Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4jifPOA3WaTWP2P63tz0GUw0HIA.roa
File: 4jifPOA3WaTWP2P63tz0GUw0HIA.roa (raw, json)
Hash identifier: HcGNm5WntE7fA666eibEamIa8mmUfQw4005eHB5ZI1k=
Subject key identifier: E2:38:9F:3C:E0:37:59:A4:D6:3F:63:FA:DE:DC:F4:19:4C:34:1C:80
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193D7833D9A485E675CC6F56111C57C5C89
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4jifPOA3WaTWP2P63tz0GUw0HIA.roa
Signing time: Wed 18 Dec 2024 02:05:22 +0000
ROA not before: Wed 18 Dec 2024 02:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.130.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d7:83:3d:9a:48:5e:67:5c:c6:f5:61:11:c5:7c:5c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 18 02:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2389f3ce03759a4d63f63fadedcf4194c341c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cc:3a:68:86:e5:c8:8a:68:75:fb:cf:19:11:
97:9a:b2:2b:38:af:61:7e:21:67:7e:2d:09:da:a9:
c5:a7:49:3e:8e:a8:51:0d:d8:b0:d1:7f:cf:4c:84:
95:a9:de:12:04:c9:ba:f5:ba:2e:c5:a7:50:94:96:
87:2f:52:dd:30:50:39:79:1a:37:5d:88:bb:62:c2:
03:c1:91:19:cd:36:4b:1d:e4:b5:dd:aa:19:e8:b0:
0a:a9:56:c0:d9:4f:d3:32:de:fc:4b:58:dc:1e:1c:
4e:82:fe:3f:38:5f:c3:d6:f1:58:ec:11:cc:f4:82:
88:d2:28:99:2a:03:5d:3b:2e:56:86:c2:a4:fa:6b:
5b:70:df:5c:b9:4d:fd:3e:0d:c8:fe:c4:2c:66:42:
4d:71:fb:5a:b5:21:d1:74:e5:a4:f3:19:89:e8:3b:
1b:e3:2e:59:54:fa:3c:43:e9:e4:a7:8a:2a:d9:50:
d2:f0:a4:3a:27:38:b8:7f:c9:23:5d:c0:cd:e6:02:
af:a8:76:1f:3a:7c:25:99:d9:ab:85:80:7a:ac:ee:
1f:07:94:ea:2d:51:d5:37:cc:cb:46:82:11:6d:62:
b8:63:f2:cb:31:ba:c6:a5:34:81:88:61:55:12:90:
4c:34:99:69:28:ea:30:cc:30:d3:15:ff:8b:ec:28:
2a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:38:9F:3C:E0:37:59:A4:D6:3F:63:FA:DE:DC:F4:19:4C:34:1C:80
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4jifPOA3WaTWP2P63tz0GUw0HIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.130.0/23
89.106.69.0/24
94.103.163.0/24
94.249.138.0/24
94.249.148.0/24
94.249.153.0/24
94.249.212.0/24
94.249.237.0/24
95.215.32.0/24
95.215.34.0/24
185.13.159.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e2:f2:42:94:12:89:3d:26:0f:e7:22:ef:bf:22:4b:e9:5a:
e4:07:15:2d:06:aa:9a:55:f2:72:56:fd:c6:04:48:21:74:10:
3b:d3:22:6d:73:14:9f:e2:e8:df:5b:8e:8d:8f:03:5c:97:63:
5e:e7:eb:df:44:52:54:02:6d:9f:5c:a0:d6:49:9c:4e:2c:cf:
4d:dc:13:73:57:2b:b5:8f:bc:d6:ba:14:63:93:d8:f8:43:80:
fc:57:39:fb:d1:c7:4b:35:d3:cc:61:37:5a:94:8e:a8:05:bb:
8c:41:7a:81:42:24:17:32:d2:cf:94:7b:3d:d0:c5:2d:df:9b:
56:f1:89:22:56:33:80:ce:f5:00:2e:da:a5:57:e4:13:d3:e8:
28:c8:64:63:e2:4b:2a:af:63:6a:38:1b:ce:f2:33:7f:a4:7a:
97:7c:05:59:21:06:ce:ce:2c:89:56:53:87:42:a1:e9:a5:c3:
50:bf:66:9f:e1:46:d0:78:1d:44:87:c1:b2:f7:39:24:87:84:
17:7f:ee:74:1d:1a:13:6d:36:09:64:d2:91:11:3f:07:37:55:
dc:38:c2:c8:a5:af:fc:ab:d7:c0:1b:ef:9a:55:c6:90:52:92:
7c:3c:e8:e9:45:9a:82:0a:64:b7:1a:ab:1f:ce:f5:d3:3a:85:
bf:99:5b:ba
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZPXgz2aSF5nXMb1YRHFfFyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjE4MDIwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjM4OWYzY2UwMzc1OWE0ZDYzZjYzZmFkZWRjZjQxOTRjMzQxYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscw6aIblyIpodfvPGRGXmrIrOK9h
fiFnfi0J2qnFp0k+jqhRDdiw0X/PTISVqd4SBMm69bouxadQlJaHL1LdMFA5eRo3
XYi7YsIDwZEZzTZLHeS13aoZ6LAKqVbA2U/TMt78S1jcHhxOgv4/OF/D1vFY7BHM
9IKI0iiZKgNdOy5WhsKk+mtbcN9cuU39Pg3I/sQsZkJNcftatSHRdOWk8xmJ6Dsb
4y5ZVPo8Q+nkp4oq2VDS8KQ6Jzi4f8kjXcDN5gKvqHYfOnwlmdmrhYB6rO4fB5Tq
LVHVN8zLRoIRbWK4Y/LLMbrGpTSBiGFVEpBMNJlpKOowzDDTFf+L7CgqjwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOI4nzzgN1mk1j9j+t7c9BlMNByAMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNGppZlBPQTNXYVRXUDJQNjN0ejBHVXcwSElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABVOBAwQA
Ba+KAwQATVo2AwQBV++CAwQAWWpFAwQAXmejAwQAXvmKAwQAXvmUAwQAXvmZAwQA
XvnUAwQAXvntAwQAX9cgAwQAX9ciAwQAuQ2fAwQAuS+PMA0GCSqGSIb3DQEBCwUA
A4IBAQAp4vJClBKJPSYP5yLvvyJL6VrkBxUtBqqaVfJyVv3GBEghdBA70yJtcxSf
4ujfW46NjwNcl2Ne5+vfRFJUAm2fXKDWSZxOLM9N3BNzVyu1j7zWuhRjk9j4Q4D8
Vzn70cdLNdPMYTdalI6oBbuMQXqBQiQXMtLPlHs90MUt35tW8YkiVjOAzvUALtql
V+QT0+goyGRj4ksqr2NqOBvO8jN/pHqXfAVZIQbOziyJVlOHQqHppcNQv2af4UbQ
eB1Eh8Gy9zkkh4QXf+50HRoTbTYJZNKRET8HN1XcOMLIpa/8q9fAG++aVcaQUpJ8
POjpRZqCCmS3GqsfzvXTOoW/mVu6
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:38 2025 by rpki-client