Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lGxxRas3CqgzWqQLmb2l_vjUY6U.roa
File: lGxxRas3CqgzWqQLmb2l_vjUY6U.roa (raw, json)
Hash identifier: UyyRjhAyF3UOpnMddrPxp5hA0u6vyr47MCBgn9ULXig=
Subject key identifier: 94:6C:71:45:AB:37:0A:A8:33:5A:A4:0B:99:BD:A5:FE:F8:D4:63:A5
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01947CFA9DD748DF148776C946DFBD0BA6FC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lGxxRas3CqgzWqQLmb2l_vjUY6U.roa
Signing time: Sun 19 Jan 2025 05:13:06 +0000
ROA not before: Sun 19 Jan 2025 05:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.175.138.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.69.0/24 maxlen: 24
94.103.164.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.212.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
94.249.237.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7c:fa:9d:d7:48:df:14:87:76:c9:46:df:bd:0b:a6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 19 05:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=946c7145ab370aa8335aa40b99bda5fef8d463a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:87:10:a3:70:cd:e5:d4:79:05:f1:9f:0c:e4:
a7:ec:0f:a7:4b:2d:40:7b:bc:72:80:61:15:6a:f5:
f4:76:96:26:e4:7d:43:c3:d0:b0:f9:cc:80:c1:ee:
cc:7b:38:f2:36:de:97:b6:00:a7:d3:ab:2d:b7:f4:
46:be:57:8c:31:cb:a7:23:31:f5:4d:7a:e6:02:b1:
de:16:ed:5f:62:96:d6:32:34:bd:dc:51:8f:b7:fa:
e9:a0:a2:4c:70:4f:d4:93:c3:5d:d1:33:dd:e0:f6:
c0:76:dd:c5:4a:63:65:ca:91:d0:0c:82:7a:e4:7c:
d2:33:7f:07:3a:06:7b:86:09:79:23:0e:4d:d8:bc:
52:e5:cc:ef:2d:bc:0d:eb:68:65:21:04:d6:7b:71:
ec:42:b1:c3:51:ea:7c:d6:38:4b:ab:e3:a4:06:4e:
b3:39:c6:bf:86:93:fb:2b:32:0b:8e:5b:29:51:ea:
59:20:22:fa:8e:e5:a6:61:34:62:2e:e1:91:5d:f7:
0b:ae:2c:21:9e:ae:35:b3:89:9b:69:ba:a1:e9:9e:
89:c3:08:ac:82:b8:70:03:5e:aa:a6:49:af:f2:16:
ea:a5:49:1d:1d:00:89:44:86:d2:83:81:8d:29:88:
0a:08:7e:d1:f3:48:95:95:d1:26:4a:cd:31:32:5a:
57:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6C:71:45:AB:37:0A:A8:33:5A:A4:0B:99:BD:A5:FE:F8:D4:63:A5
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/lGxxRas3CqgzWqQLmb2l_vjUY6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.175.138.0/24
77.90.54.0/24
87.239.131.0/24
89.106.69.0/24
94.103.164.0/24
94.249.148.0/24
94.249.153.0/24
94.249.158.0/24
94.249.195.0/24
94.249.212.0/24
94.249.214.0/23
94.249.237.0/24
95.215.32.0/24
95.215.34.0/24
178.18.144.0/24
185.13.156.0/24
185.13.159.0/24
185.47.143.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:27:1d:25:a9:29:c2:f4:44:3a:bc:39:ce:ff:be:b6:80:89:
94:91:51:12:80:eb:69:eb:38:43:a8:8b:e5:dd:89:68:c8:93:
f2:3e:2e:a0:cf:01:22:a1:6b:c4:ea:78:1a:d9:9f:1c:2a:68:
5f:92:97:c4:a1:b3:d6:97:e9:3e:6b:48:48:c1:53:13:b2:cf:
cb:8f:24:b1:62:c9:ae:30:17:65:3d:3f:76:b4:14:93:bd:43:
12:d0:05:b8:29:b5:bf:fd:fb:32:2c:7a:50:a2:e6:81:2b:b0:
42:f8:f6:ab:b7:cc:90:4b:ad:1a:83:7a:c8:9d:a0:05:11:6f:
ad:83:51:ab:9f:a9:80:08:de:ac:90:27:15:4c:64:e2:d0:0f:
32:7f:3b:67:23:4a:e2:fc:48:68:8f:53:0d:bd:0f:15:23:16:
41:d6:53:30:d2:82:6c:b3:f2:52:24:b1:2a:5f:4b:35:13:1a:
c3:1d:d8:eb:6b:29:80:6b:75:ec:cc:45:13:8f:4e:3d:fb:94:
d2:aa:7d:00:65:f3:26:51:5b:bb:1e:e9:55:1e:aa:5e:2f:3f:
df:01:31:d2:bb:20:59:f2:da:aa:fd:29:95:db:b4:33:78:c6:
11:57:ea:c1:10:f4:8e:b4:eb:cf:17:cd:8f:57:09:49:a0:fa:
ae:6f:67:93
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZR8+p3XSN8Uh3bJRt+9C6b8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTE5MDUxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZjNzE0NWFiMzcwYWE4MzM1YWE0MGI5OWJkYTVmZWY4ZDQ2M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIcQo3DN5dR5BfGfDOSn7A+nSy1A
e7xygGEVavX0dpYm5H1Dw9Cw+cyAwe7MezjyNt6XtgCn06stt/RGvleMMcunIzH1
TXrmArHeFu1fYpbWMjS93FGPt/rpoKJMcE/Uk8Nd0TPd4PbAdt3FSmNlypHQDIJ6
5HzSM38HOgZ7hgl5Iw5N2LxS5czvLbwN62hlIQTWe3HsQrHDUep81jhLq+OkBk6z
Oca/hpP7KzILjlspUepZICL6juWmYTRiLuGRXfcLriwhnq41s4mbabqh6Z6Jwwis
grhwA16qpkmv8hbqpUkdHQCJRIbSg4GNKYgKCH7R80iVldEmSs0xMlpXAwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJRscUWrNwqoM1qkC5m9pf741GOlMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbEd4eFJhczNDcWd6V3FRTG1iMmxfdmpVWTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAAVTgQME
AAWvigMEAE1aNgMEAFfvgwMEAFlqRQMEAF5npAMEAF75lAMEAF75mQMEAF75ngME
AF75wwMEAF751AMEAV751gMEAF757QMEAF/XIAMEAF/XIgMEALISkAMEALkNnAME
ALkNnwMEALkvjzANBgkqhkiG9w0BAQsFAAOCAQEAHycdJakpwvREOrw5zv++toCJ
lJFREoDraes4Q6iL5d2JaMiT8j4uoM8BIqFrxOp4GtmfHCpoX5KXxKGz1pfpPmtI
SMFTE7LPy48ksWLJrjAXZT0/drQUk71DEtAFuCm1v/37Mix6UKLmgSuwQvj2q7fM
kEutGoN6yJ2gBRFvrYNRq5+pgAjerJAnFUxk4tAPMn87ZyNK4vxIaI9TDb0PFSMW
QdZTMNKCbLPyUiSxKl9LNRMawx3Y62spgGt17MxFE49OPfuU0qp9AGXzJlFbux7p
VR6qXi8/3wEx0rsgWfLaqv0pldu0M3jGEVfqwRD0jrTrzxfNj1cJSaD6rm9nkw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:27:59 2025 by rpki-client