Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/a-X3or7INLR4ufjB9kuZV5a-EWw.roa
File: a-X3or7INLR4ufjB9kuZV5a-EWw.roa (raw, json)
Hash identifier: sniBfUMDypmwdmcp8fUhggMJCblXPCEL7WLhlXEA+cI=
Subject key identifier: 6B:E5:F7:A2:BE:C8:34:B4:78:B9:F8:C1:F6:4B:99:57:96:BE:11:6C
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01942825366E2C518CEA143E3EC1F24E967E
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/a-X3or7INLR4ufjB9kuZV5a-EWw.roa
Signing time: Thu 02 Jan 2025 17:51:54 +0000
ROA not before: Thu 02 Jan 2025 17:51:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:36:6e:2c:51:8c:ea:14:3e:3e:c1:f2:4e:96:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 2 17:51:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6be5f7a2bec834b478b9f8c1f64b995796be116c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:54:92:2a:be:13:dd:69:4d:97:73:77:dc:05:
2e:29:ce:fd:24:47:34:32:af:34:2f:b3:2e:97:ca:
11:37:d5:29:ac:16:f8:f5:8e:e8:79:1c:c4:f8:3f:
ef:aa:ef:46:92:42:13:e5:45:ff:6e:54:99:b6:a4:
74:92:d2:ac:69:96:9c:e9:44:27:7d:ca:e7:3b:d7:
ff:e3:bf:dc:24:b1:d3:0d:8b:de:01:5f:66:4f:33:
42:2f:e6:90:b6:bf:1a:86:9c:28:75:0b:a4:72:59:
e4:3d:ef:4f:b3:fd:c6:34:97:85:85:b1:47:58:c4:
14:92:bc:8b:cb:d2:02:2e:c6:b5:d5:5f:92:07:00:
b2:55:5a:7f:53:d3:95:8b:9d:69:d3:00:2e:e0:7b:
1d:7b:e5:ed:4b:df:64:58:f4:d3:eb:1e:06:09:91:
77:55:88:e5:18:29:21:c8:c3:a6:be:5c:f0:01:ea:
df:a4:62:9d:dc:95:9b:e3:43:29:2b:f6:02:af:73:
19:ad:59:c5:26:c2:bd:e7:86:36:bd:30:00:ea:c8:
76:0a:1e:e5:07:4b:61:46:11:6a:88:21:1c:8c:09:
73:ff:56:1c:97:53:b8:41:34:3a:8c:6e:99:eb:9e:
fd:d8:7e:39:92:3f:14:fd:33:ad:a1:3f:59:d6:66:
2c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E5:F7:A2:BE:C8:34:B4:78:B9:F8:C1:F6:4B:99:57:96:BE:11:6C
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/a-X3or7INLR4ufjB9kuZV5a-EWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.92.0/23
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
Signature Algorithm: sha256WithRSAEncryption
32:41:c1:d5:f0:8a:0e:bf:72:21:4c:d8:64:28:8d:1e:fc:1a:
48:fc:8e:33:e5:73:04:cb:4a:d5:6e:43:6f:8a:73:e2:1a:2c:
c5:46:08:4a:26:ee:ac:93:a8:ce:93:e1:22:d0:12:b3:f6:7c:
51:cd:31:05:fc:e4:85:ba:49:86:ba:47:1d:3d:98:01:36:3d:
2c:9f:be:3a:58:32:ea:c7:b9:fa:07:04:81:28:18:2e:73:ce:
ef:86:11:9e:1f:79:5b:94:7d:86:3d:3e:65:93:1b:87:cb:68:
4d:59:89:2a:df:fb:72:05:ff:cc:6c:20:f1:87:0d:ba:c9:f3:
07:ad:34:f7:4a:38:61:b3:df:8b:df:c3:2a:84:f9:e9:9c:57:
b3:80:31:9d:c3:33:b4:66:98:03:b9:7c:94:30:6b:fe:93:30:
cd:6f:e5:04:dd:5f:6e:46:59:61:87:eb:10:e3:85:c0:bb:f7:
17:ad:8b:ad:c1:0c:0d:3e:18:6a:b8:46:2d:75:28:05:c5:df:
04:32:4a:dc:05:7e:06:a4:9b:eb:61:c1:d6:62:e0:1a:8a:67:
10:8a:0f:41:58:b2:0f:ea:88:20:27:37:6a:b0:10:73:a8:f3:
31:ea:6f:0d:af:61:ba:4c:e7:99:bc:02:ee:d3:5b:43:ca:d7:
15:76:78:d5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZQoJTZuLFGM6hQ+PsHyTpZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTAyMTc1MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU1ZjdhMmJlYzgzNGI0NzhiOWY4YzFmNjRiOTk1Nzk2YmUxMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFSSKr4T3WlNl3N33AUuKc79JEc0
Mq80L7Mul8oRN9UprBb49Y7oeRzE+D/vqu9GkkIT5UX/blSZtqR0ktKsaZac6UQn
fcrnO9f/47/cJLHTDYveAV9mTzNCL+aQtr8ahpwodQukclnkPe9Ps/3GNJeFhbFH
WMQUkryLy9ICLsa11V+SBwCyVVp/U9OVi51p0wAu4Hsde+XtS99kWPTT6x4GCZF3
VYjlGCkhyMOmvlzwAerfpGKd3JWb40MpK/YCr3MZrVnFJsK954Y2vTAA6sh2Ch7l
B0thRhFqiCEcjAlz/1Ycl1O4QTQ6jG6Z65792H45kj8U/TOtoT9Z1mYs8QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFGvl96K+yDS0eLn4wfZLmVeWvhFsMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvYS1YM29yN0lOTFI0dWZqQjlrdVpWNWEtRVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAE+2FwDBAFb4Q4DBABb63sDBAGS
QtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACynW4DBACynXwDBACy
nX4DBAC5TDwDBAC5TD4DBAC8SoADBAC8SoIDBAC8SpgDBAC8SpsDBAC8SqsDBAC8
SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQMEALx3pgMEALx3tTAN
BgkqhkiG9w0BAQsFAAOCAQEAMkHB1fCKDr9yIUzYZCiNHvwaSPyOM+VzBMtK1W5D
b4pz4hosxUYISiburJOozpPhItASs/Z8Uc0xBfzkhbpJhrpHHT2YATY9LJ++Olgy
6se5+gcEgSgYLnPO74YRnh95W5R9hj0+ZZMbh8toTVmJKt/7cgX/zGwg8YcNusnz
B60090o4YbPfi9/DKoT56ZxXs4AxncMztGaYA7l8lDBr/pMwzW/lBN1fbkZZYYfr
EOOFwLv3F62LrcEMDT4YarhGLXUoBcXfBDJK3AV+BqSb62HB1mLgGopnEIoPQViy
D+qIICc3arAQc6jzMepvDa9hukznmbwC7tNbQ8rXFXZ41Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:29:31 2025 by rpki-client