Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/C3i5Ors_k0YuILDAn2cen9iIcLY.roa
File: C3i5Ors_k0YuILDAn2cen9iIcLY.roa (raw, json)
Hash identifier: OqlvQAVx5ddIpft6CD4bz+Ui36SY43ZVDrKeFlXokTM=
Subject key identifier: 0B:78:B9:3A:BB:3F:93:46:2E:20:B0:C0:9F:67:1E:9F:D8:88:70:B6
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0195708ACEF543FF95AD03049C1442275D3C
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/C3i5Ors_k0YuILDAn2cen9iIcLY.roa
Signing time: Fri 07 Mar 2025 12:18:19 +0000
ROA not before: Fri 07 Mar 2025 12:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44050
IP address blocks: 5.101.89.0/24 maxlen: 24
45.156.212.0/22 maxlen: 22
45.159.200.0/22 maxlen: 22
46.161.16.0/22 maxlen: 22
91.151.176.0/20 maxlen: 20
95.215.0.0/22 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
2a01:8380::/32 maxlen: 32
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:8a:ce:f5:43:ff:95:ad:03:04:9c:14:42:27:5d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Mar 7 12:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b78b93abb3f93462e20b0c09f671e9fd88870b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ff:3c:5d:22:4c:6f:ac:c0:76:8b:88:d7:71:
7a:2f:60:fd:18:e7:5c:02:50:51:f1:37:de:79:35:
00:2c:12:b1:f3:7b:ca:0c:1f:27:d9:5e:2f:f2:f7:
8e:41:a0:1a:0c:9a:0e:85:ef:30:f7:a2:f9:3f:f3:
4e:ec:6a:2e:8a:07:74:d1:c4:8a:65:57:60:8b:1e:
a2:22:02:b6:2d:59:e4:e2:64:ea:8f:4e:65:e1:f5:
87:ca:65:ff:67:9e:e4:48:65:3d:5a:d2:7c:32:bb:
86:4a:2f:6c:79:0c:f8:7f:93:bc:65:0a:ff:83:4d:
3b:57:03:b6:c5:d6:75:5c:33:fd:73:03:ba:3f:4a:
a2:fa:dc:d9:e9:09:16:77:cc:22:29:25:32:36:2b:
a1:b4:3a:ab:90:98:2c:33:d2:f8:2e:26:e1:a1:51:
c3:37:e5:be:85:16:69:97:11:6f:3b:24:81:f2:be:
f1:10:6a:ac:ac:de:f9:45:ce:06:3e:4b:39:8b:84:
1d:77:7d:cd:ae:7a:02:9b:7c:d7:fd:59:55:f1:c4:
54:3a:5f:1a:6c:75:35:aa:eb:9d:24:e7:7d:86:5d:
2b:70:e9:a4:65:7e:fb:76:65:62:58:e2:63:dd:18:
01:d2:11:89:b3:d7:41:e6:2d:6f:12:8d:48:c9:11:
03:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:78:B9:3A:BB:3F:93:46:2E:20:B0:C0:9F:67:1E:9F:D8:88:70:B6
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/C3i5Ors_k0YuILDAn2cen9iIcLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
45.156.212.0/22
45.159.200.0/22
46.161.16.0/22
91.151.176.0/20
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a01:8380::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
c1:6d:8f:02:cb:4b:e5:ce:56:4d:d7:e0:de:4b:53:52:80:5e:
ae:51:61:f2:99:cc:49:f5:07:1d:ea:9d:96:ec:6b:74:df:9c:
55:47:10:01:08:92:7d:56:8f:b0:5c:07:97:cf:59:19:9c:92:
ac:8c:0d:ff:bb:cd:07:17:ee:f8:c5:b0:cf:84:c7:c9:56:07:
4f:02:af:3f:98:02:d1:55:ae:e4:7c:06:89:e6:11:29:02:e9:
91:78:b4:01:c9:af:60:fa:d7:e0:af:8a:e0:99:0f:bf:dd:2f:
a1:78:08:c5:7f:16:62:47:43:dc:98:74:fb:e2:84:c0:18:e6:
2d:75:8f:09:d5:8e:34:00:99:cf:23:8b:c2:02:b6:63:35:e8:
d6:46:87:7b:a8:c6:56:45:14:24:3a:4f:c6:00:9e:73:fe:45:
0b:f5:ad:f9:1e:2f:66:a5:e3:16:cb:63:8a:ae:95:53:3c:a4:
26:c8:cc:83:88:25:59:d5:9a:33:be:9e:67:f8:eb:22:14:05:
d2:7e:a8:df:a1:38:03:1d:e6:46:3b:31:ac:8a:8b:61:5f:e4:
c0:a4:7d:01:73:1f:b2:c4:3b:dd:cb:29:27:28:4c:39:04:66:
07:a6:f5:0f:59:aa:e5:f0:62:33:53:ae:86:28:6f:2e:b0:9a:
d5:fc:3b:c1
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZVwis71Q/+VrQMEnBRCJ108MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMzA3MTIxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjc4YjkzYWJiM2Y5MzQ2MmUyMGIwYzA5ZjY3MWU5ZmQ4ODg3MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv88XSJMb6zAdouI13F6L2D9GOdc
AlBR8TfeeTUALBKx83vKDB8n2V4v8veOQaAaDJoOhe8w96L5P/NO7Gouigd00cSK
ZVdgix6iIgK2LVnk4mTqj05l4fWHymX/Z57kSGU9WtJ8MruGSi9seQz4f5O8ZQr/
g007VwO2xdZ1XDP9cwO6P0qi+tzZ6QkWd8wiKSUyNiuhtDqrkJgsM9L4LibhoVHD
N+W+hRZplxFvOySB8r7xEGqsrN75Rc4GPks5i4Qdd33NrnoCm3zX/VlV8cRUOl8a
bHU1quudJOd9hl0rcOmkZX77dmViWOJj3RgB0hGJs9dB5i1vEo1IyREDSwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAt4uTq7P5NGLiCwwJ9nHp/YiHC2MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvQzNpNU9yc19rMFl1SUxEQW4yY2VuOWlJY0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQABWVZAwQC
LZzUAwQCLZ/IAwQCLqEQAwQEW5ewAwQCX9cAAwQHvI+AAwQBwwLwMCIEAgACMBwD
BQAqAB14AwUAKgGDgAMFAyoMhwADBQMqDY/AMA0GCSqGSIb3DQEBCwUAA4IBAQDB
bY8Cy0vlzlZN1+DeS1NSgF6uUWHymcxJ9Qcd6p2W7Gt035xVRxABCJJ9Vo+wXAeX
z1kZnJKsjA3/u80HF+74xbDPhMfJVgdPAq8/mALRVa7kfAaJ5hEpAumReLQBya9g
+tfgr4rgmQ+/3S+heAjFfxZiR0PcmHT74oTAGOYtdY8J1Y40AJnPI4vCArZjNejW
Rod7qMZWRRQkOk/GAJ5z/kUL9a35Hi9mpeMWy2OKrpVTPKQmyMyDiCVZ1Zozvp5n
+OsiFAXSfqjfoTgDHeZGOzGsiothX+TApH0Bcx+yxDvdyyknKEw5BGYHpvUPWarl
8GIzU66GKG8usJrV/DvB
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:44:39 2025 by rpki-client