Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EHXBWUxeWMDtm-263T3CeCfIQg0.roa
File: EHXBWUxeWMDtm-263T3CeCfIQg0.roa (raw, json)
Hash identifier: upykUfWusTim+qPavoonZ87RcamCDQGsa5cCnxfzAXA=
Subject key identifier: 10:75:C1:59:4C:5E:58:C0:ED:9B:ED:BA:DD:3D:C2:78:27:C8:42:0D
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0194A79E71E3C86FF7C56D9CA895F311D635
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EHXBWUxeWMDtm-263T3CeCfIQg0.roa
Signing time: Mon 27 Jan 2025 11:56:06 +0000
ROA not before: Mon 27 Jan 2025 11:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49100
IP address blocks: 5.202.0.0/16 maxlen: 24
5.202.16.0/23 maxlen: 23
5.202.22.0/23 maxlen: 23
5.202.57.0/24 maxlen: 24
5.202.76.0/24 maxlen: 24
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
5.202.208.0/20 maxlen: 20
5.202.240.0/21 maxlen: 21
77.237.160.0/19 maxlen: 19
85.9.64.0/18 maxlen: 18
85.9.68.0/24 maxlen: 24
85.9.76.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
109.125.160.0/19 maxlen: 19
109.125.160.0/23 maxlen: 23
109.125.162.0/23 maxlen: 23
109.125.164.0/23 maxlen: 23
109.125.168.0/21 maxlen: 21
109.125.176.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.184.0/22 maxlen: 22
109.125.184.0/24 maxlen: 24
109.125.185.0/24 maxlen: 24
109.125.186.0/24 maxlen: 24
109.125.187.0/24 maxlen: 24
109.125.188.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
109.125.191.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
109.232.7.0/24 maxlen: 24
185.72.24.0/22 maxlen: 22
185.72.27.0/24 maxlen: 24
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
185.103.128.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
185.131.28.0/22 maxlen: 22
185.131.30.0/23 maxlen: 23
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.177.232.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
188.253.32.0/19 maxlen: 24
188.253.64.0/19 maxlen: 24
193.32.80.0/23 maxlen: 23
194.33.122.0/23 maxlen: 23
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:9e:71:e3:c8:6f:f7:c5:6d:9c:a8:95:f3:11:d6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 27 11:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1075c1594c5e58c0ed9bedbadd3dc27827c8420d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b3:12:86:e0:40:f8:f8:07:80:27:06:e8:ef:
59:aa:1f:a8:af:d4:76:f2:8c:ba:73:fe:b4:23:50:
3c:e1:6b:85:0b:85:aa:4d:db:b7:91:17:d9:75:aa:
66:d7:1b:6b:c5:63:74:ee:75:64:86:62:98:11:4c:
0e:5a:02:d4:94:c1:ba:71:4b:06:ec:2e:8f:56:1a:
ba:d5:9f:25:dd:80:9c:4c:60:2a:c4:83:d5:f8:f0:
f0:b2:85:b9:a5:50:d7:0b:4b:b7:a3:c0:28:cf:61:
8d:0e:f4:8c:77:0c:bd:8f:2e:9b:2d:9a:cd:45:71:
5b:3d:a2:f7:f5:9b:99:97:cb:85:89:84:cc:32:5c:
81:c1:f7:57:a4:f9:12:be:67:90:7a:ac:ec:29:a9:
cc:de:8e:7c:9a:8a:a8:7f:b1:a8:4c:04:33:20:9d:
78:71:60:1a:96:bc:f1:21:25:99:1a:d1:96:58:27:
97:9e:04:c3:f5:1e:b1:fe:40:fb:7d:9a:6f:e5:61:
30:85:af:55:35:a3:66:96:d0:ba:b6:f5:e6:80:7b:
a7:f5:94:ac:65:2a:fb:4a:8d:5a:8c:b9:65:71:e8:
77:50:49:98:91:0c:20:61:5d:85:ad:e8:b3:0c:33:
60:b9:fa:d5:1c:63:e1:bd:5e:bf:88:b9:ea:34:08:
a6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:75:C1:59:4C:5E:58:C0:ED:9B:ED:BA:DD:3D:C2:78:27:C8:42:0D
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EHXBWUxeWMDtm-263T3CeCfIQg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:eb:aa:67:b8:96:d3:b5:66:0a:aa:9e:b2:1c:0d:5d:18:dc:
ac:b8:df:ec:f8:5a:82:a6:77:98:44:a2:04:b5:d1:eb:cb:eb:
2f:f8:a0:35:f2:92:a4:dd:3f:22:8b:42:25:8c:50:a8:ef:65:
45:da:a2:8b:3b:73:5f:d3:fd:34:95:9a:46:c1:ad:02:c1:13:
dc:bb:3e:99:30:9d:9f:62:66:f8:5a:d3:d3:53:0d:5d