Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/z0GsC4QxLXt24cByUW_rp2Jt_CY.roa
File: z0GsC4QxLXt24cByUW_rp2Jt_CY.roa (raw, json)
Hash identifier: KpjRyhvzwgTtLzxH7MfhLTxImRlZeJeisYeOCijTbwg=
Subject key identifier: CF:41:AC:0B:84:31:2D:7B:76:E1:C0:72:51:6F:EB:A7:62:6D:FC:26
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01943D4C02432C9ADCFFD188FEA60A8B6AA5
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/z0GsC4QxLXt24cByUW_rp2Jt_CY.roa
Signing time: Mon 06 Jan 2025 20:26:18 +0000
ROA not before: Mon 06 Jan 2025 20:26:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.133.124.0/23 maxlen: 23
5.133.126.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
139.28.48.0/23 maxlen: 23
139.28.50.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
193.32.204.0/23 maxlen: 23
193.32.206.0/23 maxlen: 23
193.38.44.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
193.187.132.0/23 maxlen: 23
193.187.134.0/23 maxlen: 23
193.187.134.0/24 maxlen: 24
193.187.135.0/24 maxlen: 24
194.93.48.0/23 maxlen: 23
194.93.50.0/23 maxlen: 23
194.93.60.0/23 maxlen: 23
194.93.62.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:4c:02:43:2c:9a:dc:ff:d1:88:fe:a6:0a:8b:6a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 6 20:26:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf41ac0b84312d7b76e1c072516feba7626dfc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:71:7f:73:89:10:15:9b:e2:2b:ff:ed:d0:8e:
d9:a6:36:75:54:87:99:ab:2f:96:b1:37:01:03:eb:
cb:b8:32:ed:39:d0:94:1a:33:73:d9:44:39:ea:1f:
e5:6d:ec:32:47:32:f4:38:d3:0a:7c:6a:4e:48:c0:
c2:f0:cc:82:61:05:67:c4:59:b1:a2:11:76:9d:d7:
db:16:b7:14:31:8a:67:b1:72:f3:81:d0:63:64:a6:
d3:4f:51:5a:90:e4:04:bd:a6:1b:71:73:05:a2:77:
cb:3d:7d:1e:30:89:bb:8f:2b:3b:18:4a:49:ba:93:
86:bd:93:44:89:2b:9c:27:4a:7d:d4:9b:00:c8:3d:
71:46:d1:6b:54:32:14:49:b6:1a:c9:62:e9:b8:3d:
dc:4b:3c:cd:c9:17:35:8e:82:0a:40:70:e5:d0:95:
94:1c:7a:09:b1:e8:76:9e:47:d4:65:21:fb:49:b4:
47:01:79:4c:6b:cc:f2:33:db:64:62:fd:1d:59:56:
a5:8b:1a:08:56:39:5d:8e:f2:01:37:12:4a:be:b5:
09:43:f6:8b:d3:f5:e8:d3:93:a7:f1:ca:dc:81:ae:
3f:02:25:a3:3c:b4:06:ec:86:16:57:f0:29:14:67:
e2:44:1b:11:b5:1a:3e:05:2d:fd:bf:d7:86:72:30:
ca:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:41:AC:0B:84:31:2D:7B:76:E1:C0:72:51:6F:EB:A7:62:6D:FC:26
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/z0GsC4QxLXt24cByUW_rp2Jt_CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
62.182.32.0/22
84.54.0.0/22
139.28.48.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.38.44.0/22
193.187.132.0/22
194.93.48.0/22
194.93.60.0/22
Signature Algorithm: sha256WithRSAEncryption
33:84:dd:0e:fc:21:7c:d9:53:76:58:16:89:4c:e2:c1:b8:5e:
1b:5c:2e:85:6d:d2:27:ac:26:26:f6:22:6a:03:55:d7:6e:be:
33:eb:4a:b0:85:ed:e2:ac:18:4e:ba:2a:f9:92:64:f8:70:b3:
e7:6d:87:f8:79:be:81:24:8d:e1:62:b7:a2:c1:41:29:9e:55:
91:ea:55:e6:ae:a7:75:52:b3:02:be:8d:85:d2:b6:89:ef:25:
a1:0b:84:bc:3c:fd:da:40:41:b5:5e:e1:38:2a:9f:9d:20:e0:
20:c3:60:34:ff:81:c9:f8:01:1b:89:60:90:6e:7f:de:ae:e3:
76:4b:76:9c:36:03:9a:63:aa:29:a5:91:38:f4:b1:e1:70:a3:
93:be:e2:64:1b:7c:0f:df:43:b7:49:5c:69:33:1d:2b:63:14:
a9:df:e2:9f:66:d2:b5:68:3a:b9:59:1f:bb:79:78:fc:30:df:
ea:f0:54:2c:14:f9:87:cd:66:b5:9b:50:e8:c9:a0:43:93:a1:
98:2d:b4:fc:ce:ca:53:7d:db:21:0b:3b:62:4b:d6:e8:98:ca:
28:70:60:c9:6e:f3:31:13:2a:88:00:31:e1:eb:c5:8c:d7:30:
ab:00:5f:eb:47:38:38:f7:d3:d7:f5:df:69:be:6d:8c:e0:98:
2b:c0:7d:bb
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQ9TAJDLJrc/9GI/qYKi2qlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTA2MjAyNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQxYWMwYjg0MzEyZDdiNzZlMWMwNzI1MTZmZWJhNzYyNmRmYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nF/c4kQFZviK//t0I7ZpjZ1VIeZ
qy+WsTcBA+vLuDLtOdCUGjNz2UQ56h/lbewyRzL0ONMKfGpOSMDC8MyCYQVnxFmx
ohF2ndfbFrcUMYpnsXLzgdBjZKbTT1FakOQEvaYbcXMFonfLPX0eMIm7jys7GEpJ
upOGvZNEiSucJ0p91JsAyD1xRtFrVDIUSbYayWLpuD3cSzzNyRc1joIKQHDl0JWU
HHoJseh2nkfUZSH7SbRHAXlMa8zyM9tkYv0dWValixoIVjldjvIBNxJKvrUJQ/aL
0/Xo05On8crcga4/AiWjPLQG7IYWV/ApFGfiRBsRtRo+BS39v9eGcjDKWQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFM9BrAuEMS17duHAclFv66dibfwmMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvejBHc0M0UXhMWHQyNGNCeVVXX3JwMkp0X0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCBYV8AwQC
PrYgAwQCVDYAAwQCixwwAwQCixzwAwQCsDWcAwQCwSDMAwQCwSYsAwQCwbuEAwQC
wl0wAwQCwl08MA0GCSqGSIb3DQEBCwUAA4IBAQAzhN0O/CF82VN2WBaJTOLBuF4b
XC6FbdInrCYm9iJqA1XXbr4z60qwhe3irBhOuir5kmT4cLPnbYf4eb6BJI3hYrei
wUEpnlWR6lXmrqd1UrMCvo2F0raJ7yWhC4S8PP3aQEG1XuE4Kp+dIOAgw2A0/4HJ
+AEbiWCQbn/eruN2S3acNgOaY6oppZE49LHhcKOTvuJkG3wP30O3SVxpMx0rYxSp
3+KfZtK1aDq5WR+7eXj8MN/q8FQsFPmHzWa1m1DoyaBDk6GYLbT8zspTfdshCzti
S9bomMoocGDJbvMxEyqIADHh68WM1zCrAF/rRzg499PX9d9pvm2M4JgrwH27
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:38:41 2025 by rpki-client