Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/t1iss73c1vA3f3cNltkojtMkUHU.roa
File: t1iss73c1vA3f3cNltkojtMkUHU.roa (raw, json)
Hash identifier: ARWFzjMEGWJx1F7mQIgiGm3ahe5y38rnTUky4YHGe4o=
Subject key identifier: B7:58:AC:B3:BD:DC:D6:F0:37:7F:77:0D:96:D9:28:8E:D3:24:50:75
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 0194266BC531841A30EB34DDF4429E5FD18C
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/t1iss73c1vA3f3cNltkojtMkUHU.roa
Signing time: Thu 02 Jan 2025 09:49:44 +0000
ROA not before: Thu 02 Jan 2025 09:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15440
IP address blocks: 5.133.65.0/24 maxlen: 24
5.133.66.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
89.249.80.0/20 maxlen: 20
92.62.128.0/20 maxlen: 20
92.62.128.0/24 maxlen: 24
92.62.129.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.131.0/24 maxlen: 24
92.62.132.0/23 maxlen: 23
92.62.135.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
185.11.26.0/24 maxlen: 24
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
195.14.160.0/19 maxlen: 19
213.197.128.0/18 maxlen: 18
217.117.16.0/20 maxlen: 20
2001:1ab8::/31 maxlen: 32
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2a0d:5000:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c5:31:84:1a:30:eb:34:dd:f4:42:9e:5f:d1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 2 09:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b758acb3bddcd6f0377f770d96d9288ed3245075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:69:5c:05:b8:c4:77:98:93:a5:14:44:d4:5d:
4b:14:40:2c:9c:c3:e9:39:6a:68:01:bd:3a:01:62:
c9:20:6c:11:c2:81:f8:9f:c0:5e:57:d4:1c:34:52:
6a:3f:1c:20:f7:1c:9c:35:3a:0d:b9:a4:ad:6f:9c:
ac:bc:90:e5:b2:98:c0:b5:11:1c:00:bb:82:2d:b8:
16:ea:d3:22:17:a3:42:93:47:78:63:13:83:15:0c:
e0:cd:f3:72:ee:4a:7d:bf:e3:ad:c3:f0:fa:03:6c:
30:a9:c1:db:b0:0a:6e:62:ef:4e:03:c5:df:cd:97:
0b:12:fe:df:3a:50:42:b2:05:2d:4a:56:ea:f2:0b:
82:99:1e:c9:15:81:4b:ba:aa:a7:87:e8:96:19:45:
34:75:f2:04:2e:04:1a:1d:f2:ed:b8:e5:2a:95:3e:
e7:29:dd:bc:1f:4e:bb:95:73:24:2d:4a:e7:c6:03:
f2:18:bb:0c:58:ef:c5:fe:8e:b5:b0:76:27:32:da:
d5:35:63:78:14:5e:27:f4:7f:02:cf:6f:35:d1:d1:
20:5c:3c:c0:8c:ce:2d:d6:36:da:2c:a4:15:7c:9d:
9e:6e:e6:88:3d:a9:d9:73:f8:a7:ec:5d:5e:2a:92:
b3:4e:a1:de:81:ab:96:d6:fb:03:3d:2d:98:ef:f9:
e4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:58:AC:B3:BD:DC:D6:F0:37:7F:77:0D:96:D9:28:8E:D3:24:50:75
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/t1iss73c1vA3f3cNltkojtMkUHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/24
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
7b:dc:f5:23:6d:63:10:75:7a:a8:6c:0f:5f:1e:1d:85:5a:02:
6a:5c:30:58:f5:b5:38:ae:6e:b2:f7:55:5d:c5:a5:56:59:02:
d1:ad:8a:6d:bb:09:22:fc:de:7b:b4:a4:2e:d0:40:68:d3:ec:
5a:eb:e6:19:b7:41:77:85:e8:ba:f7:2c:4e:b5:0f:06:6a:17:
eb:e8:9c:23:fb:ee:ec:ab:78:f6:87:1b:30:33:6d:d5:da:a6:
76:83:68:d1:33:39:ef:fe:14:2b:4e:cd:ac:0e:c4:8d:c9:1c:
94:aa:24:b0:78:85:3d:68:62:e4:d6:cd:9c:47:1a:7d:bf:05:
09:36:8a:d1:ef:5d:27:46:17:7c:b2:c3:9a:47:bf:16:bb:c3:
c3:11:14:f8:9b:10:67:6c:d1:29:86:39:c7:03:53:e0:46:1c:
98:7e:c2:a0:a4:e6:f8:79:bc:9d:cf:78:7f:1c:42:35:bd:5e:
3e:b4:2a:48:72:3b:51:46:a6:b5:62:8c:8d:30:ed:42:9c:8e:
8f:9d:3d:c2:a8:54:82:be:85:7d:18:75:76:85:52:f3:b0:c7:
ae:98:b5:46:d9:d8:b2:75:7f:22:62:ed:26:e7:21:b6:de:08:
ee:64:91:25:4a:1b:5c:85:c9:6d:3e:16:d8:17:2d:cd:1c:d5:
47:53:6e:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZQma8UxhBow6zTd9EKeX9GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjUwMTAyMDk0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzU4YWNiM2JkZGNkNmYwMzc3Zjc3MGQ5NmQ5Mjg4ZWQzMjQ1MDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2lcBbjEd5iTpRRE1F1LFEAsnMPp
OWpoAb06AWLJIGwRwoH4n8BeV9QcNFJqPxwg9xycNToNuaStb5ysvJDlspjAtREc
ALuCLbgW6tMiF6NCk0d4YxODFQzgzfNy7kp9v+Otw/D6A2wwqcHbsApuYu9OA8Xf
zZcLEv7fOlBCsgUtSlbq8guCmR7JFYFLuqqnh+iWGUU0dfIELgQaHfLtuOUqlT7n
Kd28H067lXMkLUrnxgPyGLsMWO/F/o61sHYnMtrVNWN4FF4n9H8Cz2810dEgXDzA
jM4t1jbaLKQVfJ2ebuaIPanZc/in7F1eKpKzTqHegauW1vsDPS2Y7/nk+QIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFLdYrLO93NbwN393DZbZKI7TJFB1MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvdDFpc3M3M2MxdkEzZjNjTmx0a29qdE1rVUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVgQCAAEwUDAMAwQABYVB
AwQABYVCAwQCLVIgAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsaAwQAuUEw
AwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcAKg1QAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQB73PUjbWMQdXqobA9fHh2FWgJqXDBY9bU4rm6y
91VdxaVWWQLRrYptuwki/N57tKQu0EBo0+xa6+YZt0F3hei69yxOtQ8Gahfr6Jwj
++7sq3j2hxswM23V2qZ2g2jRMznv/hQrTs2sDsSNyRyUqiSweIU9aGLk1s2cRxp9
vwUJNorR710nRhd8ssOaR78Wu8PDERT4mxBnbNEphjnHA1PgRhyYfsKgpOb4ebyd
z3h/HEI1vV4+tCpIcjtRRqa1YoyNMO1CnI6PnT3CqFSCvoV9GHV2hVLzsMeumLVG
2diydX8iYu0m5yG23gjuZJElShtchcltPhbYFy3NHNVHU27K
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:04:45 2025 by rpki-client