Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/GkzUiQjxAwqkp5Z39cxt3GUWIng.roa
File: GkzUiQjxAwqkp5Z39cxt3GUWIng.roa (raw, json)
Hash identifier: vLNapJVPwIEWIsnPkWMH8DeeJJAdXd67gcOUXS+rDWA=
Subject key identifier: 1A:4C:D4:89:08:F1:03:0A:A4:A7:96:77:F5:CC:6D:DC:65:16:22:78
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 0194274867A0602E672F33D7C387AB7F277A
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/GkzUiQjxAwqkp5Z39cxt3GUWIng.roa
Signing time: Thu 02 Jan 2025 13:50:44 +0000
ROA not before: Thu 02 Jan 2025 13:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
185.28.240.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
206.245.213.0/24 maxlen: 24
206.245.224.0/21 maxlen: 21
206.245.232.0/22 maxlen: 22
206.245.236.0/23 maxlen: 23
2a00:e340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:67:a0:60:2e:67:2f:33:d7:c3:87:ab:7f:27:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jan 2 13:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a4cd48908f1030aa4a79677f5cc6ddc65162278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:65:b8:c8:c3:f5:56:a8:c9:b4:78:53:b4:
33:02:a9:87:8f:c6:ff:87:b8:2d:8c:07:15:0d:49:
ff:8a:f7:c0:b2:5a:e2:ea:c6:8c:5a:0a:8e:f4:30:
ea:a0:91:98:5a:93:ae:3e:9e:b2:07:b2:da:49:b0:
23:50:9d:3c:6c:de:b1:19:60:12:37:03:07:79:61:
b3:ce:24:96:a2:72:9a:d6:2c:c0:bd:a7:7f:c9:9b:
83:df:2a:9c:c8:84:89:70:27:94:c4:d3:f4:83:31:
31:b4:d8:88:dd:d9:6d:1a:5f:c9:0e:92:37:16:62:
90:3c:1d:ad:a4:49:0c:41:c9:23:41:46:cf:d4:7d:
80:1e:3f:aa:de:39:e1:67:75:e0:1f:3d:54:25:e7:
a1:65:b6:3b:7c:10:fa:60:f1:ed:36:89:cf:1d:1c:
a3:72:a8:72:fb:6f:4a:98:75:12:e6:46:16:9b:88:
3b:16:f0:95:5f:96:d6:e1:73:d3:cd:5c:e5:11:78:
19:92:05:e5:cc:2c:fe:e1:1a:5e:19:b8:a7:65:41:
a0:b7:bb:d8:bd:f8:f2:59:71:7b:b7:8e:f3:a4:77:
35:b5:33:58:72:c4:ab:87:7d:32:30:60:87:63:2c:
5f:c9:30:ec:7a:38:45:44:38:11:29:d0:5b:ba:65:
8a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:4C:D4:89:08:F1:03:0A:A4:A7:96:77:F5:CC:6D:DC:65:16:22:78
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/GkzUiQjxAwqkp5Z39cxt3GUWIng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.213.0/24
206.245.224.0-206.245.237.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
00:52:3f:14:af:9b:8d:0a:57:d3:07:ac:a6:39:0b:30:b2:bf:
43:00:5f:2c:8d:61:74:9b:3e:a4:2c:4b:ad:e5:61:b3:38:ed:
6b:63:bf:e9:b7:de:f6:02:37:eb:2f:c5:80:7d:20:3b:01:34:
1a:29:23:08:91:16:59:43:a3:4b:04:93:b4:82:bf:6a:82:9c:
eb:c7:e7:6a:de:d3:94:ef:20:ed:b7:e4:be:37:8c:f9:5d:97:
43:e9:9c:c5:9e:c8:4e:c3:36:1a:6c:b0:4b:0f:9f:84:f1:6b:
7f:f8:8e:f8:af:85:b0:41:a7:9c:ea:36:e7:5e:ce:d7:c0:0b:
1e:11:ae:f6:42:de:c8:64:e9:d9:ba:aa:a6:9b:17:a4:d3:0a:
b2:72:bc:76:5c:2e:95:4e:c3:b8:11:c5:3f:e2:e4:93:ea:40:
e6:45:35:5e:50:78:98:7d:2a:48:ee:9b:b5:21:20:14:5e:a4:
0f:cf:30:1f:a8:48:b9:e7:b5:46:71:32:6b:48:2c:09:ef:f1:
54:fc:fa:91:90:82:6f:ab:ed:bf:1d:10:3f:a5:9f:db:62:3f:
2e:36:18:fb:3b:08:04:0a:dd:91:00:ad:cc:b7:7c:5f:47:ae:
4b:96:1f:c7:bb:8e:9d:b1:97:cb:ac:d5:df:36:08:c6:52:f0:
4e:3e:24:aa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQnSGegYC5nLzPXw4erfyd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjUwMTAyMTM1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTRjZDQ4OTA4ZjEwMzBhYTRhNzk2NzdmNWNjNmRkYzY1MTYyMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQRluMjD9VaoybR4U7QzAqmHj8b/
h7gtjAcVDUn/ivfAslri6saMWgqO9DDqoJGYWpOuPp6yB7LaSbAjUJ08bN6xGWAS
NwMHeWGzziSWonKa1izAvad/yZuD3yqcyISJcCeUxNP0gzExtNiI3dltGl/JDpI3
FmKQPB2tpEkMQckjQUbP1H2AHj+q3jnhZ3XgHz1UJeehZbY7fBD6YPHtNonPHRyj
cqhy+29KmHUS5kYWm4g7FvCVX5bW4XPTzVzlEXgZkgXlzCz+4RpeGbinZUGgt7vY
vfjyWXF7t47zpHc1tTNYcsSrh30yMGCHYyxfyTDsejhFRDgRKdBbumWK6wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFBpM1IkI8QMKpKeWd/XMbdxlFiJ4MB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvR2t6VWlRanhBd3FrcDVaMzljeHQzR1VXSW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBAUKkAME
BVKjwAMEAFvu3QMDAJBiAwQGnilAAwMApUEDBAK5HPADBAK5eMwDBAK57TADBAHB
ALADBAXB3YADBAHCCP4DBADO9dUwDAMEBc714AMEAc717DANBAIAAjAHAwUDKgDj
QDANBgkqhkiG9w0BAQsFAAOCAQEAAFI/FK+bjQpX0wespjkLMLK/QwBfLI1hdJs+
pCxLreVhszjta2O/6bfe9gI36y/FgH0gOwE0GikjCJEWWUOjSwSTtIK/aoKc68fn
at7TlO8g7bfkvjeM+V2XQ+mcxZ7ITsM2GmywSw+fhPFrf/iO+K+FsEGnnOo2517O
18ALHhGu9kLeyGTp2bqqppsXpNMKsnK8dlwulU7DuBHFP+Lkk+pA5kU1XlB4mH0q
SO6btSEgFF6kD88wH6hIuee1RnEya0gsCe/xVPz6kZCCb6vtvx0QP6Wf22I/LjYY
+zsIBArdkQCtzLd8X0euS5Yfx7uOnbGXy6zV3zYIxlLwTj4kqg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:27 2025 by rpki-client