Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/S-9R5wGrIhLmsms9RB4U97-sFEw.roa
File: S-9R5wGrIhLmsms9RB4U97-sFEw.roa (raw, json)
Hash identifier: buP/TrZNQmFYkkxM2QzqK2YwapcZlPOF6+dzoEXe3Y4=
Subject key identifier: 4B:EF:51:E7:01:AB:22:12:E6:B2:6B:3D:44:1E:14:F7:BF:AC:14:4C
Certificate issuer: /CN=e2110acce33ac85011ca8c22d2001666e45b9377
Certificate serial: 01957FDEC1858EC26AACF7E304B17E016684
Authority key identifier: E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/S-9R5wGrIhLmsms9RB4U97-sFEw.roa
Signing time: Mon 10 Mar 2025 11:44:19 +0000
ROA not before: Mon 10 Mar 2025 11:44:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 5.134.0.0/21 maxlen: 24
31.14.50.0/23 maxlen: 24
31.193.176.0/21 maxlen: 24
37.72.160.0/21 maxlen: 24
37.148.176.0/21 maxlen: 24
46.21.224.0/20 maxlen: 24
62.182.56.0/21 maxlen: 21
77.73.96.0/21 maxlen: 24
77.241.80.0/20 maxlen: 24
77.241.95.0/24 maxlen: 24
79.174.128.0/21 maxlen: 24
83.217.64.0/19 maxlen: 24
87.238.160.0/21 maxlen: 24
88.151.240.0/21 maxlen: 24
89.36.74.0/23 maxlen: 24
89.42.54.0/23 maxlen: 24
89.44.166.0/23 maxlen: 24
93.115.168.0/23 maxlen: 23
94.176.98.0/23 maxlen: 24
176.62.160.0/20 maxlen: 24
178.208.32.0/19 maxlen: 24
185.2.52.0/22 maxlen: 24
185.18.8.0/22 maxlen: 24
185.76.236.0/22 maxlen: 24
185.86.16.0/22 maxlen: 24
185.111.196.0/22 maxlen: 24
185.162.28.0/22 maxlen: 24
185.175.196.0/22 maxlen: 24
185.190.84.0/22 maxlen: 24
188.93.96.0/21 maxlen: 24
188.93.152.0/21 maxlen: 24
188.208.36.0/23 maxlen: 24
188.211.170.0/23 maxlen: 24
193.111.95.0/24 maxlen: 24
193.239.210.0/23 maxlen: 24
194.26.24.0/24 maxlen: 24
194.150.224.0/23 maxlen: 23
194.165.51.0/24 maxlen: 24
195.13.56.0/23 maxlen: 24
195.47.215.0/24 maxlen: 24
195.234.184.0/24 maxlen: 24
217.19.224.0/20 maxlen: 24
217.21.176.0/20 maxlen: 24
217.21.176.0/21 maxlen: 24
217.21.179.0/24 maxlen: 24
217.21.184.0/22 maxlen: 24
217.21.188.0/22 maxlen: 24
2a00:1c98::/32 maxlen: 64
2a00:1c98:fff0::/44 maxlen: 64
2a00:7000::/32 maxlen: 64
2a02:d08::/32 maxlen: 64
2a03:a800::/32 maxlen: 32
2a07:ca80::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:de:c1:85:8e:c2:6a:ac:f7:e3:04:b1:7e:01:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2110acce33ac85011ca8c22d2001666e45b9377
Validity
