Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/oF-ZKm-LG7Iu63mJDsCWuLFkY4M.roa
File: oF-ZKm-LG7Iu63mJDsCWuLFkY4M.roa (raw, json)
Hash identifier: xR0FwkohVFgDTpppB9NlKBMFWMVay8ZCu79sDc8DKiI=
Subject key identifier: A0:5F:99:2A:6F:8B:1B:B2:2E:EB:79:89:0E:C0:96:B8:B1:64:63:83
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 01944A0B14F2867D29BEA9C0A824D9D57052
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/oF-ZKm-LG7Iu63mJDsCWuLFkY4M.roa
Signing time: Thu 09 Jan 2025 07:50:27 +0000
ROA not before: Thu 09 Jan 2025 07:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15440
IP address blocks: 5.133.65.0/24 maxlen: 24
5.133.66.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
45.82.32.0/24 maxlen: 24
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
89.249.80.0/20 maxlen: 20
92.62.128.0/20 maxlen: 20
92.62.128.0/24 maxlen: 24
92.62.129.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.131.0/24 maxlen: 24
92.62.132.0/23 maxlen: 23
92.62.135.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
185.11.26.0/24 maxlen: 24
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
195.14.160.0/19 maxlen: 19
213.197.128.0/18 maxlen: 18
217.117.16.0/20 maxlen: 20
2001:1ab8::/31 maxlen: 32
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2a0d:5000:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:0b:14:f2:86:7d:29:be:a9:c0:a8:24:d9:d5:70:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 9 07:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a05f992a6f8b1bb22eeb79890ec096b8b1646383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4b:26:fd:7d:eb:cc:3e:1a:7e:e5:be:85:a3:
08:7b:9d:2b:0f:f2:d0:9d:fc:7c:19:8d:2d:65:78:
d4:e0:c7:39:2f:0b:f8:b8:55:12:b6:91:b2:ec:a5:
71:cc:a2:fc:00:8a:3c:f0:51:ca:c7:1d:8a:6a:7c:
45:d7:1f:e8:75:32:95:42:79:5e:cc:2d:d9:0d:0a:
3f:66:86:3b:9a:df:ad:29:ce:f4:28:f2:c6:f4:ae:
e2:51:48:15:1f:88:ea:e9:af:57:7e:48:18:4c:0f:
92:59:85:b4:64:f4:b9:4f:8b:6c:d8:d5:d9:11:07:
33:6a:4a:32:e0:f3:22:6f:d2:ad:21:ab:62:e3:01:
d4:86:8a:f7:91:1c:e8:cc:44:cc:92:00:4a:df:0b:
b7:f2:b9:5f:5e:7f:5b:a8:16:1f:d1:f8:bd:62:29:
68:48:64:bb:2c:32:e9:ff:6a:ab:3c:53:40:5d:fa:
13:2d:d1:77:9a:f1:d1:cb:5e:3f:05:e5:bb:5d:08:
3c:85:25:ee:67:68:7d:42:a1:c1:3c:95:b3:6f:c2:
23:e1:d9:35:05:3b:eb:f1:4e:8f:14:af:ab:ba:c6:
5e:bc:37:2f:3e:ef:73:75:61:a3:25:37:e2:01:7e:
14:0a:bd:73:60:dd:70:e4:1f:39:52:f6:20:ab:c2:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5F:99:2A:6F:8B:1B:B2:2E:EB:79:89:0E:C0:96:B8:B1:64:63:83
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/oF-ZKm-LG7Iu63mJDsCWuLFkY4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/24
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
86:db:92:84:c0:e0:9d:75:8e:a2:cd:33:30:31:03:72:5d:dc:
a1:eb:87:21:2a:32:cc:2c:ce:2c:b5:e4:2f:21:84:5f:00:32:
55:1b:4e:b1:9c:8b:a9:8e:64:98:aa:87:0d:6d:27:af:17:1b:
0c:45:1c:e0:44:53:30:97:04:24:7c:13:47:01:99:91:43:5e:
b3:0d:cb:8f:73:5e:bd:81:24:2e:5e:58:cb:85:c2:9f:34:eb:
71:30:18:46:c9:cf:1e:d7:6e:d3:23:b1:63:ae:ce:de:b1:36:
05:37:e7:51:b5:45:5a:58:f2:57:59:08:15:5f:60:9e:c4:7e:
88:c1:eb:bd:f9:07:d1:f9:54:07:f1:3a:b7:ce:b9:74:26:cd:
b6:8d:12:97:e0:c5:48:69:f4:11:f2:60:81:6d:6a:b2:30:c7:
91:8c:08:a5:56:25:ee:0d:54:f1:86:71:6d:2c:24:02:51:59:
41:47:6a:26:88:7c:d7:2c:65:c1:d5:84:5d:a8:8c:1e:9b:51:
c1:af:75:cf:f8:3d:ba:50:fc:a2:8b:51:b5:e0:ee:9d:91:09:
ed:7a:7c:dc:1b:0f:7f:07:aa:75:d7:0c:d1:aa:ef:a1:5c:ce:
69:d1:0d:5a:ae:7f:3e:b9:46:9e:70:5f:3b:c5:de:ad:50:0c:
ae:62:f5:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZRKCxTyhn0pvqnAqCTZ1XBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjUwMTA5MDc1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDVmOTkyYTZmOGIxYmIyMmVlYjc5ODkwZWMwOTZiOGIxNjQ2MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ksm/X3rzD4afuW+haMIe50rD/LQ
nfx8GY0tZXjU4Mc5Lwv4uFUStpGy7KVxzKL8AIo88FHKxx2KanxF1x/odTKVQnle
zC3ZDQo/ZoY7mt+tKc70KPLG9K7iUUgVH4jq6a9XfkgYTA+SWYW0ZPS5T4ts2NXZ
EQczakoy4PMib9KtIati4wHUhor3kRzozETMkgBK3wu38rlfXn9bqBYf0fi9Yilo
SGS7LDLp/2qrPFNAXfoTLdF3mvHRy14/BeW7XQg8hSXuZ2h9QqHBPJWzb8Ij4dk1
BTvr8U6PFK+rusZevDcvPu9zdWGjJTfiAX4UCr1zYN1w5B85UvYgq8KdAQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFKBfmSpvixuyLut5iQ7AlrixZGODMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvb0YtWkttLUxHN0l1NjNtSkRzQ1d1TEZrWTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVgQCAAEwUDAMAwQABYVB
AwQABYVCAwQCLVIgAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsaAwQAuUEw
AwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcAKg1QAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCG25KEwOCddY6izTMwMQNyXdyh64chKjLMLM4s
teQvIYRfADJVG06xnIupjmSYqocNbSevFxsMRRzgRFMwlwQkfBNHAZmRQ16zDcuP
c169gSQuXljLhcKfNOtxMBhGyc8e127TI7Fjrs7esTYFN+dRtUVaWPJXWQgVX2Ce
xH6Iweu9+QfR+VQH8Tq3zrl0Js22jRKX4MVIafQR8mCBbWqyMMeRjAilViXuDVTx
hnFtLCQCUVlBR2omiHzXLGXB1YRdqIwem1HBr3XP+D26UPyii1G14O6dkQntenzc
Gw9/B6p11wzRqu+hXM5p0Q1arn8+uUaecF87xd6tUAyuYvUv
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:55 2025 by rpki-client