Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/Yvx48SkGnbleDMgDRZolv9328l4.roa
File: Yvx48SkGnbleDMgDRZolv9328l4.roa (raw, json)
Hash identifier: VM9lnJn636FMyFZ9YGO7nHxfHaoCF+SbINoWu3EeJy0=
Subject key identifier: 62:FC:78:F1:29:06:9D:B9:5E:0C:C8:03:45:9A:25:BF:DD:F6:F2:5E
Certificate issuer: /CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Certificate serial: 179C8154
Authority key identifier: 70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/Yvx48SkGnbleDMgDRZolv9328l4.roa
Signing time: Mon 11 Apr 2022 06:48:05 +0000
ROA not before: Mon 11 Apr 2022 06:48:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34655
IP address blocks: 5.159.216.0/24 maxlen: 24
95.128.120.0/24 maxlen: 24
95.128.125.0/24 maxlen: 24
95.128.121.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
95.128.126.0/24 maxlen: 24
2a03:9c40::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:800::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396132692 (0x179c8154)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Validity
Not Before: Apr 11 06:48:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62fc78f129069db95e0cc803459a25bfddf6f25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:98:aa:77:ba:40:ab:24:ee:63:e7:a4:a2:
90:3e:50:19:9d:ad:ba:92:f2:e5:69:cc:be:60:e8:
cf:60:85:d1:db:8d:8c:8b:6a:1a:43:10:4e:89:11:
7c:42:20:05:7f:6f:9f:02:d2:6e:7f:d1:c8:a9:eb:
77:30:fe:92:97:83:3f:f0:37:97:0e:d5:4c:4e:10:
bc:fe:ff:27:cf:6e:62:17:70:e3:94:6f:e4:84:eb:
22:de:68:18:08:e6:2e:f9:c0:b3:fb:f9:ac:7a:4c:
e4:21:7a:95:4f:06:53:b1:6f:8d:0b:78:b4:5a:5c:
ea:2a:72:11:9e:ea:9f:6e:16:f7:94:4a:5d:14:94:
03:5a:39:17:2f:53:24:11:4c:87:87:7b:55:96:b9:
0a:21:e4:99:6e:1f:f1:11:2b:2d:00:e4:b8:50:cb:
a6:76:0a:05:cc:61:bc:59:be:87:92:e3:bb:ad:f9:
1c:71:21:ee:00:1a:94:0f:52:73:b5:65:c2:7c:ef:
81:38:d4:29:d8:7b:ee:ee:a1:eb:9f:bf:1f:ea:6c:
8b:e4:2a:f9:60:7a:5c:7d:9e:47:a8:1d:1b:cb:b5:
0e:89:94:90:6f:3b:6d:2d:68:3e:3e:c0:c8:f5:a7:
d0:17:f6:03:aa:f1:61:2c:80:7d:1d:f7:d8:ec:24:
da:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FC:78:F1:29:06:9D:B9:5E:0C:C8:03:45:9A:25:BF:DD:F6:F2:5E
X509v3 Authority Key Identifier:
keyid:70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/Yvx48SkGnbleDMgDRZolv9328l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/cE6wMksWcpndYGTbvzQNL5nEAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.216.0/24
95.128.120.0/23
95.128.124.0-95.128.126.255
109.71.165.0/24
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
