Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/k5ADKrSv4BdFIig_Zz9Lah1CUHo.roa
File: k5ADKrSv4BdFIig_Zz9Lah1CUHo.roa (raw, json)
Hash identifier: 8sZnyhqPdy0sf8ZJv3VfGwRr4K+TKbJZx3TAWeSc+xU=
Subject key identifier: 93:90:03:2A:B4:AF:E0:17:45:22:28:3F:67:3F:4B:6A:1D:42:50:7A
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01938FBD55A725F10B17F3DAF5DDE0F16A2A
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/k5ADKrSv4BdFIig_Zz9Lah1CUHo.roa
Signing time: Wed 04 Dec 2024 03:36:10 +0000
ROA not before: Wed 04 Dec 2024 03:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201106
IP address blocks: 37.72.132.0/24 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
62.204.54.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
146.19.114.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8f:bd:55:a7:25:f1:0b:17:f3:da:f5:dd:e0:f1:6a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Dec 4 03:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9390032ab4afe0174522283f673f4b6a1d42507a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b0:aa:34:93:a8:7f:b8:1a:dd:eb:bf:2d:53:
9e:be:58:05:60:b4:e9:88:d2:fd:68:5d:de:cc:e6:
67:e7:81:03:84:76:67:42:8f:2a:da:ff:50:bc:e8:
ad:75:ec:73:c9:57:60:a7:a1:ee:6a:3c:90:bd:d8:
aa:98:e8:e5:5f:cb:22:4c:e8:5d:99:01:12:9d:71:
f6:d6:b8:f6:69:b2:40:05:16:29:7f:ba:c6:3c:1a:
f6:d1:f0:d7:1e:b8:d7:ac:a0:74:9c:3b:71:5f:5d:
17:d0:ca:f2:65:e6:ea:c3:d5:b2:e2:49:e3:85:aa:
ca:ca:5f:d7:45:ba:72:9b:1d:c0:42:d1:fb:71:90:
0f:7f:4b:a5:05:ea:fb:ca:d9:e5:b8:79:b5:ab:f9:
4e:5d:9f:d4:f0:7f:52:c0:5e:b1:66:31:eb:ec:69:
3f:0f:ba:f0:5a:bb:4e:47:e3:4a:24:3a:46:0c:7b:
7d:65:87:d3:9f:90:69:fd:9c:88:1f:dd:eb:c4:5d:
08:81:ed:28:d1:70:80:34:bb:76:f2:a1:2a:eb:b9:
a4:99:00:76:49:f8:a3:39:75:a8:59:48:0f:be:5d:
42:d4:a6:c8:eb:1f:74:35:91:3b:7f:24:cc:f8:ec:
3f:8d:aa:a2:2e:32:e3:3e:70:4e:cb:8c:5f:12:b8:
ef:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:90:03:2A:B4:AF:E0:17:45:22:28:3F:67:3F:4B:6A:1D:42:50:7A
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/k5ADKrSv4BdFIig_Zz9Lah1CUHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.132.0/24
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
62.204.54.0/24
94.154.114.0/24
146.19.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
1a:ee:8b:21:03:da:d6:eb:35:db:9a:93:b5:75:91:e1:29:1d:
75:1c:bd:fa:4f:39:1e:e0:70:45:bc:b0:ae:e7:b8:bd:56:1d:
26:9a:75:7c:0d:b3:64:9e:3a:0d:3b:c4:e5:45:14:1b:d6:e1:
7e:f6:d3:5f:9d:14:23:a3:e5:d7:ab:4a:ef:e7:d0:4d:2e:07:
82:c7:80:38:6c:e4:70:d0:97:92:ef:d5:3b:1b:b8:d5:fd:ac:
95:d5:48:fa:d0:2f:ef:9b:31:65:d6:f0:fa:8d:74:11:22:4c:
c3:07:86:06:6e:96:79:7d:61:96:66:db:33:b4:d6:8c:b9:0e:
b9:c2:9e:40:96:70:b5:16:58:e0:c4:b7:1d:0d:4a:e2:3e:fe:
ae:6e:19:57:15:d2:bd:51:c7:8f:0c:00:44:65:96:39:b6:8b:
f3:62:c0:5d:5e:de:0a:4b:42:f5:94:3c:5b:e3:30:17:d9:3a:
5d:57:88:58:b4:a1:ed:36:2d:8e:d4:60:5b:e6:09:02:61:95:
f2:c0:ca:f4:34:f7:8b:1c:80:2f:38:0e:ae:ae:e7:62:f0:54:
0d:4d:a5:92:68:0a:ad:0d:b2:fe:5f:65:59:3b:ba:98:bb:b2:
4d:1b:de:7e:29:75:b3:c2:4f:dd:b3:bd:25:60:f3:55:7d:57:
76:67:09:62
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZOPvVWnJfELF/Pa9d3g8WoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQxMjA0MDMzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkwMDMyYWI0YWZlMDE3NDUyMjI4M2Y2NzNmNGI2YTFkNDI1MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LCqNJOof7ga3eu/LVOevlgFYLTp
iNL9aF3ezOZn54EDhHZnQo8q2v9QvOitdexzyVdgp6HuajyQvdiqmOjlX8siTOhd
mQESnXH21rj2abJABRYpf7rGPBr20fDXHrjXrKB0nDtxX10X0MryZebqw9Wy4knj
harKyl/XRbpymx3AQtH7cZAPf0ulBer7ytnluHm1q/lOXZ/U8H9SwF6xZjHr7Gk/
D7rwWrtOR+NKJDpGDHt9ZYfTn5Bp/ZyIH93rxF0Ige0o0XCANLt28qEq67mkmQB2
SfijOXWoWUgPvl1C1KbI6x90NZE7fyTM+Ow/jaqiLjLjPnBOy4xfErjv2wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJOQAyq0r+AXRSIoP2c/S2odQlB6MB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvazVBREtyU3Y0QmRGSWlnX1p6OUxhaDFDVUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQAJUiE
AwQCLY6cAwQCLZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAPsw2AwQAXppy
AwQAkhNyAwQAshYeAwQAvF2LAwQBwdrIAwQBwd1eAwQBwnzaAwQBwnzgMAwDBAHC
k2IDBAHCk2QDBADZci8wDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3DQEBCwUAA4IB
AQAa7oshA9rW6zXbmpO1dZHhKR11HL36Tzke4HBFvLCu57i9Vh0mmnV8DbNknjoN
O8TlRRQb1uF+9tNfnRQjo+XXq0rv59BNLgeCx4A4bORw0JeS79U7G7jV/ayV1Uj6
0C/vmzFl1vD6jXQRIkzDB4YGbpZ5fWGWZtsztNaMuQ65wp5AlnC1FljgxLcdDUri
Pv6ubhlXFdK9UcePDABEZZY5tovzYsBdXt4KS0L1lDxb4zAX2TpdV4hYtKHtNi2O
1GBb5gkCYZXywMr0NPeLHIAvOA6urudi8FQNTaWSaAqtDbL+X2VZO7qYu7JNG95+
KXWzwk/ds70lYPNVfVd2Zwli
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:48 2025 by rpki-client