Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/5hHUUrpRtbrAqhQLh85UWMt-ijM.roa
File: 5hHUUrpRtbrAqhQLh85UWMt-ijM.roa (raw, json)
Hash identifier: TpwpCxFKjzM1XDZIxU2ubjHBdPeH3ZZHaJ4y1ZbXsuE=
Subject key identifier: E6:11:D4:52:BA:51:B5:BA:C0:AA:14:0B:87:CE:54:58:CB:7E:8A:33
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0194C314C867F127255320842EE88A830201
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/5hHUUrpRtbrAqhQLh85UWMt-ijM.roa
Signing time: Sat 01 Feb 2025 19:55:06 +0000
ROA not before: Sat 01 Feb 2025 19:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 32
45.154.99.0/24 maxlen: 32
62.3.50.0/24 maxlen: 32
194.28.98.0/23 maxlen: 32
2a0c:b640::/32 maxlen: 128
2a0c:b641::/44 maxlen: 128
2a0c:b641:10::/44 maxlen: 128
2a0c:b641:50::/44 maxlen: 128
2a0c:b641:60::/44 maxlen: 128
2a0c:b641:530::/44 maxlen: 128
2a0c:b641:540::/44 maxlen: 128
2a0c:b641:70f::/48 maxlen: 128
2a0c:b641:820::/44 maxlen: 128
2a0d:ef07::/32 maxlen: 128
2a0f:8400::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:14:c8:67:f1:27:25:53:20:84:2e:e8:8a:83:02:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Feb 1 19:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e611d452ba51b5bac0aa140b87ce5458cb7e8a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c6:8a:a5:69:b9:03:a1:c8:6a:08:30:f3:c1:
52:cb:eb:ee:b7:65:71:26:ab:22:94:1a:39:f7:2e:
41:ad:86:99:16:8d:b7:33:07:a9:cf:1c:29:d9:6b:
b3:9b:52:c2:88:55:df:3c:20:5f:ad:35:7f:39:57:
a2:71:eb:e3:40:92:d4:bc:45:06:70:2e:7c:cc:30:
43:d1:c2:a3:5b:ec:8b:83:39:0a:c8:fd:ed:a2:9c:
39:0d:6e:20:85:a7:4c:fa:2e:c2:29:2a:ef:30:65:
54:fa:1c:a1:89:86:d4:df:89:66:f3:f4:16:b5:68:
d6:40:9c:0c:8e:e6:82:6f:3c:53:f5:a8:d5:a5:6f:
46:6f:c6:88:c9:3b:be:71:47:36:cd:90:3d:be:46:
a5:6e:10:d8:ad:38:20:23:df:e8:d7:3a:3a:99:9d:
cd:9c:56:c9:78:2a:88:83:43:f9:73:07:d5:aa:5a:
d3:20:51:c4:ee:91:07:3f:55:f7:bf:e6:04:6b:fa:
52:ac:c1:ba:7b:57:dc:76:82:aa:fe:67:54:9f:63:
59:ac:4f:0e:86:ef:ad:3e:01:00:ed:89:55:f1:49:
e0:dc:fa:9a:d4:35:88:5a:35:d0:20:ff:7f:2f:8e:
b6:e2:57:48:81:80:5a:4c:92:fa:cb:56:01:36:a7:
5f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:11:D4:52:BA:51:B5:BA:C0:AA:14:0B:87:CE:54:58:CB:7E:8A:33
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/5hHUUrpRtbrAqhQLh85UWMt-ijM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
45.154.99.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:530::-2a0c:b641:54f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0d:ef07::/32
