Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/PQdbtj-hTjSGcw1YwA7CeITkgLw.roa
File: PQdbtj-hTjSGcw1YwA7CeITkgLw.roa (raw, json)
Hash identifier: cm1rujojVVXEcu5OPDSkdm+bErb6x5HaRup4skQmuac=
Subject key identifier: 3D:07:5B:B6:3F:A1:4E:34:86:73:0D:58:C0:0E:C2:78:84:E4:80:BC
Certificate issuer: /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial: 019422FB8359342715303504CBF1C144EDE3
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/PQdbtj-hTjSGcw1YwA7CeITkgLw.roa
Signing time: Wed 01 Jan 2025 17:48:16 +0000
ROA not before: Wed 01 Jan 2025 17:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 5.144.128.0/21 maxlen: 21
5.144.128.0/22 maxlen: 22
5.144.128.0/23 maxlen: 23
5.144.128.0/24 maxlen: 24
5.144.129.0/24 maxlen: 24
5.144.130.0/23 maxlen: 24
5.144.130.0/24 maxlen: 24
5.144.131.0/24 maxlen: 24
5.144.132.0/22 maxlen: 22
5.144.132.0/23 maxlen: 24
5.144.132.0/24 maxlen: 24
5.144.133.0/24 maxlen: 24
5.144.134.0/23 maxlen: 24
5.144.134.0/24 maxlen: 24
5.144.135.0/24 maxlen: 24
45.92.92.0/22 maxlen: 24
45.92.92.0/23 maxlen: 24
45.92.92.0/24 maxlen: 24
45.92.93.0/24 maxlen: 24
45.92.94.0/23 maxlen: 24
45.92.94.0/24 maxlen: 24
45.92.95.0/24 maxlen: 24
45.138.132.0/22 maxlen: 24
45.138.132.0/23 maxlen: 24
45.138.132.0/24 maxlen: 24
45.138.133.0/24 maxlen: 24
45.138.134.0/24 maxlen: 24
45.138.135.0/24 maxlen: 24
185.83.112.0/22 maxlen: 22
185.83.112.0/23 maxlen: 23
185.83.112.0/24 maxlen: 24
185.83.113.0/24 maxlen: 24
185.83.114.0/23 maxlen: 24
185.83.114.0/24 maxlen: 24
185.83.115.0/24 maxlen: 24
185.83.181.0/24 maxlen: 24
185.83.183.0/24 maxlen: 24
185.169.6.0/24 maxlen: 24
185.173.104.0/22 maxlen: 24
185.173.104.0/24 maxlen: 24
185.173.105.0/24 maxlen: 24
185.173.106.0/24 maxlen: 24
185.173.107.0/24 maxlen: 24
185.205.203.0/24 maxlen: 24
185.208.76.0/23 maxlen: 23
185.208.78.0/23 maxlen: 24
185.208.78.0/24 maxlen: 24
185.208.79.0/24 maxlen: 24
193.3.231.0/24 maxlen: 24
2a05:9a00::/29 maxlen: 29
2a05:9a00::/48 maxlen: 48
2a05:9a00:1::/48 maxlen: 48
2a05:9a00:2::/48 maxlen: 48
2a05:9a00:3::/48 maxlen: 48
2a05:9a00:4::/48 maxlen: 48
2a05:9a00:1000::/48 maxlen: 48
2a05:9a00:1001::/48 maxlen: 48
2a05:9a00:1002::/48 maxlen: 48
2a05:9a00:1003::/48 maxlen: 48
2a07:e440::/29 maxlen: 29
2a10:4340::/29 maxlen: 29
2a10:5c40::/29 maxlen: 29
2a10:6140::/29 maxlen: 29
2a10:b800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:83:59:34:27:15:30:35:04:cb:f1:c1:44:ed:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Validity
Not Before: Jan 1 17:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d075bb63fa14e3486730d58c00ec27884e480bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ec:68:e3:79:f6:57:9a:1e:b3:df:4f:55:be:
d7:f3:92:f3:db:e1:41:1d:7c:05:57:80:35:af:1d:
df:8a:2c:2d:55:d5:12:e7:d5:bc:02:6a:83:4e:62:
26:e7:d8:41:0a:80:95:01:c1:14:08:86:ef:2f:41:
a7:3c:06:0e:87:49:f4:f4:fa:f0:04:76:cb:b4:99:
0e:c1:6a:a7:82:14:26:99:a4:83:38:da:cf:4c:16:
5c:4d:dc:ab:04:75:aa:a9:a9:a8:ba:d7:1f:ba:ae:
d5:c0:31:f6:7a:df:b2:f9:3c:93:85:bd:44:9a:6a:
0e:ed:b8:3b:1a:da:4f:0e:ec:67:10:e2:ca:3b:21:
c3:16:55:30:3e:76:78:f3:3f:dc:b1:c8:9d:55:98:
a2:94:df:26:e4:af:b5:9a:12:af:22:84:46:b7:c9:
01:23:b4:c6:55:64:1c:26:3d:e3:a4:ac:cc:85:1f:
69:ed:5f:5e:c3:fa:b3:d6:b0:1c:a5:3a:6c:d4:dc:
34:6d:8f:89:bc:71:1a:f6:56:f5:a2:47:7f:1e:f6:
0d:be:17:6b:83:b4:f6:40:11:14:e2:67:c2:a0:9e:
f5:9b:6c:45:15:69:b4:43:9a:23:fb:c0:76:a3:aa:
15:fa:09:59:c0:e7:34:00:00:8e:bb:aa:77:a1:4c:
c8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:07:5B:B6:3F:A1:4E:34:86:73:0D:58:C0:0E:C2:78:84:E4:80:BC
X509v3 Authority Key Identifier:
keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/PQdbtj-hTjSGcw1YwA7CeITkgLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.128.0/21
45.92.92.0/22
45.138.132.0/22
185.83.112.0/22
185.83.181.0/24
185.83.183.0/24
185.169.6.0/24
185.173.104.0/22
185.205.203.0/24
185.208.76.0/22
193.3.231.0/24
IPv6:
2a05:9a00::/29
2a07:e440::/29
2a10:4340::/29
2a10:5c40::/29
2a10:6140::/29
2a10:b800::/29
Signature Algorithm: sha256WithRSAEncryption
48:6b:fd:12:53:c4:b2:d1:38:e6:bb:2d:8d:2f:4c:04:f9:6d:
a2:14:55:e0:08:8c:1d:ee:82:65:12:67:f8:7d:61:ea:12:17:
02:8a:a9:5b:de:f7:48:82:5f:85:36:c8:59:77:df:c1:fc:16:
c0:ac:d7:89:72:59:ee:7f:5d:bf:bf:d1:4c:2c:f2:8a:91:d6:
1d:f4:27:2e:dd:05:8c:b5:ac:9d:ea:26:d2:3f:3f:f7:86:54:
09:be:f0:39:4c:bc:ef:59:0b:84:b9:5e:2c:2d:1b:fe:30:1e:
84:17:fe:2d:47:0a:92:82:ee:90:2a:8a:f5:2c:03:11:0c:16:
e7:84:49:a3:ff:d9:43:1d:46:e3:8c:fd:f8:88:a4:d3:03:82:
e1:37:ab:11:6d:d3:f2:d7:21:84:95:78:1c:81:19:b9:aa:2c:
4d:b7:e8:0e:29:2b:4e:6b:be:72:f1:49:ce:cc:a1:33:d2:a2:
63:65:a3:ac:ac:3a:ac:5d:cd:a5:2d:44:cb:22:54:35:15:0d:
6d:55:dd:16:35:4c:67:ec:98:0b:59:12:ef:78:07:21:66:f6:
38:e5:49:a5:a5:a4:79:8d:4c:1a:51:0b:6d:c4:ca:c4:1d:ca:
c7:79:74:e5:63:62:f5:b9:e2:a9:22:c8:60:95:d3:ff:42:29:
00:10:8b:1e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZQi+4NZNCcVMDUEy/HBRO3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjUwMTAxMTc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA3NWJiNjNmYTE0ZTM0ODY3MzBkNThjMDBlYzI3ODg0ZTQ4MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+xo43n2V5oes99PVb7X85Lz2+FB
HXwFV4A1rx3fiiwtVdUS59W8AmqDTmIm59hBCoCVAcEUCIbvL0GnPAYOh0n09Prw
BHbLtJkOwWqnghQmmaSDONrPTBZcTdyrBHWqqamoutcfuq7VwDH2et+y+TyThb1E
mmoO7bg7GtpPDuxnEOLKOyHDFlUwPnZ48z/cscidVZiilN8m5K+1mhKvIoRGt8kB
I7TGVWQcJj3jpKzMhR9p7V9ew/qz1rAcpTps1Nw0bY+JvHEa9lb1okd/HvYNvhdr
g7T2QBEU4mfCoJ71m2xFFWm0Q5oj+8B2o6oV+glZwOc0AACOu6p3oUzIuQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFD0HW7Y/oU40hnMNWMAOwniE5IC8MB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvUFFkYnRqLWhUalNHY3cxWXdBN0NlSVRrZ0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwSAQCAAEwQgMEAwWQgAME
Ai1cXAMEAi2KhAMEArlTcAMEALlTtQMEALlTtwMEALmpBgMEArmtaAMEALnNywME
ArnQTAMEAMED5zAwBAIAAjAqAwUDKgWaAAMFAyoH5EADBQMqEENAAwUDKhBcQAMF
AyoQYUADBQMqELgAMA0GCSqGSIb3DQEBCwUAA4IBAQBIa/0SU8Sy0Tjmuy2NL0wE
+W2iFFXgCIwd7oJlEmf4fWHqEhcCiqlb3vdIgl+FNshZd9/B/BbArNeJclnuf12/
v9FMLPKKkdYd9Ccu3QWMtayd6ibSPz/3hlQJvvA5TLzvWQuEuV4sLRv+MB6EF/4t
RwqSgu6QKor1LAMRDBbnhEmj/9lDHUbjjP34iKTTA4LhN6sRbdPy1yGElXgcgRm5
qixNt+gOKStOa75y8UnOzKEz0qJjZaOsrDqsXc2lLUTLIlQ1FQ1tVd0WNUxn7JgL
WRLveAchZvY45UmlpaR5jUwaUQttxMrEHcrHeXTlY2L1ueKpIshgldP/QikAEIse
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:48:58 2025 by rpki-client