Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nCfoHtTJpUNd2aLq_WMm7YlV5Rs.roa
File: nCfoHtTJpUNd2aLq_WMm7YlV5Rs.roa (raw, json)
Hash identifier: 5UkZm4Dx5nkgNYhGlI1M2moM8W30BaRSMYzioYo6vTw=
Subject key identifier: 9C:27:E8:1E:D4:C9:A5:43:5D:D9:A2:EA:FD:63:26:ED:89:55:E5:1B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01945F95F8C1191521FE64EA1D98009472EC
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nCfoHtTJpUNd2aLq_WMm7YlV5Rs.roa
Signing time: Mon 13 Jan 2025 12:14:11 +0000
ROA not before: Mon 13 Jan 2025 12:14:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
5.231.29.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:95:f8:c1:19:15:21:fe:64:ea:1d:98:00:94:72:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 13 12:14:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c27e81ed4c9a5435dd9a2eafd6326ed8955e51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:77:dd:5f:dc:0e:08:55:4d:94:7b:3d:3b:
8d:55:f3:4f:a9:2c:b0:77:26:47:0b:14:ca:5e:0d:
20:6b:a5:dd:b2:a4:64:2f:bb:2a:b0:f0:cf:e3:9c:
4f:ec:6b:fd:fc:7e:7a:51:b6:3e:f6:d2:95:f8:52:
6b:3a:24:19:2d:2c:b6:f1:5c:20:91:6c:6e:50:f4:
21:73:bc:20:8c:92:9c:ee:1f:fa:9c:b9:af:be:5a:
35:df:6f:0a:1e:66:b6:88:4e:47:ee:0c:b8:ca:77:
b4:52:e3:59:d8:4b:32:37:f4:cf:91:c8:e7:b8:c2:
88:ea:94:5a:6a:f0:f7:54:93:d0:1c:eb:b6:18:8b:
42:37:06:38:40:7c:55:78:26:a2:89:12:72:37:a6:
dd:a7:e3:88:38:5d:64:0c:da:8f:40:44:65:c6:00:
ee:36:e5:4f:4f:d0:b0:b5:cb:21:dc:89:fb:9b:08:
ea:2c:59:82:d7:62:13:0a:0f:74:86:71:d9:3e:6c:
62:9c:f1:a4:b8:d2:34:a7:1a:6a:a1:d1:f6:ae:80:
76:28:9d:09:76:ca:9e:53:49:4d:72:82:b8:82:21:
29:d9:c5:1a:cf:a6:72:b0:12:4e:80:b1:88:c6:e6:
5e:c4:6e:67:44:45:ab:a2:bd:a9:5a:b2:ba:ad:8f:
cb:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:27:E8:1E:D4:C9:A5:43:5D:D9:A2:EA:FD:63:26:ED:89:55:E5:1B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/nCfoHtTJpUNd2aLq_WMm7YlV5Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
5.231.29.0/24
5.231.70.0/24
77.90.12.0/24
77.90.22.0/24
77.90.42.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e7:af:18:28:c9:05:6e:87:0d:53:a3:7f:37:f3:dc:aa:c9:
c2:f8:6e:eb:43:cd:c6:cd:ba:60:0c:1a:11:9f:5b:2f:eb:3f:
9d:6d:e4:18:aa:70:de:0b:24:77:88:31:4f:5d:f5:c8:0b:bc:
87:76:ad:22:4f:4a:6b:81:96:de:a5:97:06:7d:c7:ac:ae:12:
19:1e:69:58:51:4c:78:93:f2:00:e7:11:05:61:c8:12:39:d8:
08:4f:c3:8d:10:3d:d0:fc:a9:99:5a:75:46:fa:11:48:19:36:
e9:0d:0d:90:38:8e:bb:06:40:64:d2:26:32:21:4b:68:98:1b:
3f:85:f2:51:bb:b3:2b:e8:27:24:b6:fb:8e:af:31:f7:19:63:
c6:b2:91:a4:0f:b3:46:88:e2:dc:3e:a8:78:ea:89:f9:5f:62:
7c:66:60:33:74:5e:6c:dd:21:d9:fc:91:8c:de:4c:e0:d6:f6:
8b:18:fb:3d:2a:8e:d7:cb:5b:86:08:c9:7a:88:21:87:94:16:
5f:df:92:33:a8:0c:71:fa:ea:b1:07:60:d6:16:d3:4d:e5:93:
40:cd:af:80:62:8d:21:f3:99:f6:46:de:94:0e:3b:3c:4d:5c:
14:3b:a7:43:ef:11:8c:82:08:1d:3d:bb:c3:2b:69:1a:e5:75:
ce:e6:51:ba
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRflfjBGRUh/mTqHZgAlHLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTEzMTIxNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI3ZTgxZWQ0YzlhNTQzNWRkOWEyZWFmZDYzMjZlZDg5NTVlNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOd33V/cDghVTZR7PTuNVfNPqSyw
dyZHCxTKXg0ga6XdsqRkL7sqsPDP45xP7Gv9/H56UbY+9tKV+FJrOiQZLSy28Vwg
kWxuUPQhc7wgjJKc7h/6nLmvvlo1328KHma2iE5H7gy4yne0UuNZ2EsyN/TPkcjn
uMKI6pRaavD3VJPQHOu2GItCNwY4QHxVeCaiiRJyN6bdp+OIOF1kDNqPQERlxgDu
NuVPT9Cwtcsh3In7mwjqLFmC12ITCg90hnHZPmxinPGkuNI0pxpqodH2roB2KJ0J
dsqeU0lNcoK4giEp2cUaz6ZysBJOgLGIxuZexG5nREWror2pWrK6rY/LbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJwn6B7UyaVDXdmi6v1jJu2JVeUbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbkNmb0h0VEpwVU5kMmFMcV9XTW03WWxWNVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOYAwQA
BecdAwQABedGAwQATVoMAwQATVoWAwQATVoqMA0GCSqGSIb3DQEBCwUAA4IBAQB6
568YKMkFbocNU6N/N/PcqsnC+G7rQ83GzbpgDBoRn1sv6z+dbeQYqnDeCyR3iDFP
XfXIC7yHdq0iT0prgZbepZcGfcesrhIZHmlYUUx4k/IA5xEFYcgSOdgIT8ONED3Q
/KmZWnVG+hFIGTbpDQ2QOI67BkBk0iYyIUtomBs/hfJRu7Mr6CcktvuOrzH3GWPG
spGkD7NGiOLcPqh46on5X2J8ZmAzdF5s3SHZ/JGM3kzg1vaLGPs9Ko7Xy1uGCMl6
iCGHlBZf35IzqAxx+uqxB2DWFtNN5ZNAza+AYo0h85n2Rt6UDjs8TVwUO6dD7xGM
gggdPbvDK2ka5XXO5lG6
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:19 2025 by rpki-client