Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/os0QMyIxdJviqk5YsqSdI6tnrLQ.roa
File: os0QMyIxdJviqk5YsqSdI6tnrLQ.roa (raw, json)
Hash identifier: ymgP2CD0k4+XD7+a+JKhCIFKl1iF61dx2iReRLBvKn0=
Subject key identifier: A2:CD:10:33:22:31:74:9B:E2:AA:4E:58:B2:A4:9D:23:AB:67:AC:B4
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01944050B801319716DBF409CE6C1D42D493
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/os0QMyIxdJviqk5YsqSdI6tnrLQ.roa
Signing time: Tue 07 Jan 2025 10:30:19 +0000
ROA not before: Tue 07 Jan 2025 10:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.133.103.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.78.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.254.52.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:50:b8:01:31:97:16:db:f4:09:ce:6c:1d:42:d4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 7 10:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2cd10332231749be2aa4e58b2a49d23ab67acb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:f1:f5:94:ef:90:77:d5:68:5b:16:e0:06:
33:49:8b:3f:72:dc:1c:bb:12:f5:68:4a:c1:78:74:
9c:c3:43:2e:93:66:90:f6:5d:2b:3d:ab:18:71:d5:
24:69:cb:63:f6:45:fd:96:63:91:57:75:70:2b:61:
82:b4:e9:54:44:f9:66:33:e1:bc:73:fc:e4:76:b9:
33:1d:94:4c:09:21:a0:6e:f8:eb:f7:b0:ac:35:79:
c3:e2:87:44:17:93:47:c8:fc:6c:2f:35:d3:7a:9f:
c8:dc:9e:df:24:c8:3f:48:44:86:b8:7c:17:0d:9d:
9f:cd:b2:2a:a7:2f:5a:87:7e:35:98:c3:c0:ac:51:
33:c2:64:d0:0e:d9:fe:23:c1:d7:fa:f2:e2:bc:25:
90:b4:8c:56:12:16:75:e4:fe:bd:aa:f5:73:80:bf:
f0:80:9b:e3:2b:91:a1:66:f6:05:f0:02:55:f5:3d:
7e:73:a9:3b:09:06:eb:a7:06:76:6c:a2:b6:47:d6:
9a:37:92:11:6c:19:cc:d3:1c:20:cf:ef:34:5d:b0:
1b:fa:dc:5f:79:c6:f5:3d:8a:b2:45:88:94:a1:af:
ba:c5:64:03:4a:c9:28:b1:5b:18:85:c2:a2:15:b2:
19:ca:e6:15:fb:74:90:5a:4b:48:f4:dd:4b:6e:d2:
80:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CD:10:33:22:31:74:9B:E2:AA:4E:58:B2:A4:9D:23:AB:67:AC:B4
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/os0QMyIxdJviqk5YsqSdI6tnrLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.103.0/24
37.221.76.0/24
37.221.78.0/23
85.235.72.0-85.235.74.255
93.190.8.0/24
93.190.10.0/23
176.96.130.0/24
185.254.52.0/24
193.17.4.0/22
193.111.76.0/22
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c9:b0:6f:af:ec:46:35:d4:da:a2:3e:13:38:02:f7:a0:23:
e1:97:aa:12:bf:f1:56:44:97:13:76:1c:4c:9f:a0:a5:71:3c:
c6:f2:fb:c3:af:87:01:dd:8c:4d:d7:7f:b6:38:40:01:9e:c4:
10:1b:56:1f:2a:99:49:3f:73:e4:f3:50:ca:93:15:e4:9f:32:
0c:48:c9:15:3f:a5:bd:4b:73:6d:e1:38:22:b4:fc:94:e4:e8:
dd:26:51:22:77:46:1e:09:d9:62:16:85:09:9c:66:a3:63:b0:
78:45:24:44:ff:55:f5:f3:e5:0e:2d:79:61:eb:a9:ba:e5:19:
f0:83:8e:61:c7:cf:89:e4:69:91:54:d0:42:be:3f:40:9c:92:
88:40:d5:3a:54:57:4c:d1:b3:39:4f:94:ae:69:4f:2c:2c:5e:
22:05:e5:f9:60:18:88:89:ae:14:bf:9b:ae:2d:a2:11:a1:70:
b3:b5:c2:d0:25:e2:e8:93:b2:44:54:65:4a:54:b5:09:69:31:
37:de:f6:c8:e1:11:0f:3b:61:2a:92:75:c6:ab:88:ae:91:6a:
35:27:0c:b6:6c:ed:00:00:d7:e0:7d:fa:db:40:39:f9:3f:2f:
c8:b8:ca:d0:e0:39:3e:54:05:32:42:f1:1e:d8:e8:8e:57:52:
39:a7:e2:23
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZRAULgBMZcW2/QJzmwdQtSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTA3MTAzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmNkMTAzMzIyMzE3NDliZTJhYTRlNThiMmE0OWQyM2FiNjdhY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhHx9ZTvkHfVaFsW4AYzSYs/ctwc
uxL1aErBeHScw0Muk2aQ9l0rPasYcdUkactj9kX9lmORV3VwK2GCtOlURPlmM+G8
c/zkdrkzHZRMCSGgbvjr97CsNXnD4odEF5NHyPxsLzXTep/I3J7fJMg/SESGuHwX
DZ2fzbIqpy9ah341mMPArFEzwmTQDtn+I8HX+vLivCWQtIxWEhZ15P69qvVzgL/w
gJvjK5GhZvYF8AJV9T1+c6k7CQbrpwZ2bKK2R9aaN5IRbBnM0xwgz+80XbAb+txf
ecb1PYqyRYiUoa+6xWQDSskosVsYhcKiFbIZyuYV+3SQWktI9N1LbtKA1wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKLNEDMiMXSb4qpOWLKknSOrZ6y0MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvb3MwUU15SXhkSnZpcWs1WXNxU2RJNnRuckxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABYVnAwQA
Jd1MAwQBJd1OMAwDBANV60gDBABV60oDBABdvggDBAFdvgoDBACwYIIDBAC5/jQD
BALBEQQDBALBb0wDBADZEtADBADZEtMwDQYJKoZIhvcNAQELBQADggEBAAjJsG+v
7EY11NqiPhM4AvegI+GXqhK/8VZElxN2HEyfoKVxPMby+8OvhwHdjE3Xf7Y4QAGe
xBAbVh8qmUk/c+TzUMqTFeSfMgxIyRU/pb1Lc23hOCK0/JTk6N0mUSJ3Rh4J2WIW
hQmcZqNjsHhFJET/VfXz5Q4teWHrqbrlGfCDjmHHz4nkaZFU0EK+P0CckohA1TpU
V0zRszlPlK5pTywsXiIF5flgGIiJrhS/m64tohGhcLO1wtAl4uiTskRUZUpUtQlp
MTfe9sjhEQ87YSqSdcariK6RajUnDLZs7QAA1+B9+ttAOfk/L8i4ytDgOT5UBTJC
8R7Y6I5XUjmn4iM=
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:42:57 2025 by rpki-client