Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/YODqx1lOYYyU7W0u14ibq4JlSMA.roa
File: YODqx1lOYYyU7W0u14ibq4JlSMA.roa (raw, json)
Hash identifier: JPnZprL4aF+OspB9FPEquHltFR5JUdXqkgYmGXAA+e0=
Subject key identifier: 60:E0:EA:C7:59:4E:61:8C:94:ED:6D:2E:D7:88:9B:AB:82:65:48:C0
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 0194C67E741A635F6E40CFA8294A14D357DF
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/YODqx1lOYYyU7W0u14ibq4JlSMA.roa
Signing time: Sun 02 Feb 2025 11:49:23 +0000
ROA not before: Sun 02 Feb 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42908
IP address blocks: 5.102.48.0/20 maxlen: 20
31.10.56.0/21 maxlen: 21
45.159.116.0/22 maxlen: 22
46.183.56.0/21 maxlen: 21
46.231.72.0/21 maxlen: 21
77.95.192.0/21 maxlen: 21
78.136.128.0/18 maxlen: 18
80.78.136.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
80.243.236.0/22 maxlen: 22
80.243.236.0/24 maxlen: 24
80.243.237.0/24 maxlen: 24
80.243.238.0/24 maxlen: 24
80.243.239.0/24 maxlen: 24
80.251.240.0/20 maxlen: 20
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
93.92.48.0/21 maxlen: 21
93.93.32.0/21 maxlen: 21
94.241.64.0/18 maxlen: 18
109.108.96.0/19 maxlen: 19
176.102.128.0/19 maxlen: 19
178.17.80.0/20 maxlen: 20
185.78.12.0/22 maxlen: 22
185.82.236.0/22 maxlen: 22
185.108.60.0/22 maxlen: 22
185.157.240.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
193.107.252.0/22 maxlen: 22
213.19.0.0/17 maxlen: 17
213.155.32.0/19 maxlen: 19
213.250.192.0/18 maxlen: 18
217.170.96.0/20 maxlen: 20
217.196.112.0/20 maxlen: 20
217.197.144.0/20 maxlen: 20
2001:67c:13c4::/48 maxlen: 48
2a00:e4c0::/32 maxlen: 32
2a01:9f40::/29 maxlen: 29
2a02:2088::/32 maxlen: 32
2a02:2428::/32 maxlen: 32
2a02:2588::/29 maxlen: 29
2a03:1600::/32 maxlen: 32
2a03:7a00::/32 maxlen: 32
2a03:a820::/32 maxlen: 32
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:7e:74:1a:63:5f:6e:40:cf:a8:29:4a:14:d3:57:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Feb 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60e0eac7594e618c94ed6d2ed7889bab826548c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:41:3b:8e:5c:b7:53:05:bd:e7:93:b2:54:53:
8f:4d:19:aa:04:c1:b0:c2:5d:1c:a2:16:01:bf:55:
23:52:d7:aa:57:35:d1:16:18:95:b9:4e:68:91:fe:
33:5f:3a:b9:3a:f3:c9:2e:7d:65:f7:6f:76:3b:d7:
08:fa:12:00:7f:b0:af:32:a3:f5:13:de:ba:ea:1b:
11:03:7a:e2:ba:73:60:73:3f:f6:16:5d:36:2a:71:
4a:3c:00:77:77:0f:21:3d:f4:2c:95:78:df:61:de:
48:52:20:6b:66:91:3d:2b:f1:b8:11:36:a6:f1:56:
57:18:b5:74:29:a1:21:7b:61:93:3c:e8:6f:94:38:
34:9b:2e:cb:3b:3d:bb:d0:bf:9a:33:f0:1a:f8:37:
5f:12:36:60:2f:b5:5c:83:ab:92:af:6b:8a:8d:d6:
47:1c:cc:5f:5b:20:df:97:61:e6:b6:a4:7f:eb:92:
ff:8f:00:22:3a:d6:ac:7d:5f:34:a8:60:57:3d:6b:
8a:9c:f4:41:f5:3a:db:06:85:8d:16:b2:37:dc:41:
5c:6f:58:2a:75:bd:07:d8:7a:cb:69:92:35:be:62:
38:07:44:75:39:50:27:f0:a8:a1:3b:3b:f4:b3:f8:
2e:ec:aa:99:b0:ed:db:fd:1a:c3:0a:9f:ac:f5:57:
d8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E0:EA:C7:59:4E:61:8C:94:ED:6D:2E:D7:88:9B:AB:82:65:48:C0
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/YODqx1lOYYyU7W0u14ibq4JlSMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.48.0/20
31.10.56.0/21
45.159.116.0/22
