Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/J1hhtf3gTs8cmUIBfj_g7V7c5qk.roa
File: J1hhtf3gTs8cmUIBfj_g7V7c5qk.roa (raw, json)
Hash identifier: Str6Vmr/NRskfnPMQpbp4pXOuly0BQP6BEJAk+C3Jm4=
Subject key identifier: 27:58:61:B5:FD:E0:4E:CF:1C:99:42:01:7E:3F:E0:ED:5E:DC:E6:A9
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA66BEF374B2B332C82C05772E33E9
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/J1hhtf3gTs8cmUIBfj_g7V7c5qk.roa
Signing time: Wed 01 Jan 2025 03:48:11 +0000
ROA not before: Wed 01 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 5.181.54.0/24 maxlen: 24
37.140.240.0/24 maxlen: 24
46.18.106.0/24 maxlen: 24
62.204.33.0/24 maxlen: 24
83.138.49.0/24 maxlen: 24
89.248.64.0/24 maxlen: 24
91.247.186.0/24 maxlen: 24
95.130.228.0/24 maxlen: 24
146.19.41.0/24 maxlen: 24
146.19.186.0/24 maxlen: 24
176.126.126.0/24 maxlen: 24
185.145.232.0/24 maxlen: 24
185.201.253.0/24 maxlen: 24
188.244.118.0/24 maxlen: 24
193.104.183.0/24 maxlen: 24
193.163.124.0/24 maxlen: 24
193.228.228.0/24 maxlen: 24
194.32.105.0/24 maxlen: 24
194.156.78.0/24 maxlen: 24
212.52.8.0/24 maxlen: 24
213.109.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:66:be:f3:74:b2:b3:32:c8:2c:05:77:2e:33:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=275861b5fde04ecf1c9942017e3fe0ed5edce6a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:92:e6:3c:58:37:0d:9f:ed:cd:cd:95:c7:
8f:52:5f:61:6c:6d:fb:a8:8f:1d:db:52:72:d6:b9:
3b:04:e9:37:b9:47:12:2e:38:43:59:2f:42:0e:97:
c0:63:8b:7b:ae:52:95:f0:59:9f:f4:28:66:72:58:
cd:d1:d8:de:37:4a:4a:cb:a6:4b:b0:3e:cf:7e:de:
f3:ac:44:55:9b:04:e5:ac:85:26:63:ce:35:fb:7f:
9d:54:b3:d8:6d:4f:18:7d:6e:16:a8:5a:f5:eb:b8:
b9:3f:1d:d2:14:95:84:b1:3a:65:3e:48:e2:58:25:
9c:37:34:55:76:27:49:16:b5:e1:6f:3a:f1:14:22:
db:09:78:ef:3f:c8:2a:93:e4:10:4a:ca:ce:8d:ce:
e4:5d:9c:3e:5f:ae:a7:44:7d:15:13:a3:3c:fe:95:
0e:d0:28:f9:02:eb:62:20:b6:82:a4:18:e6:6c:0d:
b3:61:33:52:76:86:93:3d:ca:b0:98:28:cd:f6:43:
b4:4a:bd:8a:3e:56:33:41:80:fa:c8:f3:67:36:04:
71:f8:42:d1:88:26:6d:b5:af:c0:44:b7:72:d4:81:
81:98:c5:bd:75:52:6d:a9:3e:d5:ea:ba:97:2a:2c:
c1:54:92:b0:0f:84:21:4d:c2:27:0d:da:b6:96:9d:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:58:61:B5:FD:E0:4E:CF:1C:99:42:01:7E:3F:E0:ED:5E:DC:E6:A9
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/J1hhtf3gTs8cmUIBfj_g7V7c5qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.54.0/24
37.140.240.0/24
46.18.106.0/24
62.204.33.0/24
83.138.49.0/24
89.248.64.0/24
91.247.186.0/24