7d:a7:09:29:c6:34:44:f6:13:e0:e5:a5:c6:d7:f0:2d:dc:2e:
36:5b:7c:ff:1a:8f:da:c1:35:7f:13:05:de:e1:17:02:fa:0c:
6d:6e:c8:c9:85:18:61:c7:af:0c:2f:b0:06:c6:55:62:49:43:
96:34:55:b5:c3:b1:f9:c8:58:6b:a4:6b:df:82:6a:85:b0:6e:
6a:73:e0:79:f1:d2:eb:e8:b3:8c:19:74:9d:e9:3a:31:22:54:
80:57:72:ae:c4:61:06:96:4c:45:53:4b:2e:f4:8c:76:c4:13:
8d:6b:b9:19:bd:bf:2d:45:bc:ed:36:40:e6:7a:1d:98:a8:ba:
f8:76:fa:f3:27:04:c9:22:29:68:2c:cc:b9:b2:61:1d:1a:8b:
10:49:fd:21:86:21:bb:91:9a:e6:ce:a9:18:12:32:bd:26:0e:
36:c2:ab:68:87:17:ad:6a:1e:c3:6e:29:aa:91:d2:6a:1c:06:
68:16:60:6f:47:a3:17:f3:b2:ce:74:1c:3a:48:ab:a1:2a:89:
24:36:b0:fe:4a:23:86:05:86:9a:35:ba:2b:c1:19:f6:f0:f4:
0f:7c:f8:32:5d:91:72:0f:65:53:3d:07:16:16:e3:d6:71:cf:
3b:d0:61:86:7f:a2:67:67:43:2c:58:2e:1b:f1:29:02:fb:89:
24:0d:ff:31
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIEF5yBVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDRlYjAzMjRiMTY3Mjk5ZGQ2MDY0ZGJiZjM0MGQyZjk5YzQwMmMyMB4XDTIyMDQx
MTA2NDgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJmYzc4ZjEyOTA2
OWRiOTVlMGNjODAzNDU5YTI1YmZkZGY2ZjI1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq1mKp3ukCrJO5j56SikD5QGZ2tupLy5WnMvmDoz2CF0duN
jItqGkMQTokRfEIgBX9vnwLSbn/RyKnrdzD+kpeDP/A3lw7VTE4QvP7/J89uYhdw
45Rv5ITrIt5oGAjmLvnAs/v5rHpM5CF6lU8GU7FvjQt4tFpc6ipyEZ7qn24W95RK
XRSUA1o5Fy9TJBFMh4d7VZa5CiHkmW4f8RErLQDkuFDLpnYKBcxhvFm+h5Lju635
HHEh7gAalA9Sc7VlwnzvgTjUKdh77u6h65+/H+psi+Qq+WB6XH2eR6gdG8u1DomU
kG87bS1oPj7AyPWn0Bf2A6rxYSyAfR332Owk2u0CAwEAAaOCAlgwggJUMB0GA1Ud
DgQWBBRi/HjxKQaduV4MyANFmiW/3fbyXjAfBgNVHSMEGDAWgBRwTrAySxZymd1g
ZNu/NA0vmcQCwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NFNndNa3NXY3BuZFlHVGJ2elFOTDVuRUFzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8x
L1l2eDQ4U2tHbmJsZURNZ0RSWm9sdjkzMjhsNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8xL2NFNndNa3NXY3Bu
ZFlHVGJ2elFOTDVuRUFzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBu
BggrBgEFBQcBBwEB/wRfMF0wJgQCAAEwIAMEAAWf2AMEAV+AeDAMAwQCX4B8AwQA
X4B+AwQAbUelMDMEAgACMC0DBwAqA5xAAAADBwAqA5xAAgADBwAqA5xABAADBwAq
A5xABgADBwAqA5xACAAwDQYJKoZIhvcNAQELBQADggEBAH2nCSnGNET2E+DlpcbX
8C3cLjZbfP8aj9rBNX8TBd7hFwL6DG1uyMmFGGHHrwwvsAbGVWJJQ5Y0VbXDsfnI
WGuka9+CaoWwbmpz4Hnx0uvos4wZdJ3pOjEiVIBXcq7EYQaWTEVTSy70jHbEE41r
uRm9vy1FvO02QOZ6HZiouvh2+vMnBMkiKWgszLmyYR0aixBJ/SGGIbuRmubOqRgS
Mr0mDjbCq2iHF61qHsNuKaqR0mocBmgWYG9Hoxfzss50HDpIq6EqiSQ2sP5KI4YF
hpo1uivBGfbw9A98+DJdkXIPZVM9BxYW49ZxzzvQYYZ/omdnQyxYLhvxKQL7iSQN
/zE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:20 2025 by rpki-client