Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bKR70Zcm8dLw9D-BPD5n1t3VhjM.roa
File: bKR70Zcm8dLw9D-BPD5n1t3VhjM.roa (raw, json)
Hash identifier: jggcxFPoJR5QiHM6BfMmtz5OdOlmT+/4DzTYeQQAu4I=
Subject key identifier: 6C:A4:7B:D1:97:26:F1:D2:F0:F4:3F:81:3C:3E:67:D6:DD:D5:86:33
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01956F0038A3AF6B71DAB37DA51220C5994A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bKR70Zcm8dLw9D-BPD5n1t3VhjM.roa
Signing time: Fri 07 Mar 2025 05:07:20 +0000
ROA not before: Fri 07 Mar 2025 05:07:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.142.0/24 maxlen: 24
5.175.220.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
77.90.7.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.58.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.34.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:00:38:a3:af:6b:71:da:b3:7d:a5:12:20:c5:99:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 7 05:07:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ca47bd19726f1d2f0f43f813c3e67d6ddd58633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7b:ae:12:86:09:1b:41:62:e8:a2:d1:19:31:
46:4c:42:08:b1:d5:fb:c9:97:ff:14:6b:41:ca:40:
2a:8e:17:4f:23:1e:e4:3d:4e:36:1e:11:a6:45:1d:
f6:42:db:9e:4d:24:89:39:7a:83:92:e5:94:47:7c:
c5:27:f3:21:50:44:7c:64:22:8a:85:13:09:e1:cb:
7f:2a:e2:3f:1e:35:c3:e0:d7:b0:b3:ed:9f:9e:64:
c7:2c:56:ae:c0:45:0c:18:81:d1:52:6c:c7:41:63:
e2:27:fd:49:7a:b5:72:25:c2:7a:98:02:6f:4d:22:
1d:ef:7e:d4:51:5c:0b:91:e1:3a:fb:eb:43:53:3d:
ca:7a:29:a0:08:32:77:5f:8c:6e:0d:aa:89:28:67:
5a:ae:f5:00:5d:19:ac:ae:bb:bc:ea:ec:cc:1b:e2:
31:4e:3b:8e:d9:37:f9:5a:db:90:6b:3d:7d:a9:3f:
ba:f3:38:c6:76:10:a2:bc:08:64:7b:a1:89:a2:f5:
1c:a1:23:57:47:bb:3e:78:e3:59:90:30:9e:88:f4:
df:f3:bc:c5:86:65:63:29:e3:97:c3:7c:15:2b:e7:
0c:a1:ef:b4:d3:5f:04:a6:a0:7a:f1:3e:6d:cf:e9:
c2:ea:b7:3f:29:08:22:94:a5:74:86:50:ef:77:09:
04:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A4:7B:D1:97:26:F1:D2:F0:F4:3F:81:3C:3E:67:D6:DD:D5:86:33
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/bKR70Zcm8dLw9D-BPD5n1t3VhjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.142.0/24
5.175.220.0/24
5.231.82.0/24
77.90.7.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
77.90.58.0/24
89.106.70.0/24
89.144.25.0/24
89.144.34.0/23
89.144.60.0/24
Signature Algorithm: sha256WithRSAEncryption
38:09:a1:97:6b:21:79:e1:d4:3d:d9:ec:56:42:34:1d:b1:56:
29:6f:78:f8:22:02:29:1c:34:5c:93:e8:f7:d9:67:12:37:3c:
70:cb:19:2b:0e:ab:1e:3e:d9:8d:7c:60:5d:ad:20:d2:6a:ba:
11:67:8c:0e:47:97:c1:a8:64:f6:74:8d:18:0a:05:50:8c:34:
62:36:50:6c:14:a2:6f:3c:5e:d2:05:4f:c2:dd:5b:ca:b3:01:
1d:8c:2a:a9:8d:2b:7b:0a:40:d3:84:5d:06:81:74:42:d1:a4:
5e:11:b1:44:b0:bc:a3:96:ee:23:51:09:84:71:dd:ff:c0:52:
a2:69:ae:2f:a5:39:3b:fc:8c:bb:a5:c6:87:22:4a:d2:60:15:
b9:70:ec:31:e6:0c:f9:90:26:9d:1f:1c:4f:77:20:f9:95:b6:
7e:9b:85:64:46:2e:ca:d6:39:f9:cf:fd:95:a7:43:07:fa:52:
90:2d:3b:c9:b1:09:6d:12:7e:13:a1:10:6b:b0:64:28:fc:96:
0b:02:b2:d0:12:d3:cf:b6:0b:b3:d6:50:85:56:a1:0b:74:e0:
80:f3:f9:56:78:68:17:4d:94:8e:79:4d:8f:2d:be:84:28:dd:
ca:8b:1d:63:77:ee:78:ff:cf:5d:8a:ee:d6:11:77:87:8b:58:
16:b7:0f:ab
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZVvADijr2tx2rN9pRIgxZlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzA3MDUwNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E0N2JkMTk3MjZmMWQyZjBmNDNmODEzYzNlNjdkNmRkZDU4NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknuuEoYJG0Fi6KLRGTFGTEIIsdX7
yZf/FGtBykAqjhdPIx7kPU42HhGmRR32QtueTSSJOXqDkuWUR3zFJ/MhUER8ZCKK
hRMJ4ct/KuI/HjXD4News+2fnmTHLFauwEUMGIHRUmzHQWPiJ/1JerVyJcJ6mAJv
TSId737UUVwLkeE6++tDUz3KeimgCDJ3X4xuDaqJKGdarvUAXRmsrru86uzMG+Ix
TjuO2Tf5WtuQaz19qT+68zjGdhCivAhke6GJovUcoSNXR7s+eONZkDCeiPTf87zF
hmVjKeOXw3wVK+cMoe+0018EpqB68T5tz+nC6rc/KQgilKV0hlDvdwkE2wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGyke9GXJvHS8PQ/gTw+Z9bd1YYzMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYktSNzBaY204ZEx3OUQtQlBENW4xdDNWaGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABVOWAwQA
Ba+OAwQABa/cAwQABedSAwQATVoHAwQATVonAwQATVopAwQATVo0AwQATVo6AwQA
WWpGAwQAWZAZAwQBWZAiAwQAWZA8MA0GCSqGSIb3DQEBCwUAA4IBAQA4CaGXayF5
4dQ92exWQjQdsVYpb3j4IgIpHDRck+j32WcSNzxwyxkrDqsePtmNfGBdrSDSaroR
Z4wOR5fBqGT2dI0YCgVQjDRiNlBsFKJvPF7SBU/C3VvKswEdjCqpjSt7CkDThF0G
gXRC0aReEbFEsLyjlu4jUQmEcd3/wFKiaa4vpTk7/Iy7pcaHIkrSYBW5cOwx5gz5
kCadHxxPdyD5lbZ+m4VkRi7K1jn5z/2Vp0MH+lKQLTvJsQltEn4ToRBrsGQo/JYL
ArLQEtPPtguz1lCFVqELdOCA8/lWeGgXTZSOeU2PLb6EKN3Kix1jd+54/89diu7W
EXeHi1gWtw+r
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:20:30 2025 by rpki-client