Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RzqNiQqxizcjuXBiguBfCeWr3OM.roa
File: RzqNiQqxizcjuXBiguBfCeWr3OM.roa (raw, json)
Hash identifier: c4Oh9YgT2z75HGM/lC5BrQc385F7oiG1n9mds0Y6tsI=
Subject key identifier: 47:3A:8D:89:0A:B1:8B:37:23:B9:70:62:82:E0:5F:09:E5:AB:DC:E3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195D4F57332AFDF7CB85E7E5AFE477619A2
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RzqNiQqxizcjuXBiguBfCeWr3OM.roa
Signing time: Thu 27 Mar 2025 00:16:50 +0000
ROA not before: Thu 27 Mar 2025 00:16:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215365
IP address blocks: 5.231.253.0/24 maxlen: 24
77.90.15.0/24 maxlen: 24
77.90.60.0/24 maxlen: 24
89.144.61.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:f5:73:32:af:df:7c:b8:5e:7e:5a:fe:47:76:19:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 27 00:16:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=473a8d890ab18b3723b9706282e05f09e5abdce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:95:db:1b:62:e5:3f:3a:61:4e:8a:2b:0b:
bc:51:1e:9c:f1:57:38:8d:90:a7:c5:dd:d3:c8:8b:
ee:e4:a2:b4:d3:cc:63:a9:4c:82:03:79:80:b7:e4:
fd:b3:46:f7:2d:06:a0:60:40:79:79:9c:b7:b2:9a:
f7:0a:ff:ba:b1:b5:ae:03:6d:47:b8:7f:ad:dd:5e:
6f:a5:13:f9:6f:75:a1:f4:12:fb:79:47:af:23:f3:
cc:93:17:b3:db:27:97:ed:5d:43:90:13:36:0e:2c:
d3:2e:86:7c:ad:74:8c:57:f5:f2:3d:8f:71:4f:ba:
c1:92:45:68:f0:d7:ca:4c:a2:54:5e:21:3f:55:b7:
98:62:2c:5c:f8:66:e5:a7:fd:4d:82:12:c8:42:b0:
88:4a:f9:1b:b6:80:fe:4c:87:53:9f:b3:29:71:db:
2c:5c:a8:f8:fb:ff:2b:44:3f:b7:14:a7:51:e6:40:
cd:d9:af:6e:40:56:53:b6:ee:f1:6a:08:34:bf:85:
5a:4e:d7:bc:48:c6:78:96:48:94:0c:a7:0e:3e:04:
86:95:65:89:10:71:b1:f2:09:2a:e7:f7:a9:0a:9b:
c2:fd:19:47:b4:8e:fe:eb:6a:20:9a:79:f9:60:f2:
d9:08:c1:b3:d2:49:96:08:08:09:f9:4e:88:2b:42:
7f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3A:8D:89:0A:B1:8B:37:23:B9:70:62:82:E0:5F:09:E5:AB:DC:E3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/RzqNiQqxizcjuXBiguBfCeWr3OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.253.0/24
77.90.15.0/24
77.90.60.0/24
89.144.61.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a1:9d:e8:d5:8f:1c:64:af:93:5c:8c:2c:55:ca:68:45:ce:
c7:94:d2:71:b2:33:ed:62:52:a7:d7:ed:f4:3a:8e:31:c2:e3:
c1:54:cc:f6:f6:54:e8:29:9b:e0:dc:e6:de:33:d7:30:af:35:
e6:ea:3d:16:2b:f9:28:98:6a:d1:fc:64:7c:a9:53:a5:30:e9:
41:02:54:47:dd:9b:e0:56:d5:79:0f:25:ab:ca:b2:0e:5f:40:
f2:8a:ee:35:04:f0:aa:7c:c4:a0:a7:64:fe:94:01:2b:99:10:
67:09:7f:3e:9d:a2:5a:85:cc:54:6c:08:f6:6f:8f:ae:65:24:
43:17:4e:20:0c:7a:f3:2e:de:1b:8e:30:21:42:e0:60:d7:9c:
b9:79:22:77:c8:ce:30:bb:5a:6a:65:99:60:ee:40:bd:e8:ee:
8c:ee:fb:48:50:59:d9:77:74:ea:f9:0e:bd:c3:a7:cc:a2:c6:
15:0c:21:fe:b5:44:c3:3a:bf:a4:5d:b1:1a:89:bb:38:ba:75:
e3:3a:1c:68:e4:dd:ce:4b:ab:76:89:28:bd:1e:ae:97:2d:8f:
32:8c:c3:7d:c6:34:c3:46:d6:4d:8d:9c:43:9a:55:4e:71:73:
a3:87:47:a4:03:50:ee:bd:97:a6:30:d4:9b:d6:ac:89:68:d7:
8e:db:72:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXU9XMyr998uF5+Wv5HdhmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzI3MDAxNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzNhOGQ4OTBhYjE4YjM3MjNiOTcwNjI4MmUwNWYwOWU1YWJkY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMiV2xti5T86YU6KKwu8UR6c8Vc4
jZCnxd3TyIvu5KK008xjqUyCA3mAt+T9s0b3LQagYEB5eZy3spr3Cv+6sbWuA21H
uH+t3V5vpRP5b3Wh9BL7eUevI/PMkxez2yeX7V1DkBM2DizTLoZ8rXSMV/XyPY9x
T7rBkkVo8NfKTKJUXiE/VbeYYixc+Gblp/1NghLIQrCISvkbtoD+TIdTn7Mpcdss
XKj4+/8rRD+3FKdR5kDN2a9uQFZTtu7xagg0v4VaTte8SMZ4lkiUDKcOPgSGlWWJ
EHGx8gkq5/epCpvC/RlHtI7+62ogmnn5YPLZCMGz0kmWCAgJ+U6IK0J/cQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEc6jYkKsYs3I7lwYoLgXwnlq9zjMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUnpxTmlRcXhpemNqdVhCaWd1QmZDZVdyM09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABef9AwQA
TVoPAwQATVo8AwQAWZA9AwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQBEoZ3o1Y8c
ZK+TXIwsVcpoRc7HlNJxsjPtYlKn1+30Oo4xwuPBVMz29lToKZvg3ObeM9cwrzXm
6j0WK/komGrR/GR8qVOlMOlBAlRH3ZvgVtV5DyWryrIOX0Dyiu41BPCqfMSgp2T+
lAErmRBnCX8+naJahcxUbAj2b4+uZSRDF04gDHrzLt4bjjAhQuBg15y5eSJ3yM4w
u1pqZZlg7kC96O6M7vtIUFnZd3Tq+Q69w6fMosYVDCH+tUTDOr+kXbEaibs4unXj
Ohxo5N3OS6t2iSi9Hq6XLY8yjMN9xjTDRtZNjZxDmlVOcXOjh0ekA1DuvZemMNSb
1qyJaNeO23J9
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:10:28 2025 by rpki-client