Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ih95DgEIx_r6ncJM7zF_6MO3lt0.roa
File: ih95DgEIx_r6ncJM7zF_6MO3lt0.roa (raw, json)
Hash identifier: aT8pOmJOJzott4VsWoAS2XNWmuwO4EeFGdvrpnom/mw=
Subject key identifier: 8A:1F:79:0E:01:08:C7:FA:FA:9D:C2:4C:EF:31:7F:E8:C3:B7:96:DD
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 0194C66EA10D897D120552565F84741891D1
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ih95DgEIx_r6ncJM7zF_6MO3lt0.roa
Signing time: Sun 02 Feb 2025 11:32:06 +0000
ROA not before: Sun 02 Feb 2025 11:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42908
IP address blocks: 5.102.48.0/20 maxlen: 20
31.10.56.0/21 maxlen: 21
45.159.116.0/22 maxlen: 22
46.183.56.0/21 maxlen: 21
46.231.72.0/21 maxlen: 21
77.95.192.0/21 maxlen: 21
78.136.128.0/18 maxlen: 18
80.78.136.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
80.243.236.0/22 maxlen: 22
80.243.236.0/24 maxlen: 24
80.243.237.0/24 maxlen: 24
80.243.238.0/24 maxlen: 24
80.243.239.0/24 maxlen: 24
80.251.240.0/20 maxlen: 20
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
93.92.48.0/21 maxlen: 21
93.93.32.0/21 maxlen: 21
94.241.64.0/18 maxlen: 18
109.108.96.0/19 maxlen: 19
176.102.128.0/19 maxlen: 19
178.17.80.0/20 maxlen: 20
185.78.12.0/22 maxlen: 22
185.82.236.0/22 maxlen: 22
185.108.60.0/22 maxlen: 22
185.157.240.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
193.107.252.0/22 maxlen: 22
2001:67c:13c4::/48 maxlen: 48
2a01:9f40::/29 maxlen: 29
2a02:2428::/32 maxlen: 32
2a03:7a00::/32 maxlen: 32
2a03:a820::/32 maxlen: 32
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c6:6e:a1:0d:89:7d:12:05:52:56:5f:84:74:18:91:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Feb 2 11:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a1f790e0108c7fafa9dc24cef317fe8c3b796dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:77:e2:9b:47:d9:7b:ba:4b:a0:7a:23:81:
86:3a:2b:10:8b:09:8d:2f:76:8e:80:47:e1:c2:a6:
a5:7c:39:e8:44:b8:c1:0b:b3:d7:54:c8:bc:62:46:
93:57:df:2f:24:1a:7c:2a:62:b0:a2:72:6c:21:bb:
60:62:ea:f0:b1:13:88:ea:2d:1c:75:65:36:76:48:
a2:3b:e5:3c:4f:cf:20:fc:8d:e8:d1:72:af:24:ac:
5d:df:05:2f:62:7f:cd:05:d8:86:fa:ed:43:95:a8:
d0:db:ae:1e:03:5a:02:28:2a:f6:e2:03:35:1e:2e:
19:99:a6:52:c9:6b:ac:ee:d6:71:65:78:a2:4b:db:
1f:8d:74:5a:09:ee:7d:6c:a8:d3:68:e5:eb:64:ac:
04:6e:6a:85:35:83:38:8a:ff:8f:fd:ce:66:38:7e:
8d:55:77:77:fe:24:c7:46:00:4d:80:b6:2d:1c:6f:
b8:68:51:51:5b:03:9a:e9:11:34:58:50:53:74:f0:
87:c4:23:df:66:48:d6:80:af:19:5d:99:2d:4e:2f:
3f:50:97:cd:b0:c5:1f:fa:a2:0a:42:ea:70:40:d7:
22:bd:f5:c1:e6:0c:97:9e:f1:f9:11:e5:f9:4a:72:
7e:d0:71:55:e4:11:ea:b3:cc:f3:8f:b3:a7:7b:df:
2e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1F:79:0E:01:08:C7:FA:FA:9D:C2:4C:EF:31:7F:E8:C3:B7:96:DD
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/ih95DgEIx_r6ncJM7zF_6MO3lt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.48.0/20
31.10.56.0/21
45.159.116.0/22
