Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/k4ZQo6Jn42inlw4N2vyQhiUQgN4.roa
File: k4ZQo6Jn42inlw4N2vyQhiUQgN4.roa (raw, json)
Hash identifier: a/nxe8zHcSTGUGGJ2JtCbi9pShuWfUe2/C70xRJTj8s=
Subject key identifier: 93:86:50:A3:A2:67:E3:68:A7:97:0E:0D:DA:FC:90:86:25:10:80:DE
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0195C8DA6150DE0158A6A5D5481B9008A891
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/k4ZQo6Jn42inlw4N2vyQhiUQgN4.roa
Signing time: Mon 24 Mar 2025 15:51:49 +0000
ROA not before: Mon 24 Mar 2025 15:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
31.40.194.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
84.252.64.0/22 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
194.124.41.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:da:61:50:de:01:58:a6:a5:d5:48:1b:90:08:a8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 24 15:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=938650a3a267e368a7970e0ddafc9086251080de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:b9:c4:06:db:25:e7:17:bf:08:ce:80:4d:
42:f5:35:e0:46:43:b3:9c:95:df:45:9d:3c:70:9e:
e6:68:07:35:12:f5:21:6c:1f:a7:9c:42:56:b5:f6:
ff:8c:db:54:14:99:80:aa:46:f2:b4:2c:2b:6c:db:
f1:1d:d9:ab:73:f6:2a:53:d5:e9:4b:1d:ac:17:2f:
3d:05:ef:a6:50:9d:4a:50:b3:d5:43:d8:81:c4:1e:
93:f3:a7:2e:d6:90:6a:e8:53:bc:4d:f5:4f:83:0a:
ee:da:86:98:d9:a1:e9:0a:7d:90:58:44:92:8e:9a:
56:d6:b1:bf:dc:11:20:9c:cb:b2:34:a3:48:ee:0a:
b6:57:b7:f9:91:a3:33:90:61:c1:45:2d:be:05:d8:
ac:aa:38:0c:b3:61:9f:ac:ca:8c:de:86:d5:a9:9f:
a2:5a:e2:17:7c:01:a2:3b:4d:de:f5:ff:45:bf:69:
0a:b1:be:6c:a5:25:7a:90:52:8b:ae:41:eb:91:bb:
eb:18:53:5e:b8:13:68:66:27:a9:32:57:0c:a3:bc:
a7:45:a6:99:d2:df:b9:44:9d:87:a3:f4:1f:c4:df:
1c:f1:78:e5:12:6c:db:02:a5:0c:28:c9:22:a4:90:
a6:17:46:10:e7:fc:f3:81:e8:c4:78:e0:72:5a:46:
98:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:86:50:A3:A2:67:E3:68:A7:97:0E:0D:DA:FC:90:86:25:10:80:DE
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/k4ZQo6Jn42inlw4N2vyQhiUQgN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
31.40.194.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.6.0/23
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.132.126.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
194.28.157.0/24
194.53.188.0/22
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
34:88:d7:2c:86:8d:eb:76:a8:5b:e6:57:c6:06:0a:f0:2a:c0:
e5:67:26:5d:e4:84:f4:07:eb:a1:40:af:b7:79:e7:a2:ec:8f:
82:b4:3d:b3:f2:c5:38:f4:fc:20:c8:dc:86:4b:55:69:86:32:
f8:a3:1a:cf:25:6f:a7:59:37:34:c9:e1:cb:1a:25:b9:4b:0d:
16:6c:29:b5:bc:55:42:ad:36:30:fa:55:0e:6f:d6:0a:05:33:
89:ce:42:09:a3:79:25:f2:58:06:6f:8f:54:a0:8e:e3:61:d9:
c6:23:67:1e:26:b8:6c:f5:a1:99:57:ae:fa:cd:f2:1a:bf:0d:
16:39:9a:91:a6:d7:41:ad:22:20:57:bf:0c:16:d4:9a:d4:9e:
9d:6b:3d:b1:8d:72:df:10:dc:03:7d:46:84:c9:79:27:17:e6:
77:65:ce:70:76:51:44:96:e8:d6:60:6d:83:68:98:de:db:65:
5f:e3:b6:d0:9e:02:86:8d:30:c7:3a:94:55:45:6f:be:7d:fc:
69:43:0b:fd:ca:7a:26:f4:1a:ce:43:ee:0c:e1:7d:c0:9d:93:
b0:a7:43:3e:4d:dc:10:f6:35:e1:db:b9:7e:43:c3:6d:02:c3:
97:bd:9c:68:5e:96:9f:74:8a:92:ed:47:b9:26:12:80:9d:4a:
65:c1:4b:cc
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZXI2mFQ3gFYpqXVSBuQCKiRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMzI0MTU1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzg2NTBhM2EyNjdlMzY4YTc5NzBlMGRkYWZjOTA4NjI1MTA4MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyya5xAbbJecXvwjOgE1C9TXgRkOz
nJXfRZ08cJ7maAc1EvUhbB+nnEJWtfb/jNtUFJmAqkbytCwrbNvxHdmrc/YqU9Xp
Sx2sFy89Be+mUJ1KULPVQ9iBxB6T86cu1pBq6FO8TfVPgwru2oaY2aHpCn2QWESS
jppW1rG/3BEgnMuyNKNI7gq2V7f5kaMzkGHBRS2+BdisqjgMs2GfrMqM3obVqZ+i
WuIXfAGiO03e9f9Fv2kKsb5spSV6kFKLrkHrkbvrGFNeuBNoZiepMlcMo7ynRaaZ
0t+5RJ2Ho/QfxN8c8XjlEmzbAqUMKMkipJCmF0YQ5/zzgejEeOByWkaYrQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJOGUKOiZ+Nop5cODdr8kIYlEIDeMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvazRaUW82Sm40MmlubHc0TjJ2eVFoaVVRZ040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
aEgDBAAFaEoDBAAfKMIwDAMEAy2CuAMEAC2CugMEAC2MBAMEAS2MBgMEAk1TFAME
AlT8QAMEAFjaUAMEAFja7wMEAFuEfgMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwME
AbB2vAMEALB2vwMEAbmxTAMEAMGgRAMEAMGgSAMEAMIcnQMEAsI1vAMEAMJ8KQME
ANRFhzANBgkqhkiG9w0BAQsFAAOCAQEANIjXLIaN63aoW+ZXxgYK8CrA5WcmXeSE
9AfroUCvt3nnouyPgrQ9s/LFOPT8IMjchktVaYYy+KMazyVvp1k3NMnhyxoluUsN
FmwptbxVQq02MPpVDm/WCgUzic5CCaN5JfJYBm+PVKCO42HZxiNnHia4bPWhmVeu
+s3yGr8NFjmakabXQa0iIFe/DBbUmtSenWs9sY1y3xDcA31GhMl5Jxfmd2XOcHZR
RJbo1mBtg2iY3ttlX+O20J4Cho0wxzqUVUVvvn38aUML/cp6JvQazkPuDOF9wJ2T
sKdDPk3cEPY14du5fkPDbQLDl72caF6Wn3SKku1HuSYSgJ1KZcFLzA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:15 2025 by rpki-client