Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7oyuPpf46-LxcG8AU71-voIzYY.roa
File: Q7oyuPpf46-LxcG8AU71-voIzYY.roa (raw, json)
Hash identifier: /If0P419Vp8kBK6agbAifI8MEBvId8kqXjjQICEqSBI=
Subject key identifier: 43:BA:32:B8:FA:5F:E3:AF:8B:C5:C1:BC:01:4E:F5:FA:FA:08:CD:86
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195663E175F0C874E3E92B2D188EE519688
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7oyuPpf46-LxcG8AU71-voIzYY.roa
Signing time: Wed 05 Mar 2025 12:18:20 +0000
ROA not before: Wed 05 Mar 2025 12:18:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.83.145.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.130.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:3e:17:5f:0c:87:4e:3e:92:b2:d1:88:ee:51:96:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 5 12:18:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43ba32b8fa5fe3af8bc5c1bc014ef5fafa08cd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:f7:85:d3:9d:40:c4:3d:80:54:05:1a:c5:
04:ca:12:85:4c:68:2f:ba:ee:c3:08:56:d6:03:78:
29:a4:4f:16:00:76:6e:fe:31:d1:46:4f:5d:e1:bc:
87:7a:e9:c1:63:fe:90:cc:14:df:60:fe:69:90:63:
08:c0:b0:87:41:18:c3:70:66:7f:f7:e5:7c:18:84:
48:d0:9c:0f:53:78:d6:82:1a:21:34:4e:e1:45:9b:
00:e9:80:5f:5e:45:53:43:18:98:44:35:8f:cd:53:
55:b0:02:9f:92:de:d4:01:90:ce:04:d7:a3:24:da:
f6:d9:3a:ab:76:48:f1:9a:d5:69:dc:64:98:05:7e:
38:fa:08:53:de:5e:9e:e5:83:d3:1a:df:6d:de:0b:
34:5c:70:91:42:09:c6:bd:38:08:b0:d6:d4:98:3c:
34:bd:ed:75:a9:9f:d7:db:0d:d4:ae:98:37:e2:f2:
5f:99:48:21:dd:a7:4b:d7:b2:85:e1:ba:bd:16:27:
a9:32:cb:fa:bc:61:b0:5d:ce:c9:f1:74:0c:1d:e1:
ce:bf:59:69:16:2e:6d:c4:b9:b6:e0:3f:a5:c8:8d:
eb:f2:d9:bf:26:18:99:fa:c7:92:91:62:38:5b:88:
a7:14:46:d7:b9:0b:01:75:6a:b9:61:ba:f0:55:fb:
b7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BA:32:B8:FA:5F:E3:AF:8B:C5:C1:BC:01:4E:F5:FA:FA:08:CD:86
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q7oyuPpf46-LxcG8AU71-voIzYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.83.145.0/24
5.175.140.0/24
5.231.25.0-5.231.26.255
85.118.162.0/24
87.239.130.0/24
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
09:66:5c:21:35:df:d9:d7:c0:1e:17:15:78:43:1b:fc:91:0f:
5b:6c:46:c3:20:8b:3d:d7:aa:a1:cd:dd:db:54:4b:51:b1:d0:
b5:d3:e4:1f:1a:b2:32:48:c3:cb:b8:66:f0:c3:4b:3f:f7:f2:
da:58:4e:09:4a:10:0a:4c:2e:4f:b3:7b:47:6b:1f:6e:ce:75:
22:05:cf:e1:7f:eb:22:71:b5:84:d9:cb:06:15:ca:93:68:b3:
c4:56:7b:5a:c7:7b:3c:9f:09:8e:b0:b4:96:ef:fc:91:e4:4f:
3d:5c:73:f6:cd:a9:b3:0e:1b:4d:b3:96:85:44:6f:92:c8:fe:
47:05:36:ac:4e:21:23:bd:79:90:0b:06:b1:91:c6:27:97:33:
fa:e3:a7:80:75:78:a7:01:36:85:4d:00:d4:8a:39:b4:ca:39:
56:c4:2d:71:7d:98:3b:a5:b4:6a:46:4e:a7:7f:58:1d:f6:14:
e5:71:84:86:73:dd:60:ac:fa:db:1d:de:4a:48:d7:22:a2:ee:
0b:b4:69:07:f0:f1:12:09:f6:26:25:b7:d0:2b:61:f0:c1:59:
4e:14:5d:86:0e:f2:d6:ff:5c:f6:d3:b0:dc:2e:1e:0b:43:0a:
04:c5:ea:8e:2f:a6:67:d2:dc:ec:4d:b8:ba:2a:ce:cf:1b:64:
b4:24:24:8a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZVmPhdfDIdOPpKy0YjuUZaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzA1MTIxODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JhMzJiOGZhNWZlM2FmOGJjNWMxYmMwMTRlZjVmYWZhMDhjZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIL3hdOdQMQ9gFQFGsUEyhKFTGgv
uu7DCFbWA3gppE8WAHZu/jHRRk9d4byHeunBY/6QzBTfYP5pkGMIwLCHQRjDcGZ/
9+V8GIRI0JwPU3jWghohNE7hRZsA6YBfXkVTQxiYRDWPzVNVsAKfkt7UAZDOBNej
JNr22TqrdkjxmtVp3GSYBX44+ghT3l6e5YPTGt9t3gs0XHCRQgnGvTgIsNbUmDw0
ve11qZ/X2w3Urpg34vJfmUgh3adL17KF4bq9FiepMsv6vGGwXc7J8XQMHeHOv1lp
Fi5txLm24D+lyI3r8tm/JhiZ+seSkWI4W4inFEbXuQsBdWq5YbrwVfu3zQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEO6Mrj6X+Ovi8XBvAFO9fr6CM2GMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUTdveXVQcGY0Ni1MeGNHOEFVNzEtdm9JellZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABVOGAwQA
BVORAwQABa+MMAwDBAAF5xkDBAAF5xoDBABVdqIDBABX74IDBABZakcwDQYJKoZI
hvcNAQELBQADggEBAAlmXCE139nXwB4XFXhDG/yRD1tsRsMgiz3XqqHN3dtUS1Gx
0LXT5B8asjJIw8u4ZvDDSz/38tpYTglKEApMLk+ze0drH27OdSIFz+F/6yJxtYTZ
ywYVypNos8RWe1rHezyfCY6wtJbv/JHkTz1cc/bNqbMOG02zloVEb5LI/kcFNqxO
ISO9eZALBrGRxieXM/rjp4B1eKcBNoVNANSKObTKOVbELXF9mDultGpGTqd/WB32
FOVxhIZz3WCs+tsd3kpI1yKi7gu0aQfw8RIJ9iYlt9ArYfDBWU4UXYYO8tb/XPbT
sNwuHgtDCgTF6o4vpmfS3OxNuLoqzs8bZLQkJIo=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:08 2025 by rpki-client