Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/x3JfP6fyG6LBNrGZqZmLG24MEA8.roa
File: x3JfP6fyG6LBNrGZqZmLG24MEA8.roa (raw, json)
Hash identifier: 7nJvIwW9JCJ9IFXdwNRW5iDtEeQnmyOKn/9XwrDi/W4=
Subject key identifier: C7:72:5F:3F:A7:F2:1B:A2:C1:36:B1:99:A9:99:8B:1B:6E:0C:10:0F
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 0194206836EF975C8F4C4D878A232B136945
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/x3JfP6fyG6LBNrGZqZmLG24MEA8.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 5.42.72.0/21 maxlen: 21
5.42.80.0/21 maxlen: 21
5.42.94.0/23 maxlen: 23
5.42.99.0/24 maxlen: 24
5.42.100.0/23 maxlen: 23
5.42.102.0/23 maxlen: 23
5.42.104.0/23 maxlen: 23
5.42.106.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:36:ef:97:5c:8f:4c:4d:87:8a:23:2b:13:69:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7725f3fa7f21ba2c136b199a9998b1b6e0c100f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ce:c6:d7:f3:ae:9b:90:40:64:96:a1:4d:86:
46:16:a2:fc:92:b0:b8:9e:ed:2e:c8:61:c6:47:a5:
4b:f3:b4:0e:74:b6:8a:51:e4:f8:6b:f3:c7:d4:43:
f7:1b:2c:89:85:aa:db:21:e2:26:73:b2:51:d8:76:
d8:58:82:59:3e:c6:0e:a8:29:f7:21:f9:e5:a4:29:
e7:53:19:1d:08:be:48:10:cc:f6:7c:d0:ff:49:14:
8b:be:af:64:29:90:61:79:18:63:f1:3d:bb:58:35:
74:93:49:21:8f:68:06:63:17:95:eb:88:b6:9b:ea:
76:41:bf:a7:78:3c:32:3c:02:65:f6:53:85:7b:b6:
ea:2c:9a:1c:ae:4f:db:79:95:5f:6a:2b:84:5a:85:
6a:b6:7f:76:26:01:c4:eb:e6:cb:cd:26:55:ff:18:
e8:b0:b5:d6:be:d5:dd:a4:05:6a:a2:d7:a6:0e:76:
3f:b8:df:99:90:ff:db:3e:65:14:6f:69:34:ae:1e:
5d:9f:87:99:1f:d6:dd:e0:d0:cd:ab:70:44:cf:ad:
79:d1:b8:83:30:de:0b:69:fc:4a:13:41:19:3e:d7:
0b:99:79:2d:40:11:e6:84:ec:4d:fd:50:1b:66:69:
7b:32:1d:5c:eb:67:76:04:71:91:dd:c1:34:78:d7:
59:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:72:5F:3F:A7:F2:1B:A2:C1:36:B1:99:A9:99:8B:1B:6E:0C:10:0F
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/x3JfP6fyG6LBNrGZqZmLG24MEA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.72.0-5.42.87.255
5.42.94.0/23
5.42.99.0-5.42.107.255
Signature Algorithm: sha256WithRSAEncryption
1e:9c:0b:05:9b:7e:fa:f3:16:4d:b5:95:77:d8:55:56:83:a4:
31:3a:a6:cf:d5:74:a8:81:fc:80:5c:ca:07:a1:d7:86:c2:d5:
3e:6c:45:55:da:bf:60:0d:9c:66:d3:7d:34:6f:7d:61:5a:ed:
f1:7a:69:02:1b:d4:c4:9e:5c:7e:70:58:e9:f4:49:f2:1e:83:
1b:35:65:1b:35:f5:93:a1:6a:ae:46:61:fe:0d:1e:9b:d0:87:
ab:4a:2b:57:74:23:47:af:b2:46:75:55:bc:2d:f1:c7:7b:4e:
c8:dd:55:05:11:27:99:9f:25:25:b0:07:82:b0:18:20:e3:39:
57:86:a1:0e:4e:5d:c6:06:7e:0f:63:fb:d9:08:51:e5:49:06:
f1:5e:ee:ea:47:b5:d7:c0:bb:8b:ef:4a:8d:d8:00:b9:6f:0a:
0a:ab:9a:ba:94:33:d4:66:13:ab:57:2a:37:6e:a4:17:e0:d9:
58:93:49:27:39:bb:71:1d:04:a1:f8:f4:c9:3e:ce:ea:33:c8:
15:92:f3:c1:37:45:8c:8e:f6:03:00:df:44:44:62:ca:d0:cb:
9a:ef:45:ac:49:45:0c:b5:a7:e7:06:82:b3:a8:46:aa:4a:5a:
f6:4c:87:d7:3b:29:c7:7a:07:d1:b6:a0:c8:14:d1:e8:e6:60:
2a:6d:d6:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaDbvl1yPTE2HiiMrE2lFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzcyNWYzZmE3ZjIxYmEyYzEzNmIxOTlhOTk5OGIxYjZlMGMxMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl87G1/Oum5BAZJahTYZGFqL8krC4
nu0uyGHGR6VL87QOdLaKUeT4a/PH1EP3GyyJharbIeImc7JR2HbYWIJZPsYOqCn3
IfnlpCnnUxkdCL5IEMz2fND/SRSLvq9kKZBheRhj8T27WDV0k0khj2gGYxeV64i2
m+p2Qb+neDwyPAJl9lOFe7bqLJocrk/beZVfaiuEWoVqtn92JgHE6+bLzSZV/xjo
sLXWvtXdpAVqotemDnY/uN+ZkP/bPmUUb2k0rh5dn4eZH9bd4NDNq3BEz6150biD
MN4LafxKE0EZPtcLmXktQBHmhOxN/VAbZml7Mh1c62d2BHGR3cE0eNdZkwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMdyXz+n8huiwTaxmamZixtuDBAPMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEveDNKZlA2ZnlHNkxCTnJHWnFabUxHMjRNRUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAMFKkgD
BAMFKlADBAEFKl4wDAMEAAUqYwMEAgUqaDANBgkqhkiG9w0BAQsFAAOCAQEAHpwL
BZt++vMWTbWVd9hVVoOkMTqmz9V0qIH8gFzKB6HXhsLVPmxFVdq/YA2cZtN9NG99
YVrt8XppAhvUxJ5cfnBY6fRJ8h6DGzVlGzX1k6FqrkZh/g0em9CHq0orV3QjR6+y
RnVVvC3xx3tOyN1VBREnmZ8lJbAHgrAYIOM5V4ahDk5dxgZ+D2P72QhR5UkG8V7u
6ke118C7i+9KjdgAuW8KCquaupQz1GYTq1cqN26kF+DZWJNJJzm7cR0Eofj0yT7O
6jPIFZLzwTdFjI72AwDfRERiytDLmu9FrElFDLWn5waCs6hGqkpa9kyH1zspx3oH
0bagyBTR6OZgKm3Wpw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:03 2025 by rpki-client