Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/nF85QppgpaftlT0tXyYzM8d3xeA.roa
File: nF85QppgpaftlT0tXyYzM8d3xeA.roa (raw, json)
Hash identifier: b9U3Qj9X7c4tBqmMbQ/bQAPghLJ8xCc+m8ECVk9FYBk=
Subject key identifier: 9C:5F:39:42:9A:60:A5:A7:ED:95:3D:2D:5F:26:33:33:C7:77:C5:E0
Certificate issuer: /CN=586936266e980dd203b2cbeb1c9c4570604b911b
Certificate serial: 019424B3EAE336A622A174070576F86F7AB6
Authority key identifier: 58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/nF85QppgpaftlT0tXyYzM8d3xeA.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49628
IP address blocks: 5.187.8.0/21 maxlen: 21
5.187.8.0/24 maxlen: 24
5.187.9.0/24 maxlen: 24
5.187.10.0/24 maxlen: 24
5.187.11.0/24 maxlen: 24
5.187.12.0/24 maxlen: 24
37.75.128.0/21 maxlen: 21
78.40.104.0/22 maxlen: 22
78.40.104.0/24 maxlen: 24
78.40.105.0/24 maxlen: 24
78.40.106.0/24 maxlen: 24
78.40.107.0/24 maxlen: 24
185.46.176.0/22 maxlen: 22
185.81.92.0/22 maxlen: 22
185.81.92.0/24 maxlen: 24
185.81.93.0/24 maxlen: 24
185.81.94.0/24 maxlen: 24
185.81.95.0/24 maxlen: 24
185.168.224.0/22 maxlen: 22
185.168.224.0/24 maxlen: 24
185.168.225.0/24 maxlen: 24
185.168.226.0/24 maxlen: 24
185.168.227.0/24 maxlen: 24
188.227.192.0/22 maxlen: 22
188.227.192.0/24 maxlen: 24
188.227.193.0/24 maxlen: 24
188.227.194.0/24 maxlen: 24
188.227.195.0/24 maxlen: 24
193.176.212.0/22 maxlen: 22
193.176.212.0/24 maxlen: 24
193.176.213.0/24 maxlen: 24
193.176.214.0/24 maxlen: 24
193.176.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ea:e3:36:a6:22:a1:74:07:05:76:f8:6f:7a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586936266e980dd203b2cbeb1c9c4570604b911b
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c5f39429a60a5a7ed953d2d5f263333c777c5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a8:90:01:f8:99:13:a9:49:bf:60:97:2a:98:
2b:8d:77:b8:e8:d8:59:a3:00:9d:eb:cf:d7:b6:e6:
ac:88:32:a0:37:1b:ef:68:53:c7:26:6a:76:61:54:
d5:9b:f6:41:dc:c7:b0:42:a5:71:ae:c6:99:d1:38:
a6:71:ed:2f:fc:05:4d:84:0d:55:78:b9:60:b9:1d:
fa:29:e9:f8:5b:b6:43:8c:f9:9f:14:2f:5b:3b:6e:
45:cb:c8:5c:b5:a0:83:86:05:39:26:2e:b4:14:06:
d0:13:d2:41:ab:59:21:8d:fc:e3:3e:f8:23:0b:ef:
2d:81:14:15:13:59:1f:c7:3c:38:8f:2d:83:68:15:
3a:7a:4a:ce:ea:35:2a:fe:87:6f:b3:81:a6:74:5e:
f8:1d:f2:92:6e:44:20:f0:5c:17:d2:27:32:28:1b:
1e:9b:db:af:5f:53:aa:b2:1d:98:f8:c0:56:b1:ee:
69:53:c5:a7:42:1b:07:f0:b5:fb:bf:3d:87:83:31:
50:04:99:03:2b:e7:a3:d1:92:47:fc:5b:98:a2:c0:
a7:5c:ad:47:f7:ef:bf:be:f2:10:d9:1d:66:cc:69:
01:25:e1:03:3c:e0:78:0f:c2:1a:aa:1e:d6:5e:aa:
37:a4:94:55:57:37:0f:22:71:a5:a9:92:19:70:69:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5F:39:42:9A:60:A5:A7:ED:95:3D:2D:5F:26:33:33:C7:77:C5:E0
X509v3 Authority Key Identifier:
