Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/DX5RS15z2YIhoqQTYwdzGIfgyvo.roa
File: DX5RS15z2YIhoqQTYwdzGIfgyvo.roa (raw, json)
Hash identifier: RtLA6lXyjRF/Mc35ZtI4AxiOozl4JGu7wRIDSuhJ4BY=
Subject key identifier: 0D:7E:51:4B:5E:73:D9:82:21:A2:A4:13:63:07:73:18:87:E0:CA:FA
Certificate issuer: /CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
Certificate serial: 0186081D701F41845AC46D3768461CA06EBC
Authority key identifier: 9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/DX5RS15z2YIhoqQTYwdzGIfgyvo.roa
Signing time: Tue 31 Jan 2023 13:56:32 +0000
ROA not before: Tue 31 Jan 2023 13:56:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15517
IP address blocks: 80.238.136.0/24 maxlen: 24
80.238.134.0/24 maxlen: 24
80.238.139.0/24 maxlen: 24
80.238.144.0/20 maxlen: 20
80.238.140.0/22 maxlen: 22
80.238.160.0/20 maxlen: 20
80.238.176.0/20 maxlen: 20
80.238.129.0/24 maxlen: 24
80.238.128.0/17 maxlen: 17
80.238.130.0/24 maxlen: 24
62.65.128.0/19 maxlen: 19
62.65.137.0/24 maxlen: 24
62.65.144.0/21 maxlen: 21
62.65.143.0/24 maxlen: 24
62.65.142.0/24 maxlen: 24
62.65.141.0/24 maxlen: 24
62.65.158.0/24 maxlen: 24
62.65.153.0/24 maxlen: 24
62.65.154.0/23 maxlen: 23
62.65.156.0/23 maxlen: 23
80.238.192.0/21 maxlen: 21
80.238.200.0/22 maxlen: 22
80.238.208.0/21 maxlen: 21
80.238.216.0/22 maxlen: 22
80.238.225.0/24 maxlen: 24
80.238.223.0/24 maxlen: 24
94.78.3.0/24 maxlen: 24
94.78.0.0/18 maxlen: 18
94.78.2.0/24 maxlen: 24
2a01:330::/32 maxlen: 32
2a01:330::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:1d:70:1f:41:84:5a:c4:6d:37:68:46:1c:a0:6e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
Validity
Not Before: Jan 31 13:56:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d7e514b5e73d98221a2a4136307731887e0cafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:e1:b5:43:7d:9b:0e:59:f6:86:a3:12:34:
15:77:a6:b8:39:35:62:29:85:78:dd:91:55:54:d4:
2b:26:10:d1:1d:2e:e6:be:fb:74:84:9e:ab:0d:1b:
5e:e0:1a:65:48:aa:92:b3:0d:71:f6:ff:1f:f5:ea:
9a:52:30:4c:4c:d9:c4:23:93:6e:d4:96:cd:53:e7:
13:1f:ca:0f:8a:07:86:96:2a:fd:c4:fc:d5:78:1c:
b4:e7:b2:c7:12:b0:b8:ea:82:28:11:c4:79:1b:8b:
aa:ac:ed:9b:4c:08:5e:6d:63:4a:c4:7f:92:86:22:
40:27:93:32:79:f0:a5:6a:e3:2c:48:fd:dd:9a:34:
18:bb:2c:16:b2:5e:02:f7:ab:38:a7:62:d8:7d:5b:
6c:0f:3d:21:61:24:45:c5:43:2c:77:6e:d2:2c:55:
de:a4:80:24:40:a2:aa:21:90:15:c7:c3:b8:90:a2:
f4:ce:45:e6:5d:3c:a2:5f:52:0c:0b:da:2e:92:7f:
a5:ac:84:47:71:cf:c4:c3:3d:07:5a:71:3b:04:9b:
5a:c9:05:ed:d9:c4:f4:e5:09:f9:90:54:c8:23:d9:
7e:2a:3e:6c:4b:18:22:96:6f:88:74:75:03:00:a8:
2e:9e:a8:fd:17:40:97:7d:c2:f8:b4:1a:9f:10:7c:
bc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7E:51:4B:5E:73:D9:82:21:A2:A4:13:63:07:73:18:87:E0:CA:FA
