Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/USr1BZseWrfiddVmQ3oagoYeVS8.roa
File: USr1BZseWrfiddVmQ3oagoYeVS8.roa (raw, json)
Hash identifier: fHK4bL/1/KZuBDBsjanJjPnUX5OQraHpiXiVTlsikY0=
Subject key identifier: 51:2A:F5:05:9B:1E:5A:B7:E2:75:D5:66:43:7A:1A:82:86:1E:55:2F
Certificate issuer: /CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Certificate serial: 019425FDC9BC7A58860AAE798D9F4778EDDC
Authority key identifier: EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/USr1BZseWrfiddVmQ3oagoYeVS8.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15924
IP address blocks: 31.177.191.0/24 maxlen: 24
46.221.0.0/18 maxlen: 18
46.221.2.0/24 maxlen: 24
46.221.4.0/24 maxlen: 24
46.221.6.0/24 maxlen: 24
46.221.7.0/24 maxlen: 24
46.221.9.0/24 maxlen: 24
46.221.12.0/24 maxlen: 24
46.221.14.0/24 maxlen: 24
46.221.15.0/24 maxlen: 24
46.221.16.0/24 maxlen: 24
46.221.18.0/24 maxlen: 24
46.221.19.0/24 maxlen: 24
46.221.24.0/24 maxlen: 24
46.221.25.0/24 maxlen: 24
46.221.26.0/24 maxlen: 24
46.221.27.0/24 maxlen: 24
46.221.28.0/24 maxlen: 24
46.221.29.0/24 maxlen: 24
46.221.30.0/24 maxlen: 24
46.221.31.0/24 maxlen: 24
46.221.32.0/24 maxlen: 24
46.221.33.0/24 maxlen: 24
46.221.34.0/24 maxlen: 24
46.221.35.0/24 maxlen: 24
46.221.36.0/24 maxlen: 24
46.221.37.0/24 maxlen: 24
46.221.38.0/24 maxlen: 24
46.221.39.0/24 maxlen: 24
46.221.40.0/24 maxlen: 24
46.221.45.0/24 maxlen: 24
46.221.47.0/24 maxlen: 24
46.221.48.0/24 maxlen: 24
46.221.49.0/24 maxlen: 24
46.221.51.0/24 maxlen: 24
46.221.56.0/24 maxlen: 24
46.221.57.0/24 maxlen: 24
46.221.59.0/24 maxlen: 24
46.221.60.0/24 maxlen: 24
46.221.61.0/24 maxlen: 24
46.221.62.0/24 maxlen: 24
46.221.63.0/24 maxlen: 24
149.0.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c9:bc:7a:58:86:0a:ae:79:8d:9f:47:78:ed:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4381ce03baa625019980f378fe41bb2b6621b9
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=512af5059b1e5ab7e275d566437a1a82861e552f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e2:20:af:45:02:65:d5:c8:5f:09:40:c0:77:
ad:50:10:94:c0:e7:ab:c2:44:ad:f5:c3:8a:fd:e7:
aa:20:51:13:2e:77:07:8c:c7:c8:aa:c1:9a:9d:dc:
ed:77:07:ed:01:42:57:4a:16:b2:32:c6:61:92:3e:
37:38:59:42:64:9d:70:75:51:39:37:da:a1:4c:d0:
cd:7d:1c:97:29:08:9a:f8:a9:9d:6b:24:30:78:8e:
70:0d:5e:41:5e:b6:e7:c0:54:a1:a5:4b:57:03:d0:
0b:48:a0:28:a0:51:c2:90:d1:9d:6e:ec:ac:ca:05:
1a:d4:c5:07:f8:1a:78:01:16:e4:14:49:ee:65:3e:
2a:41:39:ff:40:34:d4:a7:1a:c3:0c:55:d7:cb:e5:
d8:dd:ff:08:12:fb:c7:0f:f8:21:da:c9:67:aa:47:
f0:23:01:f0:20:33:41:b5:fc:84:52:a0:53:ce:f1:
9f:1e:d3:a0:87:10:f8:62:f5:42:62:a6:ff:2a:f2:
4f:e9:99:8b:15:81:b5:86:63:81:52:75:25:c3:b9:
c3:59:81:87:43:13:9d:f3:62:32:37:fc:ad:38:92:
b1:77:18:9a:5f:d1:4b:8e:e5:a2:f8:85:0c:ab:bf:
44:48:3c:f4:ee:25:9a:d4:92:77:fd:af:bc:26:9d:
8b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2A:F5:05:9B:1E:5A:B7:E2:75:D5:66:43:7A:1A:82:86:1E:55:2F
X509v3 Authority Key Identifier:
