Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/pUwT5WPNwZ36CRQfdZy_qy0h7Bw.roa
File: pUwT5WPNwZ36CRQfdZy_qy0h7Bw.roa (raw, json)
Hash identifier: jkKjJfJmkg4E68Fod/wXsJ/Vl/Yl+Hk0+HkH2tCfw7I=
Subject key identifier: A5:4C:13:E5:63:CD:C1:9D:FA:09:14:1F:75:9C:BF:AB:2D:21:EC:1C
Certificate issuer: /CN=addd2a815060aa7e621a2094349758b2036896f0
Certificate serial: 0195C790CC0A2B2FC62C95562D63E28B5376
Authority key identifier: AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/pUwT5WPNwZ36CRQfdZy_qy0h7Bw.roa
Signing time: Mon 24 Mar 2025 09:51:50 +0000
ROA not before: Mon 24 Mar 2025 09:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.59.51.0/24 maxlen: 24
31.40.208.0/22 maxlen: 22
31.40.252.0/22 maxlen: 22
37.44.252.0/22 maxlen: 22
77.83.8.0/22 maxlen: 22
77.83.16.0/22 maxlen: 22
78.136.196.0/22 maxlen: 22
78.136.200.0/21 maxlen: 21
78.153.137.0/24 maxlen: 24
78.153.138.0/24 maxlen: 24
78.153.147.0/24 maxlen: 24
83.171.252.0/22 maxlen: 22
83.172.60.0/22 maxlen: 22
83.172.61.0/24 maxlen: 24
85.115.200.0/22 maxlen: 22
89.107.136.0/22 maxlen: 22
91.103.110.0/23 maxlen: 23
94.126.24.0/21 maxlen: 24
94.126.30.0/24 maxlen: 24
109.94.220.0/22 maxlen: 22
109.236.52.0/22 maxlen: 22
109.237.104.0/24 maxlen: 24
178.34.152.0/21 maxlen: 21
178.34.176.0/20 maxlen: 20
178.173.124.0/22 maxlen: 22
185.64.44.0/22 maxlen: 22
188.119.76.0/22 maxlen: 22
188.124.224.0/21 maxlen: 21
188.124.248.0/21 maxlen: 21
193.47.44.0/22 maxlen: 22
193.56.64.0/22 maxlen: 22
193.56.72.0/22 maxlen: 22
193.148.52.0/22 maxlen: 22
217.197.172.0/22 maxlen: 22
2a04:f800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:90:cc:0a:2b:2f:c6:2c:95:56:2d:63:e2:8b:53:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=addd2a815060aa7e621a2094349758b2036896f0
Validity
Not Before: Mar 24 09:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a54c13e563cdc19dfa09141f759cbfab2d21ec1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3f:b7:e0:87:12:70:1a:cc:55:57:4e:d0:d0:
36:62:d4:b8:dc:67:1b:5f:76:4c:a8:ce:b9:11:21:
62:fa:fe:a9:e9:b1:e4:71:60:b9:53:77:ab:de:96:
a5:13:19:8a:fe:58:78:86:42:49:c8:8d:8f:ab:3f:
f7:d9:15:43:a0:38:af:b5:3e:3c:05:d4:13:bd:c9:
dd:ee:53:89:b0:97:cd:b4:d1:6d:73:b9:97:47:83:
8e:79:73:72:26:a2:61:11:01:b3:f9:96:19:ba:8d:
be:1d:af:69:95:1f:ec:58:05:f0:04:56:78:4b:d4:
cb:d2:1c:09:c0:ce:10:43:f2:22:17:09:d5:2b:90:
53:3f:aa:82:c0:c4:35:5e:6c:bd:ba:f0:22:64:f5:
d3:af:72:d5:96:b2:ac:16:de:cc:a4:5e:cb:66:08:
bd:2a:22:1d:a7:b9:25:5f:fe:90:c7:f2:0a:6c:dd:
bd:78:45:69:7e:6d:d7:f6:c5:9e:4f:6e:2a:ca:2c:
5a:16:92:0f:03:ea:1b:5d:9e:1c:17:68:6e:a7:45:
c1:c8:1c:d1:06:c2:c4:34:78:d4:d1:55:61:57:9f:
50:41:04:18:80:14:a5:aa:63:ac:a1:98:ef:7a:1b:
d9:55:ab:3f:46:bf:47:03:26:8d:9e:77:c0:db:98:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4C:13:E5:63:CD:C1:9D:FA:09:14:1F:75:9C:BF:AB:2D:21:EC:1C
X509v3 Authority Key Identifier:
keyid:AD:DD:2A:81:50:60:AA:7E:62:1A:20:94:34:97:58:B2:03:68:96:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rd0qgVBgqn5iGiCUNJdYsgNolvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/pUwT5WPNwZ36CRQfdZy_qy0h7Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4fa48-3be8-4fa3-a436-8a0d0bf0b577/1/rd0qgVBgqn5iGiCUNJdYsgNolvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.51.0/24
31.40.208.0/22
31.40.252.0/22