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ac:50:06:6d:a6:b7:5b:b4:b1:a2:e1:b5:7b:37:fb:92:72:
a5:d8:f2:74:8d:95:c9:09:0b:20:e5:df:5c:44:8f:fd:00:1e:
22:f9:d4:8f:0f:de:bd:ab:bb:6c:90:60:d5:11:48:da:da:30:
7c:e0:42:7b:e9:03:8c:00:a8:87:76:d1:00:e8:4a:27:5c:c2:
a2:72:aa:22:3f:9d:bf:da:b8:f8:d1:ec:ee:18:c3:1e:5d:7b:
95:15:d6:33:d2:95:86:7c:43:e5:ac:35:a5:ec:e0:ed:d9:a1:
c5:b2:e1:22:ef:4a:e8:93:1b:c3:43:3d:70:9c:80:bf:2b:1f:
6f:98:70:fc:2b:93:80:1b:13:9c:05:60:b0:9a:b7:91:44:40:
73:15:c7:d2:10:68:c4:9f:5f:b0:a7:f0:55:54:90:60:da:6f:
c9:52:c4:64:df:fb:ab:9d:62:cb:f4:2b:0b:42:0b:27:a4:b6:
65:c1:8a:f8:88:db:69:a5:60:68:de:12:1a:7c:71:1e:2d:a8:
6a:24:ad:e9:d2:f9:90:c9:66:68:7f:a6:cc:ca:d9:f8:a3:13:
96:37:23:ea:6e:fb:92:c7:9f:92:d5:15:10:fa:3e:ea:f1:75:
9c:53:ab:29:53:b9:ff:7d:bf:1b:72:13:3f:5e:2e:74:94:38:
49:04:11:e9
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZTDFMhn8SclUyCELuiKgwIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMjAxMTk1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjExZDQ1MmJhNTFiNWJhYzBhYTE0MGI4N2NlNTQ1OGNiN2U4YTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssaKpWm5A6HIaggw88FSy+vut2Vx
JqsilBo59y5BrYaZFo23Mwepzxwp2Wuzm1LCiFXfPCBfrTV/OVeicevjQJLUvEUG
cC58zDBD0cKjW+yLgzkKyP3topw5DW4ghadM+i7CKSrvMGVU+hyhiYbU34lm8/QW
tWjWQJwMjuaCbzxT9ajVpW9Gb8aIyTu+cUc2zZA9vkalbhDYrTggI9/o1zo6mZ3N
nFbJeCqIg0P5cwfVqlrTIFHE7pEHP1X3v+YEa/pSrMG6e1fcdoKq/mdUn2NZrE8O
hu+tPgEA7YlV8Ung3Pqa1DWIWjXQIP9/L4624ldIgYBaTJL6y1YBNqdf6wIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFOYR1FK6UbW6wKoUC4fOVFjLfoozMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvNWhIVVVycFJ0YnJBcWhRTGg4NVVXTXQtaWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjAeBAIAATAYAwQALZph
AwQALZpjAwQAPgMyAwQBwhxiMGAEAgACMFowEAMFBioMtkADBwUqDLZBAAAwEgMH
BCoMtkEAUAMHBCoMtkEAYDASAwcEKgy2QQUwAwcEKgy2QQVAAwcAKgy2QQcPAwcE
Kgy2QQggAwUAKg3vBwMFACoPhAAwDQYJKoZIhvcNAQELBQADggEBAAysUAZtprdb
tLGi4bV7N/uScqXY8nSNlckJCyDl31xEj/0AHiL51I8P3r2ru2yQYNURSNraMHzg
QnvpA4wAqId20QDoSidcwqJyqiI/nb/auPjR7O4Ywx5de5UV1jPSlYZ8Q+WsNaXs
4O3ZocWy4SLvSuiTG8NDPXCcgL8rH2+YcPwrk4AbE5wFYLCat5FEQHMVx9IQaMSf
X7Cn8FVUkGDab8lSxGTf+6udYsv0KwtCCyektmXBiviI22mlYGjeEhp8cR4tqGok
renS+ZDJZmh/pszK2fijE5Y3I+pu+5LHn5LVFRD6PurxdZxTqylTuf99vxtyEz9e
LnSUOEkEEek=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:12 2025 by rpki-client