46.183.56.0/21
46.231.72.0/21
77.95.192.0/21
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
80.243.236.0/22
80.251.240.0/20
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
93.92.48.0/21
93.93.32.0/21
94.241.64.0/18
109.108.96.0/19
176.102.128.0/19
178.17.80.0/20
185.78.12.0/22
185.82.236.0/22
185.108.60.0/22
185.157.240.0/22
188.119.96.0/22
193.107.252.0/22
213.19.0.0/17
213.155.32.0/19
213.250.192.0/18
217.170.96.0/20
217.196.112.0/20
217.197.144.0/20
IPv6:
2001:67c:13c4::/48
2a00:e4c0::/32
2a01:9f40::/29
2a02:2088::/32
2a02:2428::/32
2a02:2588::/29
2a03:1600::/32
2a03:7a00::/32
2a03:a820::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
a3:32:59:c1:22:a1:88:e3:6a:4f:39:c9:de:57:aa:fc:2a:54:
2b:b1:75:0c:f4:6f:20:39:80:be:88:31:97:7d:c6:f3:c6:e5:
51:51:ee:0c:3f:d2:51:fb:9f:f9:33:27:05:3c:00:42:76:cf:
11:8e:2b:0e:4c:c9:12:55:f5:6c:77:46:8e:20:b8:f6:c0:82:
31:0c:6b:33:7b:11:e9:a0:8c:65:3d:97:07:a6:35:8f:de:4a:
b6:ce:a1:bc:4e:cd:e0:57:98:20:7a:4e:ad:45:fa:59:31:06:
da:1e:6b:6e:83:26:c5:6a:c8:6c:56:ca:72:84:9a:65:a0:c2:
df:1d:ca:65:a4:30:79:b7:e9:6a:b7:9c:7e:ba:14:48:a4:3e:
da:4b:f0:ce:68:08:14:f2:cb:c7:1a:4a:c6:a2:ac:7c:57:6d:
ac:07:19:59:3e:51:69:76:5c:fc:c3:bc:38:45:9a:80:3d:4d:
6c:37:72:f8:62:af:2d:c6:dd:6e:05:cb:c9:d4:19:03:56:68:
f8:ac:ad:2c:df:45:ab:b3:c3:5e:c7:5b:58:c4:35:1e:9c:66:
f3:d2:d5:30:3d:1e:53:c4:5b:d7:a0:21:44:fb:04:dd:7d:1d:
87:30:cd:e9:70:7d:95:49:9e:a3:f6:fd:47:ec:a3:43:68:f6:
de:26:3a:26
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZTGfnQaY19uQM+oKUoU01ffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjUwMjAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUwZWFjNzU5NGU2MThjOTRlZDZkMmVkNzg4OWJhYjgyNjU0OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UE7jly3UwW955OyVFOPTRmqBMGw
wl0cohYBv1UjUteqVzXRFhiVuU5okf4zXzq5OvPJLn1l9292O9cI+hIAf7CvMqP1
E9666hsRA3riunNgcz/2Fl02KnFKPAB3dw8hPfQslXjfYd5IUiBrZpE9K/G4ETam
8VZXGLV0KaEhe2GTPOhvlDg0my7LOz270L+aM/Aa+DdfEjZgL7Vcg6uSr2uKjdZH
HMxfWyDfl2HmtqR/65L/jwAiOtasfV80qGBXPWuKnPRB9TrbBoWNFrI33EFcb1gq
db0H2HrLaZI1vmI4B0R1OVAn8KihOzv0s/gu7KqZsO3b/RrDCp+s9VfY0wIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFGDg6sdZTmGMlO1tLteIm6uCZUjAMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvWU9EcXgxbE9ZWXlVN1cwdTE0aWJxNEpsU01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITCBxwQCAAEwgcAD
BAQFZjADBAMfCjgDBAItn3QDBAMutzgDBAMu50gDBANNX8ADBAZOiIADBAJQTogD
BAJQTwADBAJQ8+wDBARQ+/ADBAVYUUADBAVbuyADBARcPVADBANdXDADBANdXSAD
BAZe8UADBAVtbGADBAWwZoADBASyEVADBAK5TgwDBAK5UuwDBAK5bDwDBAK5nfAD
BAK8d2ADBALBa/wDBAfVEwADBAXVmyADBAbV+sADBATZqmADBATZxHADBATZxZAw
VQQCAAIwTwMHACABBnwTxAMFACoA5MADBQMqAZ9AAwUAKgIgiAMFACoCJCgDBQMq
AiWIAwUAKgMWAAMFACoDegADBQAqA6ggAwUDKgfMgAMFAyoMi0AwDQYJKoZIhvcN
AQELBQADggEBAKMyWcEioYjjak85yd5XqvwqVCuxdQz0byA5gL6IMZd9xvPG5VFR
7gw/0lH7n/kzJwU8AEJ2zxGOKw5MyRJV9Wx3Ro4guPbAgjEMazN7EemgjGU9lwem
NY/eSrbOobxOzeBXmCB6Tq1F+lkxBtoea26DJsVqyGxWynKEmmWgwt8dymWkMHm3
6Wq3nH66FEikPtpL8M5oCBTyy8caSsairHxXbawHGVk+UWl2XPzDvDhFmoA9TWw3
cvhiry3G3W4Fy8nUGQNWaPisrSzfRauzw17HW1jENR6cZvPS1TA9HlPEW9egIUT7
BN19HYcwzelwfZVJnqP2/Ufso0No9t4mOiY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:07:12 2025 by rpki-client