Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/sfTULUE7ay35rrNm7x1OZ_XXdMY.roa
File: sfTULUE7ay35rrNm7x1OZ_XXdMY.roa (raw, json)
Hash identifier: VwcwcMU3CbGNUkY4KCHr1O4SqGQh4HdJdiDhpiZ6wW8=
Subject key identifier: B1:F4:D4:2D:41:3B:6B:2D:F9:AE:B3:66:EF:1D:4E:67:F5:D7:74:C6
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01953D4C74C513137BF55EE3819ABCF35744
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/sfTULUE7ay35rrNm7x1OZ_XXdMY.roa
Signing time: Tue 25 Feb 2025 13:29:35 +0000
ROA not before: Tue 25 Feb 2025 13:29:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.35.0/24 maxlen: 24
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
84.247.19.0/24 maxlen: 24
85.204.168.0/23 maxlen: 23
85.204.170.0/23 maxlen: 23
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
95.156.203.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
217.61.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:4c:74:c5:13:13:7b:f5:5e:e3:81:9a:bc:f3:57:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Feb 25 13:29:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1f4d42d413b6b2df9aeb366ef1d4e67f5d774c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:59:1b:72:2e:86:df:88:e3:c4:aa:60:96:
2a:e4:37:66:4a:f9:86:04:4c:89:4d:cd:d8:ac:b4:
af:96:c7:06:3d:d6:cf:92:1f:fc:fa:58:fe:50:e0:
ee:1f:1a:02:a0:04:41:67:06:1e:4d:4a:af:35:8f:
92:71:d6:84:48:b0:5a:46:20:25:2e:75:f8:d5:4a:
18:43:c9:7f:64:56:73:5f:e6:3b:ff:17:58:f9:ef:
8d:5c:e6:4c:a4:bc:e1:30:a5:ca:1f:bd:8b:6e:b3:
6e:d9:ef:12:98:5e:ee:31:45:71:0f:2a:4a:2c:da:
22:e6:a0:20:b0:f9:19:3b:1f:26:0d:e2:44:5a:3e:
90:fd:1a:c3:80:56:66:ef:52:59:a7:56:5d:ea:3c:
13:94:45:72:98:43:a8:ff:69:f4:45:68:a4:49:7b:
5a:64:84:3a:ba:31:d2:f6:90:f6:e2:f0:c2:32:8a:
3a:19:5e:9b:f7:26:3c:aa:55:28:48:67:5e:60:a1:
16:3f:f8:76:ff:33:fe:a0:21:80:c5:6a:f5:d6:ad:
1e:35:de:9c:1c:5d:d4:db:10:0a:ec:f5:d6:51:b7:
93:e9:44:cb:f3:a2:ff:35:4f:9f:98:f2:2c:dd:46:
d3:57:c9:dd:95:5b:1c:36:78:12:93:b0:48:c3:e5:
d7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F4:D4:2D:41:3B:6B:2D:F9:AE:B3:66:EF:1D:4E:67:F5:D7:74:C6
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/sfTULUE7ay35rrNm7x1OZ_XXdMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.35.0-5.187.37.255
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
84.247.19.0/24
85.204.168.0/22
89.32.64.0/22
95.156.203.0/24
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
217.61.240.0/24
Signature Algorithm: sha256WithRSAEncryption
40:94:fb:af:29:ea:87:d7:46:b8:47:9a:4d:85:49:67:08:24:
92:84:b3:89:65:fc:e2:2e:e1:58:f1:c9:8c:fb:6a:5f:66:90:
44:74:14:45:9f:c0:ae:2c:82:af:39:d1:e6:12:97:7b:82:da:
9a:d5:26:77:bc:bf:a8:e1:f4:de:6a:98:95:7e:94:4d:3d:3b:
08:4a:d0:e9:35:91:39:27:d0:33:5e:f0:e5:a0:ad:76:d8:4c:
5d:03:82:52:91:9e:bb:6c:db:bb:83:4e:fd:3c:c9:8a:e9:9f:
63:32:ef:58:cb:ad:99:bc:53:95:40:7d:18:f6:a4:64:45:db:
15:ec:ef:50:c1:93:b1:22:18:78:96:a9:69:8b:ae:d8:de:e2:
71:31:d2:cd:38:39:97:10:03:1c:d8:88:ca:e8:f3:4d:bc:fc:
ab:6b:b9:3c:e8:5e:7c:17:36:cd:aa:3d:23:d7:b5:16:4f:a4:
d2:8d:cd:58:de:e0:44:19:34:e7:31:86:70:24:63:e4:8f:bc:
84:a3:4b:00:fe:e1:3d:c5:08:bc:2a:7b:9e:0a:c1:47:d7:82:
bf:81:22:c6:0e:15:70:f9:b3:46:06:03:24:e5:14:38:e1:ba:
74:97:60:d2:94:45:6e:0e:1a:f1:d9:96:48:f4:13:7c:b1:bc:
e2:e2:99:a7
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZU9THTFExN79V7jgZq881dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMjI1MTMyOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY0ZDQyZDQxM2I2YjJkZjlhZWIzNjZlZjFkNGU2N2Y1ZDc3NGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgVZG3Iuht+I48SqYJYq5DdmSvmG
BEyJTc3YrLSvlscGPdbPkh/8+lj+UODuHxoCoARBZwYeTUqvNY+ScdaESLBaRiAl
LnX41UoYQ8l/ZFZzX+Y7/xdY+e+NXOZMpLzhMKXKH72LbrNu2e8SmF7uMUVxDypK
LNoi5qAgsPkZOx8mDeJEWj6Q/RrDgFZm71JZp1Zd6jwTlEVymEOo/2n0RWikSXta
ZIQ6ujHS9pD24vDCMoo6GV6b9yY8qlUoSGdeYKEWP/h2/zP+oCGAxWr11q0eNd6c
HF3U2xAK7PXWUbeT6UTL86L/NU+fmPIs3UbTV8ndlVscNngSk7BIw+XXXQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFLH01C1BO2st+a6zZu8dTmf113TGMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvc2ZUVUxVRTdheTM1cnJObTd4MU9aX1hYZE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAEF
PdADBAEFtWAwDAMEAAW7IwMEAQW7JAMEAB/WmwMEACX8YgMEASX8ZAMEAC77+gME
AC79iwMEAFT3EwMEAlXMqAMEAlkgQAMEAF+cywMEAJ7/7wMEA6IhyAMEALlCrAME
ALlCrgMEAblLFgMEAblW0AMEArlYyAMEALnB8QMEALnOeQMEALnUcgMEALnhCAME
ANk98DANBgkqhkiG9w0BAQsFAAOCAQEAQJT7rynqh9dGuEeaTYVJZwgkkoSziWX8
4i7hWPHJjPtqX2aQRHQURZ/AriyCrznR5hKXe4LamtUmd7y/qOH03mqYlX6UTT07
CErQ6TWROSfQM17w5aCtdthMXQOCUpGeu2zbu4NO/TzJiumfYzLvWMutmbxTlUB9
GPakZEXbFezvUMGTsSIYeJapaYuu2N7icTHSzTg5lxADHNiIyujzTbz8q2u5POhe
fBc2zao9I9e1Fk+k0o3NWN7gRBk05zGGcCRj5I+8hKNLAP7hPcUIvCp7ngrBR9eC
v4Eixg4VcPmzRgYDJOUUOOG6dJdg0pRFbg4a8dmWSPQTfLG84uKZpw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:00:35 2025 by rpki-client