Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8iA85ojpxPxEcKSIn8hXehVxfZI.roa
File: 8iA85ojpxPxEcKSIn8hXehVxfZI.roa (raw, json)
Hash identifier: Te2a0xMwRtJHuAIR2fQWtJUUQ6mwhnw4TgTeFqJ/XEU=
Subject key identifier: F2:20:3C:E6:88:E9:C4:FC:44:70:A4:88:9F:C8:57:7A:15:71:7D:92
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195BC3F26BA9B2E0FC46061FDB3DBA8DC68
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8iA85ojpxPxEcKSIn8hXehVxfZI.roa
Signing time: Sat 22 Mar 2025 05:06:50 +0000
ROA not before: Sat 22 Mar 2025 05:06:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.58.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.7.0/24 maxlen: 24
89.144.8.0/24 maxlen: 24
89.144.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bc:3f:26:ba:9b:2e:0f:c4:60:61:fd:b3:db:a8:dc:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 22 05:06:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2203ce688e9c4fc4470a4889fc8577a15717d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:13:34:83:6f:ce:fd:ce:3a:4c:d2:d4:c1:
e3:01:e7:89:56:f9:b1:75:9d:f7:63:9f:73:63:c0:
a8:01:2f:94:4b:27:3d:c1:e3:86:c0:b9:7a:42:40:
de:43:3a:b0:34:1a:e8:a0:20:73:d4:e0:89:ee:4a:
ba:a6:a9:fa:5d:8a:56:dd:2f:01:15:5f:4d:3b:0c:
75:ab:48:17:2f:0f:b3:58:d5:4b:19:3b:ca:ea:fc:
b6:fb:66:2c:d7:a1:b9:74:9a:fa:e9:c4:1e:85:e7:
6b:88:31:94:37:59:17:d1:8e:14:e4:fc:b0:76:19:
a4:58:54:60:2d:dd:3a:c4:16:f0:a0:b2:19:92:f9:
a3:32:dc:f5:d0:ab:43:df:60:b0:ba:bf:d8:75:e8:
4e:91:a8:a9:83:55:80:23:5a:a5:5b:c0:38:dd:c5:
19:09:4f:38:ac:b8:f9:48:f9:99:9d:0d:20:ed:e1:
75:7c:d2:d5:ca:96:f4:90:17:ec:c5:c3:0f:04:f6:
de:99:78:74:bb:e6:a3:32:57:24:80:ee:54:51:db:
ef:92:97:8e:6a:07:0b:0d:93:19:2a:51:f9:48:cf:
bc:6a:cf:31:78:92:74:98:08:b6:8b:7b:92:45:66:
a4:9b:e3:3d:8f:71:1e:b4:79:d7:90:c9:cf:7d:47:
60:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:20:3C:E6:88:E9:C4:FC:44:70:A4:88:9F:C8:57:7A:15:71:7D:92
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8iA85ojpxPxEcKSIn8hXehVxfZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.231.70.0/24
5.231.82.0/24
77.90.22.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
77.90.58.0/24
89.106.70.0/24
89.144.7.0-89.144.8.255
89.144.16.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:ce:01:e9:c1:73:24:90:9e:1b:d0:ab:cc:c0:85:3f:f4:7d:
33:1e:6b:24:32:57:12:bb:ef:24:df:64:c2:7d:28:fe:23:bf:
05:6b:89:6f:fd:10:0b:e5:36:f5:44:e2:c3:80:68:20:3c:ad:
ec:ef:54:6e:25:93:2d:81:5e:4d:8a:70:aa:ef:27:e6:03:ed:
0b:05:57:ab:04:d0:2e:3d:44:df:46:49:99:32:d4:c2:2f:7d:
c9:b4:41:82:f4:3d:87:87:c0:3a:76:07:a5:73:b8:65:d6:c4:
3e:10:ad:60:9e:12:fa:c6:1b:c4:fb:a8:ab:3b:88:23:08:bb:
1c:bc:7c:cd:79:d7:10:a6:9b:ea:7a:1f:13:91:02:30:31:c5:
fd:9c:99:bb:84:85:90:91:8d:3b:16:6c:eb:bd:79:1b:d5:2e:
e1:c7:d0:55:87:06:81:56:d3:02:ff:29:ad:4c:48:db:a2:05:
aa:66:38:c2:9a:89:18:df:fa:13:06:80:43:7d:d6:d1:7e:43:
bb:74:89:10:67:02:f4:b0:25:46:40:26:9c:a3:8d:8c:7f:c2:
7d:1a:6e:6a:51:d7:70:16:1a:69:03:a4:99:20:7f:aa:4e:6b:
c3:9d:9d:e3:aa:10:bc:50:b1:98:f2:59:f0:d7:79:e8:35:e5:
ee:8b:d2:2b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZW8Pya6my4PxGBh/bPbqNxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzIyMDUwNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIwM2NlNjg4ZTljNGZjNDQ3MGE0ODg5ZmM4NTc3YTE1NzE3ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjgTNINvzv3OOkzS1MHjAeeJVvmx
dZ33Y59zY8CoAS+USyc9weOGwLl6QkDeQzqwNBrooCBz1OCJ7kq6pqn6XYpW3S8B
FV9NOwx1q0gXLw+zWNVLGTvK6vy2+2Ys16G5dJr66cQehedriDGUN1kX0Y4U5Pyw
dhmkWFRgLd06xBbwoLIZkvmjMtz10KtD32Cwur/YdehOkaipg1WAI1qlW8A43cUZ
CU84rLj5SPmZnQ0g7eF1fNLVypb0kBfsxcMPBPbemXh0u+ajMlckgO5UUdvvkpeO
agcLDZMZKlH5SM+8as8xeJJ0mAi2i3uSRWakm+M9j3EetHnXkMnPfUdgRQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPIgPOaI6cT8RHCkiJ/IV3oVcX2SMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOGlBODVvanB4UHhFY0tTSW44aFhlaFZ4ZlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQABVOWAwQA
BedGAwQABedSAwQATVoWAwQATVonAwQATVopAwQATVo0AwQATVo6AwQAWWpGMAwD
BABZkAcDBABZkAgDBABZkBAwDQYJKoZIhvcNAQELBQADggEBAMfOAenBcySQnhvQ
q8zAhT/0fTMeayQyVxK77yTfZMJ9KP4jvwVriW/9EAvlNvVE4sOAaCA8rezvVG4l
ky2BXk2KcKrvJ+YD7QsFV6sE0C49RN9GSZky1MIvfcm0QYL0PYeHwDp2B6VzuGXW
xD4QrWCeEvrGG8T7qKs7iCMIuxy8fM151xCmm+p6HxORAjAxxf2cmbuEhZCRjTsW
bOu9eRvVLuHH0FWHBoFW0wL/Ka1MSNuiBapmOMKaiRjf+hMGgEN91tF+Q7t0iRBn
AvSwJUZAJpyjjYx/wn0abmpR13AWGmkDpJkgf6pOa8OdneOqELxQsZjyWfDXeeg1
5e6L0is=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:51:37 2025 by rpki-client