Not Before: Mar 10 11:44:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bef51e701ab2212e6b26b3d441e14f7bfac144c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dd:a9:5f:7a:6b:e8:96:b9:7c:59:e2:e4:f5:
2a:a7:88:40:76:b0:0f:78:c8:4a:96:01:20:7e:39:
9e:18:0f:5f:75:5e:5b:c7:ce:c5:8d:b1:b0:d6:a8:
16:c4:da:85:55:b9:21:12:56:b9:0e:05:e9:86:94:
72:bf:ef:4d:be:17:73:bd:03:6e:a6:1d:28:49:2e:
30:47:40:31:46:99:8c:f5:24:b1:4b:c3:10:90:b4:
fd:79:37:e0:5d:be:55:ee:14:1a:6e:d8:9e:8a:7a:
f2:41:be:25:46:5a:d0:1f:b7:03:67:d1:c9:ce:3e:
ba:78:25:ad:44:6c:e0:d9:1f:56:10:9f:97:5b:25:
f4:46:f5:80:f9:14:62:d1:53:ab:d0:f7:a4:92:39:
56:c0:41:28:0a:8e:f0:46:3e:bf:e3:50:57:27:51:
e2:af:4b:11:d9:eb:f5:79:b0:c4:3d:25:cc:09:81:
af:a9:c1:cc:31:ed:1a:08:c9:04:7e:dd:6b:10:7b:
c4:13:d6:08:5d:6d:c2:85:c9:5f:6d:02:3f:cd:b7:
9d:a6:1d:db:a3:5c:ad:7a:8b:b8:7a:7c:2f:7f:41:
64:ca:fd:2f:28:fb:8d:93:7e:4a:ef:99:cf:62:bf:
e6:d2:a1:03:5c:45:d4:0b:ba:bc:46:df:d0:05:af:
86:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EF:51:E7:01:AB:22:12:E6:B2:6B:3D:44:1E:14:F7:BF:AC:14:4C
X509v3 Authority Key Identifier:
keyid:E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/S-9R5wGrIhLmsms9RB4U97-sFEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.0.0/21
31.14.50.0/23
31.193.176.0/21
37.72.160.0/21
37.148.176.0/21
46.21.224.0/20
62.182.56.0/21
77.73.96.0/21
77.241.80.0/20
79.174.128.0/21
83.217.64.0/19
87.238.160.0/21
88.151.240.0/21
89.36.74.0/23
89.42.54.0/23
89.44.166.0/23
93.115.168.0/23
94.176.98.0/23
176.62.160.0/20
178.208.32.0/19
185.2.52.0/22
185.18.8.0/22
185.76.236.0/22
185.86.16.0/22
185.111.196.0/22
185.162.28.0/22
185.175.196.0/22
185.190.84.0/22
188.93.96.0/21
188.93.152.0/21
188.208.36.0/23
188.211.170.0/23
193.111.95.0/24
193.239.210.0/23
194.26.24.0/24
194.150.224.0/23
194.165.51.0/24
195.13.56.0/23
195.47.215.0/24
195.234.184.0/24
217.19.224.0/20
217.21.176.0/20
IPv6:
2a00:1c98::/32
2a00:7000::/32
2a02:d08::/32
2a03:a800::/32
2a07:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
86:91:01:08:fb:75:3c:0d:f0:8e:49:57:5f:ba:2c:07:2e:82:
8c:bb:62:43:7d:ec:07:0a:42:ed:74:31:26:0c:fe:07:dd:77:
49:10:d9:8a:cb:d5:63:bd:ed:85:d4:76:e1:b5:0e:3f:1c:95:
cf:0d:e5:f0:02:23:9a:82:14:74:ac:24:53:e1:fd:48:c6:05:
1c:c6:97:d4:91:90:7a:8d:43:97:0b:f4:a2:d8:42:79:51:1b:
bd:77:71:54:44:67:1b:84:fd:5a:16:42:17:ec:92:3d:46:c3:
8e:be:ac:34:f8:5c:79:c2:ac:ee:78:1c:27:6d:9e:62:83:a2:
