Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RN10TUCsNkMlET_gH9BiS4UNrPQ.roa
File: RN10TUCsNkMlET_gH9BiS4UNrPQ.roa (raw, json)
Hash identifier: +kf3opegXhNoMJ3o9GRIuXs4H3Y4LJ8R0HxnEe6BESg=
Subject key identifier: 44:DD:74:4D:40:AC:36:43:25:11:3F:E0:1F:D0:62:4B:85:0D:AC:F4
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195584A9E8074FA6D75F857D3287BB73872
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RN10TUCsNkMlET_gH9BiS4UNrPQ.roa
Signing time: Sun 02 Mar 2025 19:17:20 +0000
ROA not before: Sun 02 Mar 2025 19:17:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213519
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
89.144.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:58:4a:9e:80:74:fa:6d:75:f8:57:d3:28:7b:b7:38:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 2 19:17:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44dd744d40ac364325113fe01fd0624b850dacf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:98:91:17:39:a7:4f:f3:b5:01:76:dc:b7:7c:
b3:e1:04:e6:65:39:dc:7e:7a:0a:d3:7f:6b:54:4e:
66:c5:1b:ab:6a:6c:53:ff:e4:fc:6c:18:b8:e4:35:
f2:9f:2b:46:a6:8f:6f:62:d6:e3:0a:b1:b6:9c:4b:
01:ec:2d:2d:ae:d9:32:65:bf:99:ab:04:67:c9:5b:
52:1b:5a:36:01:d0:17:da:16:f3:aa:8d:fb:fe:e0:
12:1d:a8:a6:5a:1d:fd:e7:51:55:3a:34:fd:5c:3c:
8c:d6:55:69:89:ea:d0:65:b1:78:f7:65:50:e3:52:
9d:8e:e1:72:94:49:fe:a6:f7:21:59:bd:a0:0d:fa:
9e:9b:c6:39:9e:a8:b1:04:f9:6f:f1:1a:f4:b6:56:
45:2c:1a:ee:02:24:37:6f:03:80:c3:d5:e7:8e:b3:
35:81:ca:13:fe:8a:b9:3e:c2:0a:91:03:e8:11:2c:
4f:31:2f:1c:1c:ff:25:48:58:2c:91:4e:88:48:80:
0b:1c:31:5b:99:6e:ec:1a:f3:73:2d:5d:30:ba:04:
02:b1:a4:fe:ac:8a:94:d1:22:3f:2a:b6:d2:b8:42:
71:a5:d6:4d:61:e8:25:e3:1c:db:17:dd:f6:37:40:
72:86:66:ce:22:a7:1a:ba:08:2c:33:30:d1:ae:16:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DD:74:4D:40:AC:36:43:25:11:3F:E0:1F:D0:62:4B:85:0D:AC:F4
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RN10TUCsNkMlET_gH9BiS4UNrPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.175.239.0/24
5.231.96.0/24
89.144.38.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:26:f9:79:3d:e5:f1:88:e2:c3:e0:e8:33:62:f3:0e:65:e8:
81:0e:38:27:8d:45:6c:23:d3:0e:97:ca:a1:68:0a:2e:73:25:
af:97:51:d9:13:7a:89:59:4c:81:05:b9:79:86:b0:91:5e:96:
79:9d:cd:38:fe:77:56:2c:58:bb:f0:73:34:15:5d:d1:75:7a:
c1:7c:c2:f0:b1:96:01:5c:7b:0b:a9:d5:3b:e9:1a:47:d2:c9:
27:3a:1f:c3:bb:20:5a:48:da:c1:95:82:09:9c:9c:97:fa:88:
71:2a:d3:40:08:36:1e:c3:3d:b2:c1:ff:96:94:25:80:f2:48:
ca:69:29:52:1b:5b:52:9b:75:76:c8:52:fd:62:65:c5:06:82:
7c:e3:a5:75:9a:10:9f:57:96:b6:be:d7:a9:72:d8:0c:3f:60:
aa:fa:00:87:76:b9:9b:2e:a2:4a:fe:43:6b:5e:13:60:58:2e:
55:e7:a4:c8:e4:bc:0b:b2:84:8b:71:24:f1:6d:9b:a0:01:f4:
c5:a6:e0:15:1f:3f:04:f5:bd:b0:21:37:d9:26:47:17:35:42:
e9:2d:1b:41:81:e8:6a:24:01:7a:20:68:75:79:2f:ea:02:0a:
e6:47:c3:d0:8e:a9:3a:e1:b8:bf:9e:bf:ea:f6:32:ab:f9:45:
6c:ca:33:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVYSp6AdPptdfhX0yh7tzhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzAyMTkxNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRkNzQ0ZDQwYWMzNjQzMjUxMTNmZTAxZmQwNjI0Yjg1MGRhY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JiRFzmnT/O1AXbct3yz4QTmZTnc
fnoK039rVE5mxRuramxT/+T8bBi45DXynytGpo9vYtbjCrG2nEsB7C0trtkyZb+Z
qwRnyVtSG1o2AdAX2hbzqo37/uASHaimWh3951FVOjT9XDyM1lVpierQZbF492VQ
41KdjuFylEn+pvchWb2gDfqem8Y5nqixBPlv8Rr0tlZFLBruAiQ3bwOAw9XnjrM1
gcoT/oq5PsIKkQPoESxPMS8cHP8lSFgskU6ISIALHDFbmW7sGvNzLV0wugQCsaT+
rIqU0SI/KrbSuEJxpdZNYegl4xzbF932N0ByhmbOIqcauggsMzDRrhaH1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFETddE1ArDZDJRE/4B/QYkuFDaz0MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUk4xMFRVQ3NOa01sRVRfZ0g5QmlTNFVOclBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABa/tAwQA
Ba/vAwQABedgAwQAWZAmMA0GCSqGSIb3DQEBCwUAA4IBAQDZJvl5PeXxiOLD4Ogz
YvMOZeiBDjgnjUVsI9MOl8qhaAoucyWvl1HZE3qJWUyBBbl5hrCRXpZ5nc04/ndW
LFi78HM0FV3RdXrBfMLwsZYBXHsLqdU76RpH0sknOh/DuyBaSNrBlYIJnJyX+ohx
KtNACDYewz2ywf+WlCWA8kjKaSlSG1tSm3V2yFL9YmXFBoJ846V1mhCfV5a2vtep
ctgMP2Cq+gCHdrmbLqJK/kNrXhNgWC5V56TI5LwLsoSLcSTxbZugAfTFpuAVHz8E
9b2wITfZJkcXNULpLRtBgehqJAF6IGh1eS/qAgrmR8PQjqk64bi/nr/q9jKr+UVs
yjOZ
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:23:03 2025 by rpki-client