Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/5D8ikFGVpBmcex2c1eZAD0tOHFI.roa
File: 5D8ikFGVpBmcex2c1eZAD0tOHFI.roa (raw, json)
Hash identifier: c8IbQDggOS7+iGJg9Ygi2C68/eyhjm9foWNtkhiKAAE=
Subject key identifier: E4:3F:22:90:51:95:A4:19:9C:7B:1D:9C:D5:E6:40:0F:4B:4E:1C:52
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 01946F2E830CA984065D7BB64242FE32D124
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/5D8ikFGVpBmcex2c1eZAD0tOHFI.roa
Signing time: Thu 16 Jan 2025 12:55:06 +0000
ROA not before: Thu 16 Jan 2025 12:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 5.181.201.0/24 maxlen: 24
45.12.28.0/24 maxlen: 24
185.36.140.0/23 maxlen: 24
185.225.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:2e:83:0c:a9:84:06:5d:7b:b6:42:42:fe:32:d1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 16 12:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e43f22905195a4199c7b1d9cd5e6400f4b4e1c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:fd:8b:34:3e:bd:e2:03:f3:d0:b5:dc:01:
df:7e:03:b8:d2:ff:49:0d:0b:69:f8:fd:87:a0:cc:
1b:3b:60:68:51:2c:0b:75:8a:ff:fe:16:04:23:11:
ef:04:ff:b7:a3:da:25:53:cd:5e:1a:55:d2:ec:fc:
e6:02:2b:02:fb:f2:f2:6b:3e:6d:d4:f9:8c:51:f6:
f6:1d:4f:dd:eb:f8:0f:db:06:d0:cf:0b:04:b2:4f:
3c:31:c1:08:0a:8e:4b:4d:bc:1c:74:ab:ec:97:3d:
48:c4:37:5d:48:52:cc:22:a8:13:d9:30:f4:0a:5d:
0a:85:a2:e1:80:6b:a0:73:54:98:2b:4d:ae:a4:b8:
25:6f:1b:06:33:81:57:ed:fd:01:ca:12:40:d9:4c:
fd:c8:34:2d:40:69:ee:dc:13:a7:fc:71:c5:e5:65:
46:66:2f:93:32:3b:cd:f4:96:9a:3a:6b:d0:a7:50:
87:eb:a7:49:d7:7c:8a:04:79:67:07:ff:0e:f7:0d:
12:8e:a5:b1:01:c0:02:e7:6f:bd:d8:e2:fe:1b:71:
97:51:33:60:56:3d:fe:03:a3:b9:c3:ba:34:eb:8e:
d9:55:c6:91:e6:70:98:ac:3d:69:4c:2b:a4:11:b5:
c7:65:e9:1f:14:6d:b0:34:35:42:ed:c8:c6:29:38:
e1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3F:22:90:51:95:A4:19:9C:7B:1D:9C:D5:E6:40:0F:4B:4E:1C:52
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/5D8ikFGVpBmcex2c1eZAD0tOHFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.201.0/24
45.12.28.0/24
185.36.140.0/23
185.225.205.0/24
Signature Algorithm: sha256WithRSAEncryption
26:8c:d9:84:af:1e:a3:6b:3b:7d:73:3c:54:cd:f1:6f:b9:0c:
4f:ae:cc:e1:2b:3a:1c:05:a1:67:2f:28:a3:8e:c0:29:6c:05:
01:38:d2:87:67:2b:e0:15:16:fe:d4:e6:df:6c:50:f5:f3:ed:
b5:a1:b7:db:a1:87:0b:e4:1f:8d:8f:f1:ce:95:3a:08:31:17:
3b:6e:97:d8:b7:81:8b:7c:f0:2a:ff:f3:81:91:dc:a2:f7:50:
1e:b4:d7:cb:e5:ce:98:c4:b4:b1:ed:a6:9e:95:d6:fc:51:6b:
a7:48:25:44:3f:0d:9b:80:ea:ce:e8:57:7a:fd:0f:78:a5:96:
5f:0a:b2:c3:8b:7a:52:cd:f1:a5:6b:07:54:2b:98:ab:c7:c8:
c5:ec:ee:aa:1d:2e:ff:17:21:03:0b:da:60:f6:59:67:b2:c8:
ed:0a:a0:4e:6b:23:de:80:bd:32:e4:88:5f:72:e9:cf:0e:62:
66:6c:18:65:29:08:12:a5:c2:cc:e1:b7:3f:eb:0b:3e:d4:fc:
b0:e1:a7:21:1f:ff:7d:2e:e9:3f:68:a2:06:16:a7:c3:1e:08:
e1:ef:d3:3c:5f:55:01:0a:92:0b:2d:04:b0:fb:ec:7c:8d:0a:
13:52:d4:fe:3c:a3:37:49:a8:ce:a9:c2:b3:1a:df:8b:8c:a2:
35:99:af:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRvLoMMqYQGXXu2QkL+MtEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwMTE2MTI1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNmMjI5MDUxOTVhNDE5OWM3YjFkOWNkNWU2NDAwZjRiNGUxYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmn9izQ+veID89C13AHffgO40v9J
DQtp+P2HoMwbO2BoUSwLdYr//hYEIxHvBP+3o9olU81eGlXS7PzmAisC+/Lyaz5t
1PmMUfb2HU/d6/gP2wbQzwsEsk88McEICo5LTbwcdKvslz1IxDddSFLMIqgT2TD0
Cl0KhaLhgGugc1SYK02upLglbxsGM4FX7f0ByhJA2Uz9yDQtQGnu3BOn/HHF5WVG
Zi+TMjvN9JaaOmvQp1CH66dJ13yKBHlnB/8O9w0SjqWxAcAC52+92OL+G3GXUTNg
Vj3+A6O5w7o0647ZVcaR5nCYrD1pTCukEbXHZekfFG2wNDVC7cjGKTjhNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQ/IpBRlaQZnHsdnNXmQA9LThxSMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvNUQ4aWtGR1ZwQm1jZXgyYzFlWkFEMHRPSEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbXJAwQA
LQwcAwQBuSSMAwQAueHNMA0GCSqGSIb3DQEBCwUAA4IBAQAmjNmErx6jazt9czxU
zfFvuQxPrszhKzocBaFnLyijjsApbAUBONKHZyvgFRb+1ObfbFD18+21obfboYcL
5B+Nj/HOlToIMRc7bpfYt4GLfPAq//OBkdyi91AetNfL5c6YxLSx7aaeldb8UWun
SCVEPw2bgOrO6Fd6/Q94pZZfCrLDi3pSzfGlawdUK5irx8jF7O6qHS7/FyEDC9pg
9llnssjtCqBOayPegL0y5IhfcunPDmJmbBhlKQgSpcLM4bc/6ws+1Pyw4achH/99
Luk/aKIGFqfDHgjh79M8X1UBCpILLQSw++x8jQoTUtT+PKM3SajOqcKzGt+LjKI1
ma+3
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:20 2025 by rpki-client