keyid:EE:43:81:CE:03:BA:A6:25:01:99:80:F3:78:FE:41:BB:2B:66:21:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kOBzgO6piUBmYDzeP5BuytmIbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/USr1BZseWrfiddVmQ3oagoYeVS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ea12b-51c6-4195-aeb6-c1addd7debaa/1/7kOBzgO6piUBmYDzeP5BuytmIbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.191.0/24
46.221.0.0/18
149.0.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:db:47:ab:6b:1c:eb:ae:aa:66:22:84:da:d8:1d:82:e9:4f:
1f:57:c4:64:18:82:53:ee:94:55:4c:64:9b:57:76:dc:7a:13:
4c:80:85:f6:7b:57:98:fb:37:f3:2a:3f:58:72:d0:50:91:c2:
ca:78:5b:3f:b5:bf:4a:1f:9e:72:60:7a:a3:c3:02:84:21:a3:
a0:7d:f2:95:a0:05:0b:56:00:14:7b:fc:f7:a7:51:8a:63:61:
ef:a7:ca:9a:f7:22:cb:b0:15:36:e1:10:a0:34:fa:54:f8:c3:
c6:fc:e6:bd:6b:cc:b8:c2:b7:25:b9:77:3f:f1:73:f5:ee:ff:
ba:33:2a:f2:ff:7b:5e:cf:c6:e3:32:8a:44:9a:5c:8b:5e:66:
73:cc:8b:d3:d0:ad:5b:44:88:6d:4c:8f:4c:80:1b:05:80:b7:
03:cd:35:62:50:8d:da:9a:cd:7d:2c:dd:3e:df:ba:d2:1a:76:
e9:ab:93:a9:9d:70:66:5a:d8:dc:ba:fe:e6:8a:99:f3:c3:aa:
ea:e0:b1:09:ec:3d:ee:73:79:3e:ed:a0:ac:72:5c:20:4c:df:
a4:15:44:a8:d4:fe:b4:28:4b:78:fc:b2:34:d5:20:13:e2:27:
6b:e7:37:f9:ee:ed:61:9c:56:c9:d7:ca:ad:de:a3:88:a5:25:
c9:4b:fd:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/cm8eliGCq55jZ9HeO3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNDM4MWNlMDNiYWE2MjUwMTk5ODBmMzc4ZmU0MWJiMmI2
NjIxYjkwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJhZjUwNTliMWU1YWI3ZTI3NWQ1NjY0MzdhMWE4Mjg2MWU1NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteIgr0UCZdXIXwlAwHetUBCUwOer
wkSt9cOK/eeqIFETLncHjMfIqsGandztdwftAUJXShayMsZhkj43OFlCZJ1wdVE5
N9qhTNDNfRyXKQia+KmdayQweI5wDV5BXrbnwFShpUtXA9ALSKAooFHCkNGdbuys
ygUa1MUH+Bp4ARbkFEnuZT4qQTn/QDTUpxrDDFXXy+XY3f8IEvvHD/gh2slnqkfw
IwHwIDNBtfyEUqBTzvGfHtOghxD4YvVCYqb/KvJP6ZmLFYG1hmOBUnUlw7nDWYGH
QxOd82IyN/ytOJKxdxiaX9FLjuWi+IUMq79ESDz07iWa1JJ3/a+8Jp2LnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFEq9QWbHlq34nXVZkN6GoKGHlUvMB8GA1UdIwQY
MBaAFO5Dgc4DuqYlAZmA83j+QbsrZiG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2tPQnpnTzZwaVVCbVlEemVQNUJ1eXRtSWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWExMmItNTFjNi00MTk1LWFlYjYt
YzFhZGRkN2RlYmFhLzEvVVNyMUJac2VXcmZpZGRWbVEzb2Fnb1llVlM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWExMmItNTFjNi00MTk1LWFlYjYtYzFhZGRkN2RlYmFh
LzEvN2tPQnpnTzZwaVVCbVlEemVQNUJ1eXRtSWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH7G/AwQG
Lt0AAwQAlQBMMA0GCSqGSIb3DQEBCwUAA4IBAQAN20eraxzrrqpmIoTa2B2C6U8f
V8RkGIJT7pRVTGSbV3bcehNMgIX2e1eY+zfzKj9YctBQkcLKeFs/tb9KH55yYHqj
wwKEIaOgffKVoAULVgAUe/z3p1GKY2Hvp8qa9yLLsBU24RCgNPpU+MPG/Oa9a8y4
wrcluXc/8XP17v+6Myry/3tez8bjMopEmlyLXmZzzIvT0K1bRIhtTI9MgBsFgLcD
zTViUI3ams19LN0+37rSGnbpq5OpnXBmWtjcuv7mipnzw6rq4LEJ7D3uc3k+7aCs
clwgTN+kFUSo1P60KEt4/LI01SAT4idr5zf57u1hnFbJ18qt3qOIpSXJS/1H
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:52 2025 by rpki-client