keyid:58:69:36:26:6E:98:0D:D2:03:B2:CB:EB:1C:9C:45:70:60:4B:91:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGk2Jm6YDdIDssvrHJxFcGBLkRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/nF85QppgpaftlT0tXyYzM8d3xeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4c66cc-fa9a-4f58-ad21-7da183eff115/1/WGk2Jm6YDdIDssvrHJxFcGBLkRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.8.0/21
37.75.128.0/21
78.40.104.0/22
185.46.176.0/22
185.81.92.0/22
185.168.224.0/22
188.227.192.0/22
193.176.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:6a:d2:da:e4:d0:6e:4c:8a:dc:ca:64:2f:84:50:2c:8b:47:
9c:44:2a:87:6b:b5:1e:5a:1b:20:29:b5:6b:ca:4f:b8:7d:f6:
04:89:ea:f8:fb:d2:a3:cd:12:8c:b3:62:53:69:1d:b9:f6:f4:
dc:11:af:fa:1a:d6:3b:49:f6:00:43:13:05:b9:d6:aa:37:79:
35:15:0f:a1:89:0c:e9:90:36:33:ad:a7:6c:e6:26:c7:b2:7e:
81:58:88:3c:f2:f3:cb:a1:1c:86:d1:12:15:e2:e0:13:9d:e6:
77:cb:86:c4:9d:4c:d4:7d:cf:c1:ba:9d:8f:70:2b:ff:54:9d:
ce:1f:07:24:ff:2b:45:2c:3d:4d:44:7e:40:ab:5b:0f:3f:76:
4a:35:9b:e7:df:dd:1a:0d:5c:24:e0:60:f3:36:0c:6f:59:e0:
ad:a6:4a:9a:1f:b8:54:64:ca:08:50:ec:38:3e:28:2e:9b:db:
75:6e:9e:28:ba:99:92:0f:e0:1e:c2:46:81:52:90:14:ed:af:
e4:a3:7f:81:d0:b8:6d:ad:00:1c:7f:34:b9:78:b4:e6:ee:99:
4a:48:7a:1b:d6:72:66:46:c0:2c:30:9d:32:c2:dd:41:33:62:
35:11:09:c4:87:7f:51:80:cf:32:f2:6d:59:a0:3f:a8:9a:28:
8f:97:36:e7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQks+rjNqYioXQHBXb4b3q2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjkzNjI2NmU5ODBkZDIwM2IyY2JlYjFjOWM0NTcwNjA0
YjkxMWIwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVmMzk0MjlhNjBhNWE3ZWQ5NTNkMmQ1ZjI2MzMzM2M3NzdjNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqiQAfiZE6lJv2CXKpgrjXe46NhZ
owCd68/XtuasiDKgNxvvaFPHJmp2YVTVm/ZB3MewQqVxrsaZ0Timce0v/AVNhA1V
eLlguR36Ken4W7ZDjPmfFC9bO25Fy8hctaCDhgU5Ji60FAbQE9JBq1khjfzjPvgj
C+8tgRQVE1kfxzw4jy2DaBU6ekrO6jUq/odvs4GmdF74HfKSbkQg8FwX0icyKBse
m9uvX1Oqsh2Y+MBWse5pU8WnQhsH8LX7vz2HgzFQBJkDK+ej0ZJH/FuYosCnXK1H
9++/vvIQ2R1mzGkBJeEDPOB4D8Iaqh7WXqo3pJRVVzcPInGlqZIZcGknPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJxfOUKaYKWn7ZU9LV8mMzPHd8XgMB8GA1UdIwQY
MBaAFFhpNiZumA3SA7LL6xycRXBgS5EbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEt
N2RhMTgzZWZmMTE1LzEvbkY4NVFwcGdwYWZ0bFQwdFh5WXpNOGQzeGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80YzY2Y2MtZmE5YS00ZjU4LWFkMjEtN2RhMTgzZWZmMTE1
LzEvV0drMkptNllEZElEc3N2ckhKeEZjR0JMa1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDBbsIAwQD
JUuAAwQCTihoAwQCuS6wAwQCuVFcAwQCuajgAwQCvOPAAwQCwbDUMA0GCSqGSIb3
DQEBCwUAA4IBAQBPatLa5NBuTIrcymQvhFAsi0ecRCqHa7UeWhsgKbVryk+4ffYE
ier4+9KjzRKMs2JTaR259vTcEa/6GtY7SfYAQxMFudaqN3k1FQ+hiQzpkDYzrads
5ibHsn6BWIg88vPLoRyG0RIV4uATneZ3y4bEnUzUfc/Bup2PcCv/VJ3OHwck/ytF
LD1NRH5Aq1sPP3ZKNZvn390aDVwk4GDzNgxvWeCtpkqaH7hUZMoIUOw4Pigum9t1
bp4oupmSD+AewkaBUpAU7a/ko3+B0LhtrQAcfzS5eLTm7plKSHob1nJmRsAsMJ0y
wt1BM2I1EQnEh39RgM8y8m1ZoD+omiiPlzbn
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:14:58 2025 by rpki-client