Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/5YXSqstlXLDwYtvyaUuezh7LfjM.roa
File: 5YXSqstlXLDwYtvyaUuezh7LfjM.roa (raw, json)
Hash identifier: uoEtwe9uCNajTIiodoq9wwK45HhHRJydPgmDQcMjviU=
Subject key identifier: E5:85:D2:AA:CB:65:5C:B0:F0:62:DB:F2:69:4B:9E:CE:1E:CB:7E:33
Certificate issuer: /CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Certificate serial: 019424B3F7A1370EE7F441025AEC3203B2FB
Authority key identifier: 85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/5YXSqstlXLDwYtvyaUuezh7LfjM.roa
Signing time: Thu 02 Jan 2025 01:49:21 +0000
ROA not before: Thu 02 Jan 2025 01:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28761
IP address blocks: 91.194.163.0/24 maxlen: 24
193.27.242.0/24 maxlen: 24
193.27.243.0/24 maxlen: 24
193.238.108.0/24 maxlen: 24
193.238.109.0/24 maxlen: 24
193.238.110.0/24 maxlen: 24
193.238.111.0/24 maxlen: 24
194.9.26.0/23 maxlen: 24
195.3.244.0/22 maxlen: 24
2a05:5840::/32 maxlen: 32
2a05:5841::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f7:a1:37:0e:e7:f4:41:02:5a:ec:32:03:b2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=852ece9c9a324d45c35f9559f329d8869dab53ba
Validity
Not Before: Jan 2 01:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e585d2aacb655cb0f062dbf2694b9ece1ecb7e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2d:d7:c4:81:17:f7:36:8f:c2:4a:fa:e9:76:
fd:23:ef:a6:45:a1:69:da:c6:ff:76:df:25:27:8b:
47:f3:45:59:67:3d:12:3c:8e:24:b6:67:b2:b1:69:
38:2c:8b:75:29:17:2c:50:39:9c:9f:0e:7a:72:56:
75:00:57:4b:39:63:4a:21:30:b7:02:9a:7d:72:1c:
14:44:75:54:05:1d:b1:f4:82:98:16:64:96:81:f9:
5c:15:bd:03:12:24:65:03:95:63:8e:c1:02:df:7b:
e8:a1:fc:7d:57:2e:96:50:f8:fa:7e:b9:2e:54:d2:
c8:23:ed:e4:88:fe:ca:fb:8f:7b:fb:a1:5b:75:ac:
04:79:63:e8:f5:fe:fd:54:45:8f:db:47:cd:4a:17:
8f:d9:a1:6a:54:b6:ac:04:d1:15:4b:06:d7:b9:fd:
4d:b7:f5:74:ed:eb:b1:14:23:bb:be:1a:df:2f:a1:
d7:7d:79:04:b3:f9:8a:d7:39:41:dd:5b:69:a2:5a:
c6:05:ae:f1:d5:7d:28:7c:e8:a7:66:61:c4:27:90:
36:4e:eb:98:8b:04:7b:4f:99:55:7b:bb:19:b1:b5:
22:d5:1e:5b:e0:5a:0f:6a:14:31:52:4b:68:28:c4:
60:f4:14:40:4e:15:70:f9:79:97:41:56:5e:dc:52:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:85:D2:AA:CB:65:5C:B0:F0:62:DB:F2:69:4B:9E:CE:1E:CB:7E:33
X509v3 Authority Key Identifier:
keyid:85:2E:CE:9C:9A:32:4D:45:C3:5F:95:59:F3:29:D8:86:9D:AB:53:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/5YXSqstlXLDwYtvyaUuezh7LfjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d3cce6-b47b-4d06-a30f-eb2411d212ab/1/hS7OnJoyTUXDX5VZ8ynYhp2rU7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.163.0/24
