Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQKSDit0AVvmFdPXdYuJm4_2FJQ.roa
File: pQKSDit0AVvmFdPXdYuJm4_2FJQ.roa (raw, json)
Hash identifier: Mrfd8M1EcY9NNa7LHDGgEhk0xcVYub7ij4KRVxdwqEk=
Subject key identifier: A5:02:92:0E:2B:74:01:5B:E6:15:D3:D7:75:8B:89:9B:8F:F6:14:94
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194891699C4F8303F23508F37E159564AD9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQKSDit0AVvmFdPXdYuJm4_2FJQ.roa
Signing time: Tue 21 Jan 2025 13:39:07 +0000
ROA not before: Tue 21 Jan 2025 13:39:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.16.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:16:99:c4:f8:30:3f:23:50:8f:37:e1:59:56:4a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 21 13:39:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a502920e2b74015be615d3d7758b899b8ff61494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cb:67:66:6a:ed:47:f0:cf:aa:21:b5:a0:c6:
6d:95:5e:4e:22:e9:99:60:56:fb:e6:4b:2a:88:3a:
54:bf:17:dc:2d:eb:c3:4d:85:af:9b:f5:c5:14:19:
70:31:8b:9e:5f:9d:3f:1c:86:cf:bf:a5:c3:8c:9b:
ca:58:e6:18:00:ea:b7:cd:51:45:15:46:fa:39:1f:
4a:78:f5:23:0b:4c:89:83:7c:2e:d4:9c:be:26:ce:
df:e3:de:08:d1:0a:bc:69:73:c1:c6:27:28:7f:45:
28:ef:c0:88:89:5a:00:40:ca:28:68:6d:c2:e9:50:
3a:e3:ba:47:5b:ac:ff:0b:2b:92:4b:f4:32:dc:3e:
cc:90:44:42:d0:6e:b5:25:df:71:8f:52:3b:5d:be:
9b:4e:b8:aa:4b:65:e8:4f:15:06:08:3f:f1:2e:dd:
79:4f:a5:b9:b3:3d:15:e8:a2:ab:a3:64:22:e2:5c:
8e:ac:13:b8:7a:31:b9:ca:8f:0a:83:6b:ea:66:8a:
65:65:d5:16:6a:13:9f:fe:1d:38:1d:0c:5a:c1:2d:
78:e1:a6:cd:02:d9:df:8e:4a:3f:50:9f:33:12:c3:
72:78:32:0b:a7:68:a7:16:fa:41:4b:1d:a7:43:86:
9f:81:64:30:7c:db:ff:6b:76:15:a4:51:8b:b7:74:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:02:92:0E:2B:74:01:5B:E6:15:D3:D7:75:8B:89:9B:8F:F6:14:94
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pQKSDit0AVvmFdPXdYuJm4_2FJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
37.139.128.0/24
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.16.0/24
171.22.19.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:03:66:af:3e:f9:bc:d1:c5:2f:f5:13:f4:fb:dd:62:0a:94:
e5:97:2f:10:72:81:51:62:af:6c:51:13:90:78:fd:0d:41:58:
b1:a3:38:ac:f3:14:a1:01:60:2e:b7:50:e0:38:66:e1:43:fa:
1b:28:b9:58:35:b8:ea:b3:25:4d:07:5f:2e:50:de:22:99:aa:
85:fd:f5:af:0a:10:e0:8b:1a:5d:8a:d3:62:39:89:b4:8b:80:
6d:63:c0:bd:97:72:03:42:22:e8:46:24:7c:85:f3:2d:5a:56:
de:c5:eb:1f:95:44:ec:d9:91:50:2d:87:8d:4f:5c:af:c6:50:
9f:b0:91:b4:21:c8:e6:e8:0c:84:3a:a7:38:ac:0e:70:04:65:
e2:68:78:f3:1d:dd:a2:de:94:2d:ff:da:af:64:95:8e:df:fa:
ff:06:9d:aa:85:04:7e:83:66:49:17:7f:db:3d:29:a1:11:23:
74:2e:c7:9b:92:f8:89:89:02:0a:ad:e5:38:07:88:10:69:4a:
ee:b6:6c:cd:35:81:e0:ee:ec:8f:90:7c:37:7a:d7:20:5e:e2:
3f:9d:af:ba:eb:22:81:2b:2e:8d:85:62:38:91:87:3b:1c:59:
a2:f3:cc:f7:65:21:89:21:9b:32:25:2b:72:ca:b5:3a:d8:4d:
d2:32:8a:37
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZSJFpnE+DA/I1CPN+FZVkrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIxMTMzOTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAyOTIwZTJiNzQwMTViZTYxNWQzZDc3NThiODk5YjhmZjYxNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8tnZmrtR/DPqiG1oMZtlV5OIumZ
YFb75ksqiDpUvxfcLevDTYWvm/XFFBlwMYueX50/HIbPv6XDjJvKWOYYAOq3zVFF
FUb6OR9KePUjC0yJg3wu1Jy+Js7f494I0Qq8aXPBxicof0Uo78CIiVoAQMooaG3C
6VA647pHW6z/CyuSS/Qy3D7MkERC0G61Jd9xj1I7Xb6bTriqS2XoTxUGCD/xLt15
T6W5sz0V6KKro2Qi4lyOrBO4ejG5yo8Kg2vqZoplZdUWahOf/h04HQxawS144abN
Atnfjko/UJ8zEsNyeDILp2inFvpBSx2nQ4afgWQwfNv/a3YVpFGLt3RIHQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFKUCkg4rdAFb5hXT13WLiZuP9hSUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFFLU0RpdDBBVnZtRmRQWGRZdUptNF8yRkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmMAwD
BAMF/TgDBAAF/ToDBAIfqXwDBAAli4ADBAAtWEIDBAAtXwADBAAtXwIDBAEtgOoD
BABPbj8DBABVHywDBABVHy4DBABV0IgDBABXeFwDBABXeGwDBABXeMQDBABXeM0D
BABXeNgDBABXeNsDBABXeN4DBABXeS8DBABXedgDBABbXBUDBABdex8DBAFefWYD
BABenOwDBABtzvADBABtzvMDBACrFhADBACrFhMDBACrFh4DBAG5zw4DBAC52ooD
BAC59t0DBAC5/LMDBADBCLgDBAHBCLoDBAHBLzwDBALBlDgwDQYJKoZIhvcNAQEL
BQADggEBAFwDZq8++bzRxS/1E/T73WIKlOWXLxBygVFir2xRE5B4/Q1BWLGjOKzz
FKEBYC63UOA4ZuFD+hsouVg1uOqzJU0HXy5Q3iKZqoX99a8KEOCLGl2K02I5ibSL
gG1jwL2XcgNCIuhGJHyF8y1aVt7F6x+VROzZkVAth41PXK/GUJ+wkbQhyOboDIQ6
pzisDnAEZeJoePMd3aLelC3/2q9klY7f+v8GnaqFBH6DZkkXf9s9KaERI3Qux5uS
+ImJAgqt5TgHiBBpSu62bM01geDu7I+QfDd61yBe4j+dr7rrIoErLo2FYjiRhzsc
WaLzzPdlIYkhmzIlK3LKtTrYTdIyijc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:24:58 2025 by rpki-client