46.183.56.0/21
46.231.72.0/21
77.95.192.0/21
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
80.243.236.0/22
80.251.240.0/20
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
93.92.48.0/21
93.93.32.0/21
94.241.64.0/18
109.108.96.0/19
176.102.128.0/19
178.17.80.0/20
185.78.12.0/22
185.82.236.0/22
185.108.60.0/22
185.157.240.0/22
188.119.96.0/22
193.107.252.0/22
IPv6:
2001:67c:13c4::/48
2a01:9f40::/29
2a02:2428::/32
2a03:7a00::/32
2a03:a820::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
64:cf:ca:74:f9:0c:70:ba:2b:13:22:dd:81:1b:71:8b:79:0c:
83:16:d4:39:cf:27:d9:e3:d0:ce:2d:b6:32:87:00:34:80:ef:
43:ad:e5:af:d4:a1:57:5d:3e:d3:9d:cb:68:f4:66:3d:d0:f2:
6a:52:91:ff:e5:c0:d1:a0:25:4b:9d:c7:b5:ba:7f:62:df:04:
a9:bb:cf:88:cb:22:7f:fb:cd:d1:39:06:16:a9:67:24:ec:74:
60:3f:28:b9:ce:ec:30:e5:e4:69:c0:98:9a:8b:46:d9:1c:97:
f8:56:d5:c2:1f:77:85:dd:cc:cf:b4:07:97:fc:98:b9:1c:ee:
4a:11:ab:d7:71:fc:81:08:2b:ac:21:1f:6f:3a:c5:2e:26:25:
6c:67:0a:43:9a:e6:0a:a0:d2:33:98:84:b5:65:bf:4f:ed:e4:
93:63:08:b0:a0:cd:e2:0b:a9:18:a3:de:32:3c:61:de:d1:4a:
3c:4d:a1:b3:a1:ca:2e:a7:ca:30:38:f9:24:03:a0:89:da:6d:
24:35:e9:50:09:3d:91:da:1b:8e:74:52:9e:e9:20:d1:cf:cd:
e7:17:3b:53:70:7c:76:36:7c:bc:fc:7e:22:8c:0a:92:96:91:
40:51:ea:31:61:77:db:7a:6d:50:f8:71:64:ef:31:2b:34:1e:
0b:27:82:90
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZTGbqENiX0SBVJWX4R0GJHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjUwMjAyMTEzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFmNzkwZTAxMDhjN2ZhZmE5ZGMyNGNlZjMxN2ZlOGMzYjc5NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArut34ptH2Xu6S6B6I4GGOisQiwmN
L3aOgEfhwqalfDnoRLjBC7PXVMi8YkaTV98vJBp8KmKwonJsIbtgYurwsROI6i0c
dWU2dkiiO+U8T88g/I3o0XKvJKxd3wUvYn/NBdiG+u1DlajQ264eA1oCKCr24gM1
Hi4ZmaZSyWus7tZxZXiiS9sfjXRaCe59bKjTaOXrZKwEbmqFNYM4iv+P/c5mOH6N
VXd3/iTHRgBNgLYtHG+4aFFRWwOa6RE0WFBTdPCHxCPfZkjWgK8ZXZktTi8/UJfN
sMUf+qIKQupwQNcivfXB5gyXnvH5EeX5SnJ+0HFV5BHqs8zzj7One98ujQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFIofeQ4BCMf6+p3CTO8xf+jDt5bdMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvaWg5NURnRUl4X3I2bmNKTTd6Rl82TU8zbHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBowQCAAEwgZwDBAQF
ZjADBAMfCjgDBAItn3QDBAMutzgDBAMu50gDBANNX8ADBAZOiIADBAJQTogDBAJQ
TwADBAJQ8+wDBARQ+/ADBAVYUUADBAVbuyADBARcPVADBANdXDADBANdXSADBAZe
8UADBAVtbGADBAWwZoADBASyEVADBAK5TgwDBAK5UuwDBAK5bDwDBAK5nfADBAK8
d2ADBALBa/wwOQQCAAIwMwMHACABBnwTxAMFAyoBn0ADBQAqAiQoAwUAKgN6AAMF
ACoDqCADBQMqB8yAAwUDKgyLQDANBgkqhkiG9w0BAQsFAAOCAQEAZM/KdPkMcLor
EyLdgRtxi3kMgxbUOc8n2ePQzi22MocANIDvQ63lr9ShV10+053LaPRmPdDyalKR
/+XA0aAlS53Htbp/Yt8EqbvPiMsif/vN0TkGFqlnJOx0YD8ouc7sMOXkacCYmotG
2RyX+FbVwh93hd3Mz7QHl/yYuRzuShGr13H8gQgrrCEfbzrFLiYlbGcKQ5rmCqDS
M5iEtWW/T+3kk2MIsKDN4gupGKPeMjxh3tFKPE2hs6HKLqfKMDj5JAOgidptJDXp
UAk9kdobjnRSnukg0c/N5xc7U3B8djZ8vPx+IowKkpaRQFHqMWF323ptUPhxZO8x
KzQeCyeCkA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:10:44 2025 by rpki-client