Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fi3zjK4c4zkE4Cl8oQCeNWCowVA.roa
File: fi3zjK4c4zkE4Cl8oQCeNWCowVA.roa (raw, json)
Hash identifier: SAh6vlIiyENaeyVPzGpVxwvmjp27+w68x/XWhb2ZGk4=
Subject key identifier: 7E:2D:F3:8C:AE:1C:E3:39:04:E0:29:7C:A1:00:9E:35:60:A8:C1:50
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019565FC5EC6CCE6790563243570AB2A5E1D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fi3zjK4c4zkE4Cl8oQCeNWCowVA.roa
Signing time: Wed 05 Mar 2025 11:06:32 +0000
ROA not before: Wed 05 Mar 2025 11:06:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 5.231.232.0/24 maxlen: 24
5.231.233.0/24 maxlen: 24
77.90.3.0/24 maxlen: 24
77.90.28.0/24 maxlen: 24
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.94.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.30.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
89.144.33.0/24 maxlen: 24
89.144.42.0/24 maxlen: 24
89.144.43.0/24 maxlen: 24
89.144.44.0/24 maxlen: 24
89.144.46.0/24 maxlen: 24
89.144.47.0/24 maxlen: 24
89.144.48.0/24 maxlen: 24
89.144.49.0/24 maxlen: 24
89.144.50.0/24 maxlen: 24
89.144.51.0/24 maxlen: 24
89.144.52.0/24 maxlen: 24
89.144.53.0/24 maxlen: 24
89.144.54.0/24 maxlen: 24
89.144.55.0/24 maxlen: 24
89.144.58.0/24 maxlen: 24
89.144.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:fc:5e:c6:cc:e6:79:05:63:24:35:70:ab:2a:5e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 5 11:06:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e2df38cae1ce33904e0297ca1009e3560a8c150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e4:9e:28:b7:7a:8e:d8:f1:7c:4c:2e:d0:e6:
8a:39:88:cc:64:fc:59:11:51:9d:08:fe:b3:95:33:
61:48:cd:dd:cf:c9:8d:0a:a4:3f:74:28:e9:be:21:
79:1e:e6:63:e0:58:38:9a:46:01:d6:c6:cd:28:42:
a0:97:3b:a3:14:47:63:c4:38:af:9e:94:32:e7:98:
73:9f:33:4a:f1:5f:47:a8:f9:24:2b:02:55:5d:65:
d5:11:f1:07:3c:77:b4:38:c0:7d:87:ed:9f:9d:08:
bb:19:20:48:3e:fc:7b:77:ac:05:06:fc:2f:b9:db:
55:21:e1:7e:69:51:02:32:e1:02:28:4d:25:fd:2d:
31:e3:5e:88:11:8a:5e:31:c3:d3:03:5d:42:dd:20:
63:74:72:34:a9:22:48:d0:3d:6e:a0:d0:6c:9a:c4:
7c:eb:58:c8:a9:32:1e:68:aa:5f:14:99:b3:76:4f:
65:75:42:a4:fa:c7:77:18:66:28:88:fc:93:5c:48:
69:09:2f:8e:5c:d3:9d:8d:d6:6f:1d:01:1b:7a:b8:
1d:c8:c9:b3:1f:5d:42:1f:be:d7:b5:4d:fb:4d:13:
ad:ca:c4:d1:21:3a:ba:fd:f2:75:4b:a1:a7:66:a7:
c4:25:9d:64:52:6f:1b:63:78:ef:09:62:a8:96:5a:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2D:F3:8C:AE:1C:E3:39:04:E0:29:7C:A1:00:9E:35:60:A8:C1:50
