Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/z1I49VKZa0zYnepO5x-am2Dgp1o.roa
File: z1I49VKZa0zYnepO5x-am2Dgp1o.roa (raw, json)
Hash identifier: iYflmSeXPbFzgHDq/JSTgqsLm0N34qbn/RqeCwnTnqM=
Subject key identifier: CF:52:38:F5:52:99:6B:4C:D8:9D:EA:4E:E7:1F:9A:9B:60:E0:A7:5A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01958DE415BE3B16A2097C08F1474EC83FC4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/z1I49VKZa0zYnepO5x-am2Dgp1o.roa
Signing time: Thu 13 Mar 2025 05:04:50 +0000
ROA not before: Thu 13 Mar 2025 05:04:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.26.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.130.0/24 maxlen: 24
89.106.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8d:e4:15:be:3b:16:a2:09:7c:08:f1:47:4e:c8:3f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 13 05:04:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf5238f552996b4cd89dea4ee71f9a9b60e0a75a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5a:1a:6c:a2:16:ac:14:1f:75:f8:da:fc:28:
28:52:ea:61:97:b4:74:f2:11:b3:80:4f:3b:47:67:
4a:d9:90:ce:27:2f:ea:43:f9:8d:dc:78:f7:4a:28:
dc:79:9a:16:f2:67:68:ad:28:00:f9:e1:7d:22:08:
a4:35:83:8d:de:70:1d:37:b5:dd:5d:4c:1f:eb:74:
2b:99:91:53:74:6d:a9:6d:c4:5b:c3:df:6d:28:14:
dd:31:53:9a:6e:b9:8a:57:ae:f3:53:69:d2:c3:bf:
91:1f:98:7f:ec:d9:05:17:1e:9c:24:2c:5c:75:70:
fc:5b:95:73:49:e1:d0:5f:23:16:8b:a9:01:38:19:
03:e2:46:85:dc:67:f3:16:10:00:5d:1c:04:85:ef:
63:7c:9c:6f:4c:f8:27:23:7f:97:34:81:f0:3f:b8:
18:15:39:0d:fd:7f:8a:44:69:ff:90:70:86:f7:9d:
14:3a:46:52:3d:3b:0e:9a:e8:f3:20:9a:72:33:13:
a7:83:fd:3f:68:a1:8f:0d:dd:d3:77:bc:cb:3e:7d:
59:c8:f1:3f:b4:3e:5c:58:8f:7d:5c:bc:d7:95:c2:
26:ee:62:92:89:e3:d9:00:c8:e5:ac:5c:ec:8e:91:
5e:d9:9f:84:df:92:3f:f3:4c:e4:e5:37:7f:4b:0d:
38:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:52:38:F5:52:99:6B:4C:D8:9D:EA:4E:E7:1F:9A:9B:60:E0:A7:5A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/z1I49VKZa0zYnepO5x-am2Dgp1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.231.25.0-5.231.26.255
85.118.162.0/24
87.239.130.0/24
89.106.71.0/24
Signature Algorithm: sha256WithRSAEncryption
04:b1:cd:0a:62:a3:3c:b3:23:9b:b4:d0:94:63:88:9c:bb:90:
04:93:84:b1:23:ba:2c:06:98:b9:b9:76:96:4d:98:b8:6a:4a:
ba:f7:47:88:1b:b8:6d:d1:42:67:56:14:6a:bb:97:04:95:1e:
17:50:ab:7e:46:fa:70:a3:5b:f0:15:24:1c:90:2e:da:6e:e4:
37:75:b9:97:08:28:3a:af:e7:96:26:a2:3f:71:97:cb:20:4d:
a4:62:d0:69:8a:eb:32:89:48:8f:01:d3:b2:e6:d3:9d:8a:a2:
20:bd:2f:12:a0:b6:a2:7a:46:90:52:ee:ac:01:7e:b0:a8:7d:
35:68:3a:99:2b:e2:1f:05:21:05:e7:64:df:1b:15:b4:7f:d5:
c2:a7:e9:fb:e3:b4:a4:92:eb:d4:7e:82:59:a0:3c:ee:98:8d:
dd:a6:de:e0:b7:ff:23:bd:25:ab:00:65:a7:a1:23:0a:b9:17:
31:e2:15:7d:fd:b8:c0:b4:e1:ee:d8:93:b7:8d:e7:b8:73:b1:
15:c9:fb:a9:c4:d5:79:56:96:59:ff:9f:12:cd:39:d8:65:58:
0c:5d:cb:d1:1f:bf:6a:d4:fa:d4:64:6f:ce:18:7d:c0:9d:28:
f2:83:97:d2:dd:2b:e5:27:94:ad:77:8e:dc:33:f2:83:e3:7d:
c5:bc:ac:6c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZWN5BW+OxaiCXwI8UdOyD/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEzMDUwNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUyMzhmNTUyOTk2YjRjZDg5ZGVhNGVlNzFmOWE5YjYwZTBhNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFoabKIWrBQfdfja/CgoUuphl7R0
8hGzgE87R2dK2ZDOJy/qQ/mN3Hj3SijceZoW8mdorSgA+eF9IgikNYON3nAdN7Xd
XUwf63QrmZFTdG2pbcRbw99tKBTdMVOabrmKV67zU2nSw7+RH5h/7NkFFx6cJCxc
dXD8W5VzSeHQXyMWi6kBOBkD4kaF3GfzFhAAXRwEhe9jfJxvTPgnI3+XNIHwP7gY
FTkN/X+KRGn/kHCG950UOkZSPTsOmujzIJpyMxOng/0/aKGPDd3Td7zLPn1ZyPE/
tD5cWI99XLzXlcIm7mKSiePZAMjlrFzsjpFe2Z+E35I/80zk5Td/Sw04RQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFM9SOPVSmWtM2J3qTucfmptg4KdaMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvejFJNDlWS1phMHpZbmVwTzV4LWFtMkRncDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABVOGAwQA
Ba+MMAwDBAAF5xkDBAAF5xoDBABVdqIDBABX74IDBABZakcwDQYJKoZIhvcNAQEL
BQADggEBAASxzQpiozyzI5u00JRjiJy7kASThLEjuiwGmLm5dpZNmLhqSrr3R4gb
uG3RQmdWFGq7lwSVHhdQq35G+nCjW/AVJByQLtpu5Dd1uZcIKDqv55Ymoj9xl8sg
TaRi0GmK6zKJSI8B07Lm052KoiC9LxKgtqJ6RpBS7qwBfrCofTVoOpkr4h8FIQXn
ZN8bFbR/1cKn6fvjtKSS69R+glmgPO6Yjd2m3uC3/yO9JasAZaehIwq5FzHiFX39
uMC04e7Yk7eN57hzsRXJ+6nE1XlWlln/nxLNOdhlWAxdy9Efv2rU+tRkb84YfcCd
KPKDl9LdK+UnlK13jtwz8oPjfcW8rGw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:23:01 2025 by rpki-client