Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/c1M5ZXGJTKqZqEgNyU3MxDANzUc.roa
File: c1M5ZXGJTKqZqEgNyU3MxDANzUc.roa (raw, json)
Hash identifier: cQI1Y2cmWkphBZUmuqhu+JujkVUwx5YRi8iWvilqvJw=
Subject key identifier: 73:53:39:65:71:89:4C:AA:99:A8:48:0D:C9:4D:CC:C4:30:0D:CD:47
Certificate issuer: /CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Certificate serial: 17C45FA9
Authority key identifier: 70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/c1M5ZXGJTKqZqEgNyU3MxDANzUc.roa
Signing time: Mon 25 Apr 2022 05:19:20 +0000
ROA not before: Mon 25 Apr 2022 05:19:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34655
IP address blocks: 109.71.163.0/24 maxlen: 24
109.71.160.0/24 maxlen: 24
109.71.166.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
109.71.164.0/24 maxlen: 24
109.71.167.0/24 maxlen: 24
5.159.216.0/24 maxlen: 24
95.128.120.0/24 maxlen: 24
95.128.125.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
95.128.123.0/24 maxlen: 24
95.128.122.0/24 maxlen: 24
95.128.121.0/24 maxlen: 24
95.128.126.0/24 maxlen: 24
93.93.54.0/24 maxlen: 24
2a03:9c40:800::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 398745513 (0x17c45fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Validity
Not Before: Apr 25 05:19:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7353396571894caa99a8480dc94dccc4300dcd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c6:27:f8:86:6c:20:2d:f8:a3:97:37:a6:46:
1d:05:18:16:6c:45:42:14:8e:a3:80:23:16:41:46:
b9:4c:0f:6e:01:29:2f:f3:02:6a:84:8f:83:79:33:
98:ac:db:9f:ad:4a:a5:90:f7:98:62:e3:a3:e6:76:
e1:ff:a4:f1:f4:bc:06:c3:db:72:de:24:dd:95:2e:
b1:74:34:3b:cb:e2:ae:1f:cc:6c:18:21:fa:95:e0:
22:05:b4:b1:c4:75:5b:2a:57:a6:ad:e1:a4:44:e5:
47:65:e4:84:a1:69:63:dc:9a:5d:7c:39:57:4e:ae:
4d:74:4d:4b:3f:1b:34:c8:f2:0f:15:25:09:cf:30:
50:e8:51:90:05:5c:cc:07:e4:a9:bf:3a:fb:03:e8:
5c:04:22:7b:91:f7:50:aa:94:e0:93:c9:7c:e0:2e:
ae:74:fb:8d:0c:51:0b:ea:94:e1:ea:2f:e7:a2:31:
c5:2d:fb:17:40:a3:0d:dd:19:77:d6:0e:04:07:f0:
23:5d:0e:9f:d5:cf:c6:ae:98:4d:9d:d5:6d:5d:1b:
56:8f:42:e3:84:0e:4e:78:c2:e7:3b:89:f1:21:35:
c7:a7:eb:aa:d6:47:da:e4:12:1f:a9:21:1b:cc:02:
5c:2f:f6:9d:d1:97:57:13:0b:78:c9:4b:a0:ce:32:
98:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:53:39:65:71:89:4C:AA:99:A8:48:0D:C9:4D:CC:C4:30:0D:CD:47
X509v3 Authority Key Identifier:
keyid:70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/c1M5ZXGJTKqZqEgNyU3MxDANzUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/cE6wMksWcpndYGTbvzQNL5nEAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.216.0/24
93.93.54.0/24
95.128.120.0-95.128.126.255
