCHnnsKe/70OpAVF5nEbsF6XGHXnmK+fQk8qWn5FvbaNexhVNsPLoPLS0Y57lvuL
OEas1N+sflPI/rSPBwsfpaGS9T+GCOE0gwSdiCMH2RPKs1a/nE7oxBh0XcnpxFen
njaPNLLxROM/f1XjEcWOO7oK+reORr+hlTZ9oXE7PYRh5FbUcUdDpGDd9KDG2cxo
WpsD8r/Cn4c3cUDcO1GJ0gYq5FMOTsFtWVqDfBxjG1HJrCnf6wsL+EShUQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFF/m1hioX0QvbIvOPnt8QMS6fWRZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWC1iV0dLaGZSQzlzaTg0LWUzeEF4THA5WkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABR
BZwDBABRqCkDBABRqHcDBABSmG8DBABSmPoDBAFSmPwDBABSmP8DBABSmUMDBABS
mUkDBABSmU4DBABSmYkwDAMEAFKZiwMEAFKZjAMEAFKZ3QMEAFKZ3wMEAFKZ8AME
AFKZ+gMEAFnViAMEAFnVmQMEAG2w0QMEAG2w0wMEA22w2AMEAG2w+QMEALkxfTAM
AwQA1Zg9AwQA1Zg+MA0GCSqGSIb3DQEBCwUAA4IBAQBvYhqsQnZfH54C8tmWhDf+
/kxoQ1enJVLC+8rsoGTdDBM80SYWtYvxOmGtkT00jg3Ig0Iuzu6LxM+rr3gnMzcC
TMTcpQE5Tib4xJ8J68rW2k+qO4OHA0AQexN1NKqKp0BbZp2gbP8XWpL06QgsPo+V
XtyMAXWFiOdWTOkWkCcn6jw9Eo+ujln3WsiPgcr5kTIZgDaNKoW+QmH+KDeGZsxf
VGEKVym8HlOiOQDgRJ8/A+jdY8+r1V8IjMl8+b83xbljJaJ7xL1MIxkjE2KzO05u
K6irTnjKXz97DBRSE0hp6GqgbBkbrsqjxnoBVt+he9UarIlfXVpgXFawbFDENmfG
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:19:49 2025 by rpki-client