42:ec:45:d9:77:9d:3c:2d:99:f7:d5:82:ca:d8:b0:c9:5b:44:
db:d3:d4:a4:3e:3d:66:25:f0:2a:f7:15:df:fa:c9:92:92:17:
ce:7d:0e:ee:46:88:35:82:6f:0a:82:dd:a5:f2:5b:35:5d:2c:
ba:e9:a5:00:b5:81:66:1b:70:2e:01:0e:22:e0:ae:35:88:1c:
69:02:a2:80:80:81:26:cb:04:20:e4:98:29:e2:b6:94:b5:7a:
fe:07:c7:52:92:c9:cf:74:81:99:06:97:24:4d:36:10:64:c3:
74:72:0d:84:b7:44:f0:4b:1a:b5:ce:68:2d:78:a0:c2:d0:ea:
ee:97:6e:26
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZV/3sGFjsJqrPfjBLF+AWaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTEwYWNjZTMzYWM4NTAxMWNhOGMyMmQyMDAxNjY2ZTQ1
YjkzNzcwHhcNMjUwMzEwMTE0NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmVmNTFlNzAxYWIyMjEyZTZiMjZiM2Q0NDFlMTRmN2JmYWMxNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt2pX3pr6Ja5fFni5PUqp4hAdrAP
eMhKlgEgfjmeGA9fdV5bx87FjbGw1qgWxNqFVbkhEla5DgXphpRyv+9NvhdzvQNu
ph0oSS4wR0AxRpmM9SSxS8MQkLT9eTfgXb5V7hQabtieinryQb4lRlrQH7cDZ9HJ
zj66eCWtRGzg2R9WEJ+XWyX0RvWA+RRi0VOr0PekkjlWwEEoCo7wRj6/41BXJ1Hi
r0sR2ev1ebDEPSXMCYGvqcHMMe0aCMkEft1rEHvEE9YIXW3ChclfbQI/zbedph3b
o1yteou4enwvf0Fkyv0vKPuNk35K75nPYr/m0qEDXEXUC7q8Rt/QBa+GIQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFEvvUecBqyIS5rJrPUQeFPe/rBRMMB8GA1UdIwQY
MBaAFOIRCszjOshQEcqMItIAFmbkW5N3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEt
ZDMzZjA4ZjNhNDhkLzEvUy05UjV3R3JJaExtc21zOVJCNFU5Ny1zRkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEtZDMzZjA4ZjNhNDhk
LzEvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAQMEAgABMIH8
AwQDBYYAAwQBHw4yAwQDH8GwAwQDJUigAwQDJZSwAwQELhXgAwQDPrY4AwQDTUlg
AwQETfFQAwQDT66AAwQFU9lAAwQDV+6gAwQDWJfwAwQBWSRKAwQBWSo2AwQBWSym
AwQBXXOoAwQBXrBiAwQEsD6gAwQFstAgAwQCuQI0AwQCuRIIAwQCuUzsAwQCuVYQ
AwQCuW/EAwQCuaIcAwQCua/EAwQCub5UAwQDvF1gAwQDvF2YAwQBvNAkAwQBvNOq
AwQAwW9fAwQBwe/SAwQAwhoYAwQBwpbgAwQAwqUzAwQBww04AwQAwy/XAwQAw+q4
AwQE2RPgAwQE2RWwMCkEAgACMCMDBQAqAByYAwUAKgBwAAMFACoCDQgDBQAqA6gA
AwUDKgfKgDANBgkqhkiG9w0BAQsFAAOCAQEAhpEBCPt1PA3wjklXX7osBy6CjLti
Q33sBwpC7XQxJgz+B913SRDZisvVY73thdR24bUOPxyVzw3l8AIjmoIUdKwkU+H9
SMYFHMaX1JGQeo1Dlwv0othCeVEbvXdxVERnG4T9WhZCF+ySPUbDjr6sNPhcecKs
7ngcJ22eYoOiQuxF2XedPC2Z99WCytiwyVtE29PUpD49ZiXwKvcV3/rJkpIXzn0O
7kaINYJvCoLdpfJbNV0suumlALWBZhtwLgEOIuCuNYgcaQKigICBJssEIOSYKeK2
lLV6/gfHUpLJz3SBmQaXJE02EGTDdHINhLdE8Esatc5oLXigwtDq7pduJg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:58:08 2025 by rpki-client