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/fi3zjK4c4zkE4Cl8oQCeNWCowVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.232.0/23
77.90.3.0/24
77.90.28.0/24
89.106.92.0/22
89.144.30.0/23
89.144.33.0/24
89.144.42.0-89.144.44.255
89.144.46.0-89.144.55.255
89.144.58.0/23
Signature Algorithm: sha256WithRSAEncryption
18:6e:3b:cd:40:1c:1a:da:6a:40:b3:d4:42:9d:76:1e:c5:95:
28:f7:6d:ff:b5:8c:49:84:7a:18:d6:7d:e8:ac:65:4a:a9:b3:
39:5f:67:b3:a9:64:62:4e:ec:47:a1:36:d8:80:03:03:bf:93:
74:65:2b:5e:f6:08:0b:37:97:ee:d2:31:9f:9d:fb:dd:41:e0:
db:d2:bc:0a:d5:90:b6:ed:fc:15:0f:e7:75:47:0c:95:c9:45:
fc:8a:39:23:1e:96:cb:7f:bc:a6:7f:89:a7:e4:82:16:98:31:
34:0e:4e:da:67:47:d2:16:5c:f4:1c:79:c7:7a:42:11:4a:94:
17:d6:42:a7:5f:37:7b:23:de:e8:4b:0b:6a:89:c2:e4:88:65:
6b:9b:c9:e2:72:36:04:67:12:56:77:8c:82:f7:f1:a4:6f:54:
fe:e9:53:34:b1:cf:5e:79:50:ec:34:e3:91:cb:a9:e2:b6:09:
ed:78:1e:cd:1e:99:8e:cf:38:fb:c1:cd:6d:b7:e8:50:03:fb:
06:64:4c:77:8a:27:e3:b7:f7:ef:90:8f:37:fa:57:c6:01:71:
29:49:65:8e:55:cb:66:03:a4:ae:ce:b1:04:2f:9e:fe:65:a3:
ee:ff:64:9f:3a:58:8f:1e:96:09:11:54:7f:36:70:53:f1:65:
29:1b:43:76
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZVl/F7GzOZ5BWMkNXCrKl4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzA1MTEwNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJkZjM4Y2FlMWNlMzM5MDRlMDI5N2NhMTAwOWUzNTYwYThjMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+SeKLd6jtjxfEwu0OaKOYjMZPxZ
EVGdCP6zlTNhSM3dz8mNCqQ/dCjpviF5HuZj4Fg4mkYB1sbNKEKglzujFEdjxDiv
npQy55hznzNK8V9HqPkkKwJVXWXVEfEHPHe0OMB9h+2fnQi7GSBIPvx7d6wFBvwv
udtVIeF+aVECMuECKE0l/S0x416IEYpeMcPTA11C3SBjdHI0qSJI0D1uoNBsmsR8
61jIqTIeaKpfFJmzdk9ldUKk+sd3GGYoiPyTXEhpCS+OXNOdjdZvHQEbergdyMmz
H11CH77XtU37TROtysTRITq6/fJ1S6GnZqfEJZ1kUm8bY3jvCWKollqxyQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFH4t84yuHOM5BOApfKEAnjVgqMFQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZmkzempLNGM0emtFNENsOG9RQ2VOV0Nvd1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBBefoAwQA
TVoDAwQATVocAwQCWWpcAwQBWZAeAwQAWZAhMAwDBAFZkCoDBABZkCwwDAMEAVmQ
LgMEA1mQMAMEAVmQOjANBgkqhkiG9w0BAQsFAAOCAQEAGG47zUAcGtpqQLPUQp12
HsWVKPdt/7WMSYR6GNZ96KxlSqmzOV9ns6lkYk7sR6E22IADA7+TdGUrXvYICzeX
7tIxn5373UHg29K8CtWQtu38FQ/ndUcMlclF/Io5Ix6Wy3+8pn+Jp+SCFpgxNA5O
2mdH0hZc9Bx5x3pCEUqUF9ZCp183eyPe6EsLaonC5Ihla5vJ4nI2BGcSVneMgvfx
pG9U/ulTNLHPXnlQ7DTjkcup4rYJ7XgezR6Zjs84+8HNbbfoUAP7BmRMd4on47f3
75CPN/pXxgFxKUlljlXLZgOkrs6xBC+e/mWj7v9knzpYjx6WCRFUfzZwU/FlKRtD
dg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:10:28 2025 by rpki-client