Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/122b2d-5d87-478c-8522-89d66ac72e02/1/ibWU2hc-15QgZKi7MldaZ8Rm5_8.roa
File: ibWU2hc-15QgZKi7MldaZ8Rm5_8.roa (raw, json)
Hash identifier: bP6Dry9UHojDKjvZz2pROS6WfkRMKw8CNymma91NgNI=
Subject key identifier: 89:B5:94:DA:17:3E:D7:94:20:64:A8:BB:32:57:5A:67:C4:66:E7:FF
Certificate issuer: /CN=117f8c9a7fc7f13658d62afbeb6f39882da511cc
Certificate serial: 019424B371F8FA9851E23E36014A355C274E
Authority key identifier: 11:7F:8C:9A:7F:C7:F1:36:58:D6:2A:FB:EB:6F:39:88:2D:A5:11:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-Mmn_H8TZY1ir76285iC2lEcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/122b2d-5d87-478c-8522-89d66ac72e02/1/ibWU2hc-15QgZKi7MldaZ8Rm5_8.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59432
IP address blocks: 5.134.112.0/21 maxlen: 21
5.134.112.0/24 maxlen: 24
5.134.113.0/24 maxlen: 24
5.134.114.0/24 maxlen: 24
5.134.115.0/24 maxlen: 24
5.134.116.0/24 maxlen: 24
5.134.117.0/24 maxlen: 24
5.134.118.0/24 maxlen: 24
5.134.119.0/24 maxlen: 24
185.47.128.0/22 maxlen: 22
185.47.128.0/24 maxlen: 24
185.47.129.0/24 maxlen: 24
185.47.130.0/24 maxlen: 24
185.47.131.0/24 maxlen: 24
188.213.4.0/22 maxlen: 22
188.213.4.0/24 maxlen: 24
188.213.5.0/24 maxlen: 24
188.213.6.0/24 maxlen: 24
188.213.7.0/24 maxlen: 24
2a03:c7c0::/32 maxlen: 32
2a03:c7c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:71:f8:fa:98:51:e2:3e:36:01:4a:35:5c:27:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f8c9a7fc7f13658d62afbeb6f39882da511cc
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89b594da173ed7942064a8bb32575a67c466e7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4a:79:96:cf:54:38:70:58:d9:94:0f:6c:c3:
4d:2c:d2:07:6b:88:e1:27:bf:1f:59:7f:a8:8c:6a:
fc:a7:78:ac:fa:84:b1:d1:a1:ae:5c:fa:1a:23:d1:
c2:6b:79:b1:fe:bb:60:d3:78:0d:0e:60:99:82:66:
c1:6a:57:f1:a6:98:58:b9:27:3b:a8:a8:b6:98:d9:
bc:32:d5:62:ea:14:39:4d:9d:7b:f1:48:30:3c:dd:
db:29:bc:97:f0:bb:23:30:ca:0a:ce:97:ba:a8:24:
3d:33:c6:98:cf:54:82:c3:d5:05:4e:04:21:27:b5:
28:51:e6:e4:a4:31:bf:c3:15:32:5c:5a:4d:5d:d3:
e4:82:f2:3d:c9:7f:98:d1:ea:8e:aa:a1:da:7b:c0:
84:19:40:77:28:ba:3f:a5:cd:c0:34:4d:b6:fb:5c:
67:b9:28:8b:7b:fe:84:82:ae:ab:b5:21:9b:3b:0e:
87:b0:da:61:1b:81:8c:31:d2:ba:ef:be:6b:30:0b:
29:8b:ac:c1:74:3a:46:85:e6:65:9b:6c:18:eb:6e:
b3:0e:5e:3d:d0:c6:b4:e0:d1:14:44:9f:a6:73:04:
21:42:9f:f7:91:19:a7:57:f5:57:05:57:46:e5:fe:
db:00:6c:14:13:09:6c:47:dc:d5:49:6e:ec:ac:09:
79:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B5:94:DA:17:3E:D7:94:20:64:A8:BB:32:57:5A:67:C4:66:E7:FF
X509v3 Authority Key Identifier:
keyid:11:7F:8C:9A:7F:C7:F1:36:58:D6:2A:FB:EB:6F:39:88:2D:A5:11:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-Mmn_H8TZY1ir76285iC2lEcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/122b2d-5d87-478c-8522-89d66ac72e02/1/ibWU2hc-15QgZKi7MldaZ8Rm5_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/122b2d-5d87-478c-8522-89d66ac72e02/1/EX-Mmn_H8TZY1ir76285iC2lEcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.112.0/21