109.71.160.0/24
109.71.163.0-109.71.167.255
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
2e:f2:83:6d:c9:8b:aa:23:27:71:4a:26:82:64:6b:8a:cf:c6:
12:df:74:c6:2f:69:b1:f0:07:65:e9:3a:4f:3f:cf:a8:a4:5e:
15:5c:21:d1:46:32:ad:68:bb:4d:6d:fd:fc:34:20:56:e5:ad:
81:30:66:a9:50:c7:70:20:de:85:61:19:95:92:4e:a8:d6:da:
92:57:20:13:56:d4:83:05:59:df:ae:a5:ba:67:21:c0:d3:ae:
ff:b4:ae:6c:48:6f:54:03:88:9a:f4:bd:8b:46:4e:d0:65:63:
ae:36:dd:a5:f8:3d:e2:8b:e3:38:b6:16:12:13:44:90:c7:ca:
00:3c:85:31:ca:d5:e6:91:a7:eb:76:77:66:1f:bc:72:8d:77:
7b:f5:e5:cc:8a:64:7e:e6:99:ee:a7:cc:9b:69:bc:8f:d0:6a:
02:9b:e2:a8:c7:77:a2:d4:1e:69:2b:c5:6d:61:fb:76:93:17:
ff:bb:ce:9a:9d:9e:41:92:cc:9c:46:b4:77:ce:b7:38:88:05:
27:31:b7:a2:29:47:ba:27:dd:81:04:9b:f8:82:64:19:56:45:
81:67:d2:b1:97:8d:56:8d:7c:16:68:da:94:f7:2c:55:24:b6:
e3:f5:e9:f8:b0:1c:57:1a:38:d9:01:84:e1:e3:73:47:e2:c8:
98:a6:89:29
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIEF8RfqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDRlYjAzMjRiMTY3Mjk5ZGQ2MDY0ZGJiZjM0MGQyZjk5YzQwMmMyMB4XDTIyMDQy
NTA1MTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM1MzM5NjU3MTg5
NGNhYTk5YTg0ODBkYzk0ZGNjYzQzMDBkY2Q0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjGJ/iGbCAt+KOXN6ZGHQUYFmxFQhSOo4AjFkFGuUwPbgEp
L/MCaoSPg3kzmKzbn61KpZD3mGLjo+Z24f+k8fS8BsPbct4k3ZUusXQ0O8virh/M
bBgh+pXgIgW0scR1WypXpq3hpETlR2XkhKFpY9yaXXw5V06uTXRNSz8bNMjyDxUl
Cc8wUOhRkAVczAfkqb86+wPoXAQie5H3UKqU4JPJfOAurnT7jQxRC+qU4eov56Ix
xS37F0CjDd0Zd9YOBAfwI10On9XPxq6YTZ3VbV0bVo9C44QOTnjC5zuJ8SE1x6fr
qtZH2uQSH6khG8wCXC/2ndGXVxMLeMlLoM4ymLMCAwEAAaOCAmYwggJiMB0GA1Ud
DgQWBBRzUzllcYlMqpmoSA3JTczEMA3NRzAfBgNVHSMEGDAWgBRwTrAySxZymd1g
ZNu/NA0vmcQCwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NFNndNa3NXY3BuZFlHVGJ2elFOTDVuRUFzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8x
L2MxTTVaWEdKVEtxWnFFZ055VTNNeERBTnpVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8xL2NFNndNa3NXY3Bu
ZFlHVGJ2elFOTDVuRUFzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB8
BggrBgEFBQcBBwEB/wRtMGswNAQCAAEwLgMEAAWf2AMEAF1dNjAMAwQDX4B4AwQA
X4B+AwQAbUegMAwDBABtR6MDBANtR6AwMwQCAAIwLQMHACoDnEAAAAMHACoDnEAC
AAMHACoDnEAEAAMHACoDnEAGAAMHACoDnEAIADANBgkqhkiG9w0BAQsFAAOCAQEA
LvKDbcmLqiMncUomgmRris/GEt90xi9psfAHZek6Tz/PqKReFVwh0UYyrWi7TW39
/DQgVuWtgTBmqVDHcCDehWEZlZJOqNbaklcgE1bUgwVZ366lumchwNOu/7SubEhv
VAOImvS9i0ZO0GVjrjbdpfg94ovjOLYWEhNEkMfKADyFMcrV5pGn63Z3Zh+8co13
e/XlzIpkfuaZ7qfMm2m8j9BqApviqMd3otQeaSvFbWH7dpMX/7vOmp2eQZLMnEa0
d863OIgFJzG3oilHuifdgQSb+IJkGVZFgWfSsZeNVo18FmjalPcsVSS24/Xp+LAc
Vxo42QGE4eNzR+LImKaJKQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:20 2025 by rpki-client