Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/3EZ-fESmOh68S1CGixXHUOo5rkw.roa
File: 3EZ-fESmOh68S1CGixXHUOo5rkw.roa (raw, json)
Hash identifier: rrgYN+vEC7IqnDWFB4jwfxnOzv3OmwK4HoQI90lc9DU=
Subject key identifier: DC:46:7E:7C:44:A6:3A:1E:BC:4B:50:86:8B:15:C7:50:EA:39:AE:4C
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428280D03B2104E5353454021095D231B
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/3EZ-fESmOh68S1CGixXHUOo5rkw.roa
Signing time: Thu 02 Jan 2025 17:55:00 +0000
ROA not before: Thu 02 Jan 2025 17:55:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20911
IP address blocks: 78.90.248.0/21 maxlen: 21
78.90.248.0/24 maxlen: 24
78.90.249.0/24 maxlen: 24
78.90.250.0/24 maxlen: 24
78.90.251.0/24 maxlen: 24
78.90.252.0/24 maxlen: 24
78.90.253.0/24 maxlen: 24
78.90.254.0/24 maxlen: 24
78.90.255.0/24 maxlen: 24
95.111.120.0/21 maxlen: 21
95.111.120.0/24 maxlen: 24
95.111.121.0/24 maxlen: 24
95.111.122.0/24 maxlen: 24
95.111.123.0/24 maxlen: 24
95.111.124.0/24 maxlen: 24
95.111.125.0/24 maxlen: 24
95.111.126.0/24 maxlen: 24
95.111.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:0d:03:b2:10:4e:53:53:45:40:21:09:5d:23:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc467e7c44a63a1ebc4b50868b15c750ea39ae4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:61:70:14:1c:b0:4d:49:5a:73:c3:43:e1:83:
9b:86:f8:e7:a6:97:70:5e:bf:bf:9f:1a:da:89:00:
46:23:d8:5e:83:4f:84:6a:f1:4a:d2:96:af:c6:14:
e2:32:be:40:bb:1c:34:ab:ed:29:33:cd:1c:2f:c9:
f3:4b:6b:7d:bd:0c:5a:8b:28:48:d6:54:0c:a1:e9:
36:2c:c3:22:93:ca:c6:e2:56:e0:32:3c:0c:59:3c:
74:ae:f6:a0:14:fb:d4:63:af:fc:fa:90:2a:09:60:
79:c8:db:fc:c1:fc:b5:f0:91:fe:95:ec:3a:61:c5:
c1:4f:92:df:5a:e2:8f:a0:a9:9c:e9:6c:84:79:54:
b5:d5:76:f2:cb:79:80:5d:5a:ca:11:19:15:03:68:
c5:41:32:e6:52:5f:16:47:a8:c5:60:90:df:33:ee:
6e:a1:61:5d:d4:91:95:97:69:18:ed:21:0a:bf:00:
67:62:1a:30:4e:d9:56:47:9d:7d:cd:7a:cb:c6:69:
ac:0c:3d:32:0f:c2:ea:24:56:f2:9d:95:2c:71:73:
3f:2c:fa:d1:1f:01:9f:86:61:ad:50:72:af:65:9f:
4c:75:42:b2:f7:b5:ed:00:d5:7a:04:d2:0b:e7:dd:
83:03:17:c4:8a:51:4c:86:0c:95:e3:a1:15:b8:f2:
56:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:46:7E:7C:44:A6:3A:1E:BC:4B:50:86:8B:15:C7:50:EA:39:AE:4C
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/3EZ-fESmOh68S1CGixXHUOo5rkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.90.248.0/21
95.111.120.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:82:05:15:c4:e3:d1:fa:9b:a0:59:dc:9c:3a:c0:34:f8:06:
0a:51:82:8a:44:f9:2a:86:af:21:a5:f0:5b:25:aa:c8:a8:19:
ae:bc:70:a7:c6:20:f0:9a:f7:ee:ca:3c:dc:f7:21:09:7d:b0:
8d:f8:6b:6e:b0:48:03:de:e2:87:65:2a:dd:7a:e5:4f:78:94:
0e:3b:1e:18:1b:fc:4a:47:27:2a:27:dc:26:05:72:56:f3:9b:
d8:99:66:57:73:24:f2:68:13:20:16:ba:55:be:d0:5b:88:bb:
55:57:17:b3:cf:0d:57:26:cb:29:68:75:c4:c2:b8:24:92:23:
2a:8a:3a:d7:05:d4:02:26:61:eb:85:13:12:90:17:8b:0d:db:
e4:f0:cb:d1:6b:c3:81:bd:dd:70:e9:91:51:62:b6:3c:1e:37:
6c:d2:c4:1a:14:3c:8e:87:0c:41:78:de:bb:fc:c7:9f:a9:65:
2d:76:17:c3:c2:07:74:b8:b5:17:17:7a:b6:11:d1:3a:52:c9:
38:11:c3:3b:dc:5e:b1:8d:f8:79:84:b9:58:e1:c8:e6:48:33:
86:e3:78:b1:15:b7:56:78:2c:5c:19:22:5d:1c:ab:4c:62:af:
bd:6e:b3:e4:fb:e4:ed:9c:a5:55:96:dd:b8:a2:67:55:cf:7a:
02:3b:64:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoKA0DshBOU1NFQCEJXSMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ2N2U3YzQ0YTYzYTFlYmM0YjUwODY4YjE1Yzc1MGVhMzlhZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGFwFBywTUlac8ND4YObhvjnppdw
Xr+/nxraiQBGI9heg0+EavFK0pavxhTiMr5Auxw0q+0pM80cL8nzS2t9vQxaiyhI
1lQMoek2LMMik8rG4lbgMjwMWTx0rvagFPvUY6/8+pAqCWB5yNv8wfy18JH+lew6
YcXBT5LfWuKPoKmc6WyEeVS11Xbyy3mAXVrKERkVA2jFQTLmUl8WR6jFYJDfM+5u
oWFd1JGVl2kY7SEKvwBnYhowTtlWR519zXrLxmmsDD0yD8LqJFbynZUscXM/LPrR
HwGfhmGtUHKvZZ9MdUKy97XtANV6BNIL592DAxfEilFMhgyV46EVuPJWawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNxGfnxEpjoevEtQhosVx1DqOa5MMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvM0VaLWZFU21PaDY4UzFDR2l4WEhVT281cmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTlr4AwQD
X294MA0GCSqGSIb3DQEBCwUAA4IBAQBaggUVxOPR+pugWdycOsA0+AYKUYKKRPkq
hq8hpfBbJarIqBmuvHCnxiDwmvfuyjzc9yEJfbCN+GtusEgD3uKHZSrdeuVPeJQO
Ox4YG/xKRycqJ9wmBXJW85vYmWZXcyTyaBMgFrpVvtBbiLtVVxezzw1XJsspaHXE
wrgkkiMqijrXBdQCJmHrhRMSkBeLDdvk8MvRa8OBvd1w6ZFRYrY8Hjds0sQaFDyO
hwxBeN67/MefqWUtdhfDwgd0uLUXF3q2EdE6Usk4EcM73F6xjfh5hLlY4cjmSDOG
43ixFbdWeCxcGSJdHKtMYq+9brPk++TtnKVVlt24omdVz3oCO2RI
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:28 2025 by rpki-client