Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/5SFqxUfD12H1duQ-QG1u4KOCZd0.roa
File: 5SFqxUfD12H1duQ-QG1u4KOCZd0.roa (raw, json)
Hash identifier: O9pDIywZXstY1nZwqPhi1dLOEeIOunVwDnAsAfkJNHg=
Subject key identifier: E5:21:6A:C5:47:C3:D7:61:F5:76:E4:3E:40:6D:6E:E0:A3:82:65:DD
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0190C4AE9675FA14293E58F13E72779A1212
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/5SFqxUfD12H1duQ-QG1u4KOCZd0.roa
Signing time: Thu 18 Jul 2024 07:11:34 +0000
ROA not before: Thu 18 Jul 2024 07:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12301
IP address blocks: 79.172.226.0/24 maxlen: 24
79.172.230.0/23 maxlen: 23
87.229.20.0/23 maxlen: 23
87.229.40.0/24 maxlen: 24
87.229.51.0/24 maxlen: 24
87.229.56.0/24 maxlen: 24
95.138.198.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c4:ae:96:75:fa:14:29:3e:58:f1:3e:72:77:9a:12:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 18 07:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5216ac547c3d761f576e43e406d6ee0a38265dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:21:a7:01:6b:69:54:2a:df:cb:a3:63:5b:
37:d5:ad:b5:2f:9f:91:93:96:62:6f:7d:9e:5b:ea:
ea:58:00:ab:bf:26:bf:ff:39:17:39:22:82:7a:c4:
20:84:d4:03:dd:c4:0c:17:25:ef:d5:32:8a:54:b4:
83:16:87:b7:44:b2:1d:24:92:e3:31:ef:f9:29:6b:
3c:9e:21:88:41:b7:c9:08:b6:2e:30:dc:27:85:7a:
52:2a:08:d6:07:c1:48:34:bb:b6:2d:48:bb:3a:75:
09:57:c4:3b:f2:1c:cf:e4:8c:af:ce:b1:6c:93:82:
3f:42:1e:f5:ec:85:f8:02:7d:08:19:b2:be:3a:98:
f1:de:c9:b6:7a:b0:e9:2c:d5:d6:e7:27:d4:ba:45:
81:63:30:c4:8f:c9:92:ed:7f:53:58:b0:7f:33:82:
0b:f5:80:b3:df:64:bb:db:fa:62:df:11:4b:22:e8:
da:e3:f1:6f:bd:df:62:3a:9d:43:90:18:8a:a1:fa:
25:9f:f0:57:73:35:a5:b1:db:6c:31:b8:7b:ad:1f:
78:23:35:b5:4b:92:c9:1d:f5:8f:5c:55:76:9b:a9:
0e:f7:fc:ec:f2:f9:83:f9:c8:c2:26:27:23:c9:78:
ad:ec:91:a0:46:0e:ba:b0:16:2e:a2:95:4c:1f:0d:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:21:6A:C5:47:C3:D7:61:F5:76:E4:3E:40:6D:6E:E0:A3:82:65:DD
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/5SFqxUfD12H1duQ-QG1u4KOCZd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.226.0/24
79.172.230.0/23
87.229.20.0/23
87.229.40.0/24
87.229.51.0/24
87.229.56.0/24
95.138.198.0/24
213.181.218.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:80:0a:7b:bd:ae:49:2f:1a:bd:e2:30:80:26:94:e0:d9:a9:
12:eb:87:18:7f:75:94:ff:30:35:34:6a:b8:c0:90:64:e2:2d:
aa:06:67:fd:e6:30:68:88:cd:b9:b6:59:e9:23:8f:fb:76:92:
d8:15:0e:a3:9c:cd:d3:98:6a:b9:83:22:37:cd:b2:b8:36:dd:
3b:1d:d9:92:6d:e4:91:6a:a2:70:de:b1:34:77:77:cc:a1:50:
9e:5f:aa:21:9b:b5:49:78:32:3d:50:04:5b:fa:9f:99:a3:70:
87:94:8f:89:46:c3:bb:86:6f:3f:0f:22:2d:1a:d0:45:84:02:
ba:f3:f5:1e:2e:77:89:dc:35:25:56:04:e4:93:51:5a:f9:50:
5a:37:b8:f5:0c:89:ee:4e:44:97:f6:5e:37:98:f6:16:4e:83:
4c:53:13:2d:ff:2d:36:7a:7d:a5:16:7a:1e:b2:32:04:b7:ad:
f3:a2:47:2e:18:8b:9c:1b:cb:7f:cf:04:95:a8:23:57:27:1c:
10:eb:3b:4d:57:8f:7a:be:98:9d:2e:8f:30:f4:ea:58:7e:ce:
09:55:ee:26:8d:ae:b7:42:4c:da:2f:79:00:81:93:70:98:f4:
e7:7c:b6:10:91:d9:4d:6c:c0:af:29:da:e9:6f:d6:59:e1:3b:
41:43:b2:79
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZDErpZ1+hQpPljxPnJ3mhISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwNzE4MDcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTIxNmFjNTQ3YzNkNzYxZjU3NmU0M2U0MDZkNmVlMGEzODI2NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIkhpwFraVQq38ujY1s31a21L5+R
k5Zib32eW+rqWACrvya//zkXOSKCesQghNQD3cQMFyXv1TKKVLSDFoe3RLIdJJLj
Me/5KWs8niGIQbfJCLYuMNwnhXpSKgjWB8FINLu2LUi7OnUJV8Q78hzP5IyvzrFs
k4I/Qh717IX4An0IGbK+Opjx3sm2erDpLNXW5yfUukWBYzDEj8mS7X9TWLB/M4IL
9YCz32S72/pi3xFLIuja4/Fvvd9iOp1DkBiKofoln/BXczWlsdtsMbh7rR94IzW1
S5LJHfWPXFV2m6kO9/zs8vmD+cjCJicjyXit7JGgRg66sBYuopVMHw1klQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOUhasVHw9dh9XbkPkBtbuCjgmXdMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNVNGcXhVZkQxMkgxZHVRLVFHMXU0S09DWmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAT6ziAwQB
T6zmAwQBV+UUAwQAV+UoAwQAV+UzAwQAV+U4AwQAX4rGAwQA1bXaMA0GCSqGSIb3
DQEBCwUAA4IBAQBrgAp7va5JLxq94jCAJpTg2akS64cYf3WU/zA1NGq4wJBk4i2q
Bmf95jBoiM25tlnpI4/7dpLYFQ6jnM3TmGq5gyI3zbK4Nt07HdmSbeSRaqJw3rE0
d3fMoVCeX6ohm7VJeDI9UARb+p+Zo3CHlI+JRsO7hm8/DyItGtBFhAK68/UeLneJ
3DUlVgTkk1Fa+VBaN7j1DInuTkSX9l43mPYWToNMUxMt/y02en2lFnoesjIEt63z
okcuGIucG8t/zwSVqCNXJxwQ6ztNV496vpidLo8w9OpYfs4JVe4mja63QkzaL3kA
gZNwmPTnfLYQkdlNbMCvKdrpb9ZZ4TtBQ7J5
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:29 2025 by rpki-client