Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lEBqj47HsE4RcYAsoqifYDD5-v0.roa
File: lEBqj47HsE4RcYAsoqifYDD5-v0.roa (raw, json)
Hash identifier: 5Rb98svkmkp/Od56IyDtD6S4WqJrGHnw39Wi6unr62c=
Subject key identifier: 94:40:6A:8F:8E:C7:B0:4E:11:71:80:2C:A2:A8:9F:60:30:F9:FA:FD
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 0194DD6367D9665E4BF63A6917A2235E730B
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lEBqj47HsE4RcYAsoqifYDD5-v0.roa
Signing time: Thu 06 Feb 2025 22:31:06 +0000
ROA not before: Thu 06 Feb 2025 22:31:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42908
IP address blocks: 5.102.48.0/20 maxlen: 20
31.10.56.0/21 maxlen: 21
45.159.116.0/22 maxlen: 22
46.183.56.0/21 maxlen: 21
46.231.72.0/21 maxlen: 21
77.95.192.0/21 maxlen: 21
78.136.128.0/18 maxlen: 18
80.78.136.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
80.90.128.0/20 maxlen: 20
80.243.236.0/22 maxlen: 22
80.243.236.0/24 maxlen: 24
80.243.237.0/24 maxlen: 24
80.243.238.0/24 maxlen: 24
80.243.239.0/24 maxlen: 24
80.251.240.0/20 maxlen: 20
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
93.92.48.0/21 maxlen: 21
93.93.32.0/21 maxlen: 21
94.241.64.0/18 maxlen: 18
109.108.96.0/19 maxlen: 19
176.102.128.0/19 maxlen: 19
178.17.80.0/20 maxlen: 20
185.78.12.0/22 maxlen: 22
185.82.236.0/22 maxlen: 22
185.108.60.0/22 maxlen: 22
185.157.240.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
193.42.128.0/22 maxlen: 22
193.107.252.0/22 maxlen: 22
213.19.0.0/17 maxlen: 17
213.155.32.0/19 maxlen: 19
213.250.192.0/18 maxlen: 18
217.170.96.0/20 maxlen: 20
217.196.112.0/20 maxlen: 20
217.197.144.0/20 maxlen: 20
2001:67c:13c4::/48 maxlen: 48
2a00:e4c0::/32 maxlen: 32
2a01:9f40::/29 maxlen: 29
2a02:2088::/32 maxlen: 32
2a02:2088:1000::/36 maxlen: 36
2a02:2428::/32 maxlen: 32
2a02:2588::/29 maxlen: 29
2a03:1600::/32 maxlen: 32
2a03:7a00::/32 maxlen: 32
2a03:a820::/32 maxlen: 32
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dd:63:67:d9:66:5e:4b:f6:3a:69:17:a2:23:5e:73:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Feb 6 22:31:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94406a8f8ec7b04e1171802ca2a89f6030f9fafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:68:bb:cd:be:e5:3d:a6:ba:63:4a:ae:7d:
e1:6e:9d:e7:c9:50:28:47:57:cd:88:c9:9f:65:c7:
05:0b:d6:94:58:dd:4b:c7:13:6a:b6:93:fc:b2:0c:
29:e1:32:58:c1:c7:0b:73:6c:e5:63:9f:ec:fd:f0:
03:da:3e:0c:cf:96:fd:e8:a9:e2:f5:f1:a2:04:c5:
21:88:90:23:27:57:63:0a:44:93:14:a2:92:65:c8:
36:aa:3f:65:99:c6:19:44:10:aa:05:d3:63:62:53:
28:4e:6e:f4:3e:ef:ca:f8:a5:97:00:58:d7:98:67:
75:9c:52:d3:ff:cc:5c:ac:93:85:7f:68:d5:f8:95:
ea:c7:13:ed:36:12:b5:7f:ad:89:38:3a:fd:40:e5:
a9:a8:1f:36:35:af:2d:62:46:8d:17:70:65:f1:60:
06:4c:2b:df:d7:99:9b:ab:2b:91:be:84:04:ce:13:
dd:54:99:91:49:af:a6:ae:f1:b7:ed:4a:a3:8c:2e:
9a:a9:92:b8:69:c6:57:0d:dd:9d:bc:49:fe:11:e8:
c0:5c:32:4b:af:51:44:25:c2:00:f9:f5:43:ff:da:
d2:07:bb:c5:17:41:59:ed:f0:7f:fc:c2:dc:b8:01:
9c:6a:19:9a:06:1a:93:1f:b4:37:d8:d5:be:41:93:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:40:6A:8F:8E:C7:B0:4E:11:71:80:2C:A2:A8:9F:60:30:F9:FA:FD
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/lEBqj47HsE4RcYAsoqifYDD5-v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.48.0/20