37.44.252.0/22
77.83.8.0/22
77.83.16.0/22
78.136.196.0-78.136.207.255
78.153.137.0-78.153.138.255
78.153.147.0/24
83.171.252.0/22
83.172.60.0/22
85.115.200.0/22
89.107.136.0/22
91.103.110.0/23
94.126.24.0/21
109.94.220.0/22
109.236.52.0/22
109.237.104.0/24
178.34.152.0/21
178.34.176.0/20
178.173.124.0/22
185.64.44.0/22
188.119.76.0/22
188.124.224.0/21
188.124.248.0/21
193.47.44.0/22
193.56.64.0/22
193.56.72.0/22
193.148.52.0/22
217.197.172.0/22
IPv6:
2a04:f800::/29
Signature Algorithm: sha256WithRSAEncryption
71:35:51:a6:47:05:79:05:66:52:97:52:2b:1f:0a:2b:51:90:
a3:f9:f7:4b:1e:de:9b:8c:1b:34:a8:05:1a:cf:d1:f7:ba:68:
4a:35:f0:06:59:0e:1f:7f:ac:64:04:01:38:7e:15:f1:8d:8f:
e3:13:fa:36:e1:ad:47:b8:b1:a4:ee:6e:ff:e3:ae:c5:d9:31:
e1:c3:41:92:27:d7:97:19:7b:22:ae:a4:3b:61:03:a7:82:f7:
5c:ff:b9:ea:a7:e3:4b:f6:4c:e7:37:22:99:2e:4e:24:98:94:
9a:22:00:aa:e6:80:1b:a3:33:bd:b2:3a:23:f1:e8:2c:1d:b7:
93:dc:7d:3d:09:69:e6:a5:ba:f8:cd:c1:24:86:e5:8a:cc:71:
a0:4d:f5:73:b1:80:cd:99:d7:af:7d:0d:c4:68:60:1b:6f:2e:
ae:f5:e5:89:e3:8c:a7:42:90:9f:2f:2f:2c:e7:99:af:00:bf:
a5:0d:d3:ff:56:ef:b8:39:4b:65:f6:75:08:5e:93:7f:ba:57:
2a:bd:33:47:0d:a0:22:cb:1a:be:c9:3e:88:24:63:33:49:17:
02:97:01:fe:e0:5b:87:0a:c0:a1:d6:4f:c4:4d:38:f2:8b:e1:
ae:0c:69:bd:d5:f3:ff:0b:15:69:af:d6:e3:06:6b:06:57:64:
19:33:ac:0e
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAZXHkMwKKy/GLJVWLWPii1N2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZGQyYTgxNTA2MGFhN2U2MjFhMjA5NDM0OTc1OGIyMDM2
ODk2ZjAwHhcNMjUwMzI0MDk1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRjMTNlNTYzY2RjMTlkZmEwOTE0MWY3NTljYmZhYjJkMjFlYzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD+34IcScBrMVVdO0NA2YtS43Gcb
X3ZMqM65ESFi+v6p6bHkcWC5U3er3palExmK/lh4hkJJyI2Pqz/32RVDoDivtT48
BdQTvcnd7lOJsJfNtNFtc7mXR4OOeXNyJqJhEQGz+ZYZuo2+Ha9plR/sWAXwBFZ4
S9TL0hwJwM4QQ/IiFwnVK5BTP6qCwMQ1Xmy9uvAiZPXTr3LVlrKsFt7MpF7LZgi9
KiIdp7klX/6Qx/IKbN29eEVpfm3X9sWeT24qyixaFpIPA+obXZ4cF2hup0XByBzR
BsLENHjU0VVhV59QQQQYgBSlqmOsoZjvehvZVas/Rr9HAyaNnnfA25hpEwIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFKVME+VjzcGd+gkUH3Wcv6stIewcMB8GA1UdIwQY
MBaAFK3dKoFQYKp+YhoglDSXWLIDaJbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmQwcWdWQmdxbjVpR2lDVU5KZFlzZ05vbHZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNGZhNDgtM2JlOC00ZmEzLWE0MzYt
OGEwZDBiZjBiNTc3LzEvcFV3VDVXUE53WjM2Q1JRZmRaeV9xeTBoN0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNGZhNDgtM2JlOC00ZmEzLWE0MzYtOGEwZDBiZjBiNTc3
LzEvcmQwcWdWQmdxbjVpR2lDVU5KZFlzZ05vbHZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCBywQCAAEwgcQDBAAC
OzMDBAIfKNADBAIfKPwDBAIlLPwDBAJNUwgDBAJNUxAwDAMEAk6IxAMEBE6IwDAM
AwQATpmJAwQATpmKAwQATpmTAwQCU6v8AwQCU6w8AwQCVXPIAwQCWWuIAwQBW2du
AwQDXn4YAwQCbV7cAwQCbew0AwQAbe1oAwQDsiKYAwQEsiKwAwQCsq18AwQCuUAs
AwQCvHdMAwQDvHzgAwQDvHz4AwQCwS8sAwQCwThAAwQCwThIAwQCwZQ0AwQC2cWs
MA0EAgACMAcDBQMqBPgAMA0GCSqGSIb3DQEBCwUAA4IBAQBxNVGmRwV5BWZSl1Ir
HworUZCj+fdLHt6bjBs0qAUaz9H3umhKNfAGWQ4ff6xkBAE4fhXxjY/jE/o24a1H
uLGk7m7/467F2THhw0GSJ9eXGXsirqQ7YQOngvdc/7nqp+NL9kznNyKZLk4kmJSa
IgCq5oAbozO9sjoj8egsHbeT3H09CWnmpbr4zcEkhuWKzHGgTfVzsYDNmdevfQ3E
aGAbby6u9eWJ44ynQpCfLy8s55mvAL+lDdP/Vu+4OUtl9nUIXpN/ulcqvTNHDaAi
yxq+yT6IJGMzSRcClwH+4FuHCsCh1k/ETTjyi+GuDGm91fP/CxVpr9bjBmsGV2QZ
M6wO
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:59:01 2025 by rpki-client