X509v3 Authority Key Identifier:
keyid:9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/DX5RS15z2YIhoqQTYwdzGIfgyvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/n2YrPPqLkFkGjCnUa5kmO6LeUME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.128.0/19
80.238.128.0/17
94.78.0.0/18
IPv6:
2a01:330::/29
Signature Algorithm: sha256WithRSAEncryption
5e:da:d4:77:34:2c:d4:fe:31:fd:2a:ba:da:8e:a6:64:c3:63:
fd:5a:a3:56:ca:21:db:0c:d6:b9:b4:75:30:1e:24:46:02:25:
a5:51:65:c5:f5:02:34:1e:95:62:5c:48:e1:48:2f:df:13:61:
d3:e3:38:fa:3f:7c:d8:83:96:ee:bc:03:8b:db:9e:d0:8f:d4:
e1:a6:7e:99:04:84:41:fe:53:0b:79:0f:c1:11:b2:b8:41:db:
69:a4:b3:60:38:5a:dc:0e:b9:52:c8:5a:f9:e8:a5:eb:fe:51:
35:e1:81:1f:ac:ba:f5:46:b4:e8:c7:d6:5a:a9:71:e4:17:2b:
dd:32:59:a0:cb:44:30:dd:86:5d:f1:45:72:5a:d1:0f:a4:d9:
b9:83:98:99:bc:ec:2e:5e:6e:3d:7a:28:b8:9a:48:cf:90:64:
a7:c2:89:60:c8:c6:ce:0a:73:f4:f4:4e:3c:64:84:72:63:45:
7f:b5:f8:70:3d:df:58:ff:af:1d:e9:25:76:54:db:8a:78:af:
0a:1a:35:cb:89:a9:e5:7d:80:c2:01:af:9e:6d:6e:f0:83:99:
6b:6d:8f:09:e5:cf:c8:8a:5e:68:94:ab:22:98:f4:56:56:e5:
1a:17:5c:e2:89:04:f7:f4:c7:de:47:3e:19:36:3a:b1:74:3f:
b3:e5:cf:c4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYYIHXAfQYRaxG03aEYcoG68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjYyYjNjZmE4YjkwNTkwNjhjMjlkNDZiOTkyNjNiYTJk
ZTUwYzEwHhcNMjMwMTMxMTM1NjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDdlNTE0YjVlNzNkOTgyMjFhMmE0MTM2MzA3NzMxODg3ZTBjYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMDhtUN9mw5Z9oajEjQVd6a4OTVi
KYV43ZFVVNQrJhDRHS7mvvt0hJ6rDRte4BplSKqSsw1x9v8f9eqaUjBMTNnEI5Nu
1JbNU+cTH8oPigeGlir9xPzVeBy057LHErC46oIoEcR5G4uqrO2bTAhebWNKxH+S
hiJAJ5MyefClauMsSP3dmjQYuywWsl4C96s4p2LYfVtsDz0hYSRFxUMsd27SLFXe
pIAkQKKqIZAVx8O4kKL0zkXmXTyiX1IMC9oukn+lrIRHcc/Ewz0HWnE7BJtayQXt
2cT05Qn5kFTII9l+Kj5sSxgilm+IdHUDAKgunqj9F0CXfcL4tBqfEHy82wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA1+UUtec9mCIaKkE2MHcxiH4Mr6MB8GA1UdIwQY
MBaAFJ9mKzz6i5BZBowp1GuZJjui3lDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTct
NmExZjk3ZmY4ZDM0LzEvRFg1UlMxNXoyWUlob3FRVFl3ZHpHSWZneXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTctNmExZjk3ZmY4ZDM0
LzEvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPkGAAwQH
UO6AAwQGXk4AMA0EAgACMAcDBQMqAQMwMA0GCSqGSIb3DQEBCwUAA4IBAQBe2tR3
NCzU/jH9KrrajqZkw2P9WqNWyiHbDNa5tHUwHiRGAiWlUWXF9QI0HpViXEjhSC/f
E2HT4zj6P3zYg5buvAOL257Qj9Thpn6ZBIRB/lMLeQ/BEbK4QdtppLNgOFrcDrlS
yFr56KXr/lE14YEfrLr1RrTox9ZaqXHkFyvdMlmgy0Qw3YZd8UVyWtEPpNm5g5iZ
vOwuXm49eii4mkjPkGSnwolgyMbOCnP09E48ZIRyY0V/tfhwPd9Y/68d6SV2VNuK
eK8KGjXLianlfYDCAa+ebW7wg5lrbY8J5c/Iil5olKsimPRWVuUaF1ziiQT39Mfe
Rz4ZNjqxdD+z5c/E
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:48 2025 by rpki-client