185.47.128.0/22
188.213.4.0/22
IPv6:
2a03:c7c0::/31
Signature Algorithm: sha256WithRSAEncryption
25:ed:88:0a:b7:29:d9:3c:35:63:70:ea:9c:54:3f:26:57:e3:
52:a9:64:f3:40:83:1a:55:56:6a:58:df:74:85:79:43:d7:1d:
09:ab:a6:1c:14:5e:82:7b:df:0d:46:da:3f:e9:53:c9:1e:92:
dd:6a:08:6e:59:a7:06:53:43:4a:b9:b4:0e:27:cf:44:99:90:
bd:e9:9f:d4:b1:32:c7:15:b2:50:9e:88:5c:7a:34:3a:49:30:
98:c0:7e:3d:29:05:fd:0e:f9:aa:ac:92:12:07:20:33:6d:0b:
a6:a7:85:67:be:a5:0f:65:77:74:c5:e9:97:cc:ee:c0:1a:30:
5f:9b:47:67:16:c8:04:83:3e:ac:6d:1b:c7:00:ec:d6:64:6f:
81:d1:8c:98:09:11:50:63:ac:a1:6f:e1:75:f0:22:03:1c:9d:
0a:c9:72:fc:37:d1:68:cb:6e:be:ad:08:3b:a7:40:b1:0e:bf:
55:48:cf:cd:bb:76:b8:0e:0f:2c:76:78:dc:d3:70:de:5a:7c:
5b:86:4f:5a:b9:a7:4a:3b:83:e5:df:44:11:c5:c2:00:62:11:
93:7f:85:9d:e6:f0:dc:53:3a:b0:5f:6d:0c:c8:e5:53:55:14:
c3:0f:be:57:11:3c:48:95:cf:01:45:f4:f3:ca:f4:0a:00:e3:
b3:74:94:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQks3H4+phR4j42AUo1XCdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y4YzlhN2ZjN2YxMzY1OGQ2MmFmYmViNmYzOTg4MmRh
NTExY2MwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWI1OTRkYTE3M2VkNzk0MjA2NGE4YmIzMjU3NWE2N2M0NjZlN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEp5ls9UOHBY2ZQPbMNNLNIHa4jh
J78fWX+ojGr8p3is+oSx0aGuXPoaI9HCa3mx/rtg03gNDmCZgmbBalfxpphYuSc7
qKi2mNm8MtVi6hQ5TZ178UgwPN3bKbyX8LsjMMoKzpe6qCQ9M8aYz1SCw9UFTgQh
J7UoUebkpDG/wxUyXFpNXdPkgvI9yX+Y0eqOqqHae8CEGUB3KLo/pc3ANE22+1xn
uSiLe/6Egq6rtSGbOw6HsNphG4GMMdK6775rMAspi6zBdDpGheZlm2wY626zDl49
0Ma04NEURJ+mcwQhQp/3kRmnV/VXBVdG5f7bAGwUEwlsR9zVSW7srAl5bQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIm1lNoXPteUIGSouzJXWmfEZuf/MB8GA1UdIwQY
MBaAFBF/jJp/x/E2WNYq++tvOYgtpRHMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtTW1uX0g4VFpZMWlyNzYyODVpQzJsRWN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xMjJiMmQtNWQ4Ny00NzhjLTg1MjIt
ODlkNjZhYzcyZTAyLzEvaWJXVTJoYy0xNVFnWktpN01sZGFaOFJtNV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xMjJiMmQtNWQ4Ny00NzhjLTg1MjItODlkNjZhYzcyZTAy
LzEvRVgtTW1uX0g4VFpZMWlyNzYyODVpQzJsRWN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBYZwAwQC
uS+AAwQCvNUEMA0EAgACMAcDBQEqA8fAMA0GCSqGSIb3DQEBCwUAA4IBAQAl7YgK
tynZPDVjcOqcVD8mV+NSqWTzQIMaVVZqWN90hXlD1x0Jq6YcFF6Ce98NRto/6VPJ
HpLdaghuWacGU0NKubQOJ89EmZC96Z/UsTLHFbJQnohcejQ6STCYwH49KQX9Dvmq
rJISByAzbQump4VnvqUPZXd0xemXzO7AGjBfm0dnFsgEgz6sbRvHAOzWZG+B0YyY
CRFQY6yhb+F18CIDHJ0KyXL8N9Foy26+rQg7p0CxDr9VSM/Nu3a4Dg8sdnjc03De
Wnxbhk9auadKO4Pl30QRxcIAYhGTf4Wd5vDcUzqwX20MyOVTVRTDD75XETxIlc8B
RfTzyvQKAOOzdJSS
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:13:07 2025 by rpki-client