193.27.242.0/23
193.238.108.0/22
194.9.26.0/23
195.3.244.0/22
IPv6:
2a05:5840::/31
Signature Algorithm: sha256WithRSAEncryption
6a:b4:da:33:20:c6:b3:40:65:b4:ce:8a:a3:44:76:dc:43:dd:
af:1b:3a:b9:46:d3:86:6f:19:98:06:49:b6:55:ca:28:b6:05:
bd:6b:6b:68:35:bf:93:f9:0c:82:aa:69:36:3e:0e:ba:ad:c5:
71:af:3d:47:37:a7:08:11:05:75:f4:7f:59:86:da:76:11:69:
95:71:ac:3e:40:a1:86:30:bd:dc:9f:7c:01:4e:dc:15:3b:5f:
11:67:82:30:7e:72:42:dc:f6:29:cb:1e:84:ca:f8:9d:ec:26:
87:09:81:d7:f9:b7:64:42:ba:e4:26:d1:16:71:22:87:26:53:
82:8d:02:1f:95:2a:50:b3:59:cf:fc:32:ce:fb:0f:74:27:6e:
a6:6a:e1:ef:eb:cc:b0:a1:ff:d9:c8:93:a6:42:c9:04:19:34:
4f:dc:21:9c:49:e8:4c:3b:55:33:b6:76:24:69:37:a4:c3:62:
00:f7:5a:19:46:97:1e:e8:50:42:a0:13:04:0c:ca:b9:96:58:
4e:ed:d7:d0:fa:8b:36:fd:e9:f8:4e:58:05:cd:2e:30:d5:ff:
da:dc:0b:d8:2e:d3:36:eb:0a:5b:55:9e:f3:05:16:8d:74:55:
c0:a4:91:e9:eb:0b:6d:66:4e:50:3d:e0:a5:db:3c:7b:75:97:
8c:9a:d2:d1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQks/ehNw7n9EECWuwyA7L7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MmVjZTljOWEzMjRkNDVjMzVmOTU1OWYzMjlkODg2OWRh
YjUzYmEwHhcNMjUwMTAyMDE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg1ZDJhYWNiNjU1Y2IwZjA2MmRiZjI2OTRiOWVjZTFlY2I3ZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS3XxIEX9zaPwkr66Xb9I++mRaFp
2sb/dt8lJ4tH80VZZz0SPI4ktmeysWk4LIt1KRcsUDmcnw56clZ1AFdLOWNKITC3
App9chwURHVUBR2x9IKYFmSWgflcFb0DEiRlA5VjjsEC33voofx9Vy6WUPj6frku
VNLII+3kiP7K+497+6FbdawEeWPo9f79VEWP20fNSheP2aFqVLasBNEVSwbXuf1N
t/V07euxFCO7vhrfL6HXfXkEs/mK1zlB3VtpolrGBa7x1X0ofOinZmHEJ5A2TuuY
iwR7T5lVe7sZsbUi1R5b4FoPahQxUktoKMRg9BRAThVw+XmXQVZe3FLUNQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOWF0qrLZVyw8GLb8mlLns4ey34zMB8GA1UdIwQY
MBaAFIUuzpyaMk1Fw1+VWfMp2Iadq1O6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYt
ZWIyNDExZDIxMmFiLzEvNVlYU3FzdGxYTER3WXR2eWFVdWV6aDdMZmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kM2NjZTYtYjQ3Yi00ZDA2LWEzMGYtZWIyNDExZDIxMmFi
LzEvaFM3T25Kb3lUVVhEWDVWWjh5bllocDJyVTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8KjAwQB
wRvyAwQCwe5sAwQBwgkaAwQCwwP0MA0EAgACMAcDBQEqBVhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqtNozIMazQGW0zoqjRHbcQ92vGzq5RtOGbxmYBkm2VcootgW9a2to
Nb+T+QyCqmk2Pg66rcVxrz1HN6cIEQV19H9Zhtp2EWmVcaw+QKGGML3cn3wBTtwV
O18RZ4IwfnJC3PYpyx6Eyvid7CaHCYHX+bdkQrrkJtEWcSKHJlOCjQIflSpQs1nP
/DLO+w90J26mauHv68ywof/ZyJOmQskEGTRP3CGcSehMO1UztnYkaTekw2IA91oZ
Rpce6FBCoBMEDMq5llhO7dfQ+os2/en4TlgFzS4w1f/a3AvYLtM26wpbVZ7zBRaN
dFXApJHp6wttZk5QPeCl2zx7dZeMmtLR
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:37 2025 by rpki-client