31.10.56.0/21
45.159.116.0/22
46.183.56.0/21
46.231.72.0/21
77.95.192.0/21
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
80.90.128.0/20
80.243.236.0/22
80.251.240.0/20
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
93.92.48.0/21
93.93.32.0/21
94.241.64.0/18
109.108.96.0/19
176.102.128.0/19
178.17.80.0/20
185.78.12.0/22
185.82.236.0/22
185.108.60.0/22
185.157.240.0/22
188.119.96.0/22
193.42.128.0/22
193.107.252.0/22
213.19.0.0/17
213.155.32.0/19
213.250.192.0/18
217.170.96.0/20
217.196.112.0/20
217.197.144.0/20
IPv6:
2001:67c:13c4::/48
2a00:e4c0::/32
2a01:9f40::/29
2a02:2088::/32
2a02:2428::/32
2a02:2588::/29
2a03:1600::/32
2a03:7a00::/32
2a03:a820::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
b4:3c:c8:61:1a:dd:bc:90:f1:b2:42:3a:ec:45:d3:5e:82:e6:
22:f7:d4:4c:26:36:de:30:f5:13:28:9a:54:dc:27:26:54:75:
bd:21:74:60:b7:a4:6c:25:c5:12:31:27:4e:42:3e:46:02:41:
30:82:7e:3b:6c:2c:bf:6c:ce:e5:42:0d:6a:5a:c4:f7:c2:a6:
c7:e1:fb:4c:ac:89:f5:24:51:10:5f:0b:3d:2c:81:7b:b4:ef:
83:7e:9f:fd:25:5d:b2:36:46:85:4a:a9:33:a5:7f:f1:a7:d3:
a4:bf:e6:37:b4:33:61:33:8b:a3:fe:24:41:3b:4a:cc:92:fb:
f5:17:1d:60:d9:43:b3:ab:37:19:66:9d:91:81:71:d9:bf:e6:
5b:2d:09:77:60:60:01:ab:9d:60:8e:d2:0d:55:b8:4c:1e:8b:
76:7f:7b:ab:36:32:2a:1d:e2:0f:1d:73:b7:d5:dd:37:90:08:
67:8e:08:63:f7:26:53:3d:1f:9b:80:56:88:b0:f5:13:f8:ad:
5b:72:c3:d5:5b:cf:3b:03:fa:b5:3f:78:a6:6b:db:28:e4:5a:
a0:65:90:79:c3:67:e6:b0:0f:ff:fc:0f:ed:b5:b0:b0:94:a3:
b6:a2:d5:18:d8:50:b2:91:f3:2c:64:a8:9f:7a:ba:12:67:cf:
15:b7:ed:b9
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAZTdY2fZZl5L9jppF6IjXnMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjUwMjA2MjIzMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQwNmE4ZjhlYzdiMDRlMTE3MTgwMmNhMmE4OWY2MDMwZjlmYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphVou82+5T2mumNKrn3hbp3nyVAo
R1fNiMmfZccFC9aUWN1LxxNqtpP8sgwp4TJYwccLc2zlY5/s/fAD2j4Mz5b96Kni
9fGiBMUhiJAjJ1djCkSTFKKSZcg2qj9lmcYZRBCqBdNjYlMoTm70Pu/K+KWXAFjX
mGd1nFLT/8xcrJOFf2jV+JXqxxPtNhK1f62JODr9QOWpqB82Na8tYkaNF3Bl8WAG
TCvf15mbqyuRvoQEzhPdVJmRSa+mrvG37UqjjC6aqZK4acZXDd2dvEn+EejAXDJL
r1FEJcIA+fVD/9rSB7vFF0FZ7fB//MLcuAGcahmaBhqTH7Q32NW+QZPCjwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFJRAao+Ox7BOEXGALKKon2Aw+fr9MB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvbEVCcWo0N0hzRTRSY1lBc29xaWZZREQ1LXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCB0wQCAAEwgcwD
BAQFZjADBAMfCjgDBAItn3QDBAMutzgDBAMu50gDBANNX8ADBAZOiIADBAJQTogD
BAJQTwADBARQWoADBAJQ8+wDBARQ+/ADBAVYUUADBAVbuyADBARcPVADBANdXDAD
BANdXSADBAZe8UADBAVtbGADBAWwZoADBASyEVADBAK5TgwDBAK5UuwDBAK5bDwD
BAK5nfADBAK8d2ADBALBKoADBALBa/wDBAfVEwADBAXVmyADBAbV+sADBATZqmAD
BATZxHADBATZxZAwVQQCAAIwTwMHACABBnwTxAMFACoA5MADBQMqAZ9AAwUAKgIg
iAMFACoCJCgDBQMqAiWIAwUAKgMWAAMFACoDegADBQAqA6ggAwUDKgfMgAMFAyoM
i0AwDQYJKoZIhvcNAQELBQADggEBALQ8yGEa3byQ8bJCOuxF016C5iL31EwmNt4w
9RMomlTcJyZUdb0hdGC3pGwlxRIxJ05CPkYCQTCCfjtsLL9szuVCDWpaxPfCpsfh
+0ysifUkURBfCz0sgXu074N+n/0lXbI2RoVKqTOlf/Gn06S/5je0M2Ezi6P+JEE7
SsyS+/UXHWDZQ7OrNxlmnZGBcdm/5lstCXdgYAGrnWCO0g1VuEwei3Z/e6s2Miod
4g8dc7fV3TeQCGeOCGP3JlM9H5uAVoiw9RP4rVtyw9VbzzsD+rU/eKZr2yjkWqBl
kHnDZ+awD//8D+21sLCUo7ai1RjYULKR8yxkqJ96uhJnzxW37bk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:53:40 2025 by rpki-client