95.130.228.0/24
146.19.41.0/24
146.19.186.0/24
176.126.126.0/24
185.145.232.0/24
185.201.253.0/24
188.244.118.0/24
193.104.183.0/24
193.163.124.0/24
193.228.228.0/24
194.32.105.0/24
194.156.78.0/24
212.52.8.0/24
213.109.158.0/24
Signature Algorithm: sha256WithRSAEncryption
93:9a:03:a6:c3:bc:3c:ea:6d:a9:a1:ee:8d:36:65:f2:0a:a7:
a0:72:53:87:35:72:c8:85:1c:f9:81:ee:45:18:eb:c1:d7:0a:
6b:6a:0e:4b:19:a7:41:37:7d:82:55:01:51:46:9b:dc:4c:a7:
ba:d5:c6:49:c5:91:85:6d:21:0c:9b:0c:9b:1a:90:fa:c5:5c:
51:c3:96:e7:1b:eb:90:dc:91:3a:c1:50:8c:6f:08:a8:ae:07:
3b:4e:43:30:0b:f1:d4:37:ad:72:81:5c:a5:db:51:48:2f:14:
21:3e:fb:21:2a:0a:96:26:0b:62:d0:10:7d:77:e2:dc:55:52:
f3:4a:b1:62:da:38:4c:28:a4:6e:16:3f:d7:30:8c:7d:79:3d:
d3:c7:2b:5d:75:89:97:66:33:95:bd:41:0b:d6:7f:03:4a:95:
5e:13:f1:ab:8d:59:3f:d7:6d:51:f4:81:64:89:7e:04:57:2b:
0a:c8:02:02:aa:92:81:f9:56:48:fc:1e:a1:6c:ab:ac:0f:b7:
ef:3b:0d:ce:17:5b:66:43:8d:8a:9f:a7:84:fe:ea:51:e9:67:
05:ee:13:0d:36:68:f2:17:50:5a:64:e8:bd:b4:bb:32:dc:84:
13:67:b2:b0:51:2a:3a:c3:be:a4:88:7c:26:da:a0:ec:9b:85:
94:38:22:76
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQf+ma+83SyszLILAV3LjPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU4NjFiNWZkZTA0ZWNmMWM5OTQyMDE3ZTNmZTBlZDVlZGNlNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOSS5jxYNw2f7c3NlcePUl9hbG37
qI8d21Jy1rk7BOk3uUcSLjhDWS9CDpfAY4t7rlKV8Fmf9ChmcljN0djeN0pKy6ZL
sD7Pft7zrERVmwTlrIUmY841+3+dVLPYbU8YfW4WqFr167i5Px3SFJWEsTplPkji
WCWcNzRVdidJFrXhbzrxFCLbCXjvP8gqk+QQSsrOjc7kXZw+X66nRH0VE6M8/pUO
0Cj5AutiILaCpBjmbA2zYTNSdoaTPcqwmCjN9kO0Sr2KPlYzQYD6yPNnNgRx+ELR
iCZtta/ARLdy1IGBmMW9dVJtqT7V6rqXKizBVJKwD4QhTcInDdq2lp1EnQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCdYYbX94E7PHJlCAX4/4O1e3OapMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvSjFoaHRmM2dUczhjbVVJQmZqX2c3VjdjNXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAW1
NgMEACWM8AMEAC4SagMEAD7MIQMEAFOKMQMEAFn4QAMEAFv3ugMEAF+C5AMEAJIT
KQMEAJITugMEALB+fgMEALmR6AMEALnJ/QMEALz0dgMEAMFotwMEAMGjfAMEAMHk
5AMEAMIgaQMEAMKcTgMEANQ0CAMEANVtnjANBgkqhkiG9w0BAQsFAAOCAQEAk5oD
psO8POptqaHujTZl8gqnoHJThzVyyIUc+YHuRRjrwdcKa2oOSxmnQTd9glUBUUab
3EynutXGScWRhW0hDJsMmxqQ+sVcUcOW5xvrkNyROsFQjG8IqK4HO05DMAvx1Det
coFcpdtRSC8UIT77ISoKliYLYtAQfXfi3FVS80qxYto4TCikbhY/1zCMfXk908cr
XXWJl2Yzlb1BC9Z/A0qVXhPxq41ZP9dtUfSBZIl+BFcrCsgCAqqSgflWSPweoWyr
rA+37zsNzhdbZkONip+nhP7qUelnBe4TDTZo8hdQWmTovbS7MtyEE2eysFEqOsO+
pIh8Jtqg7JuFlDgidg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:12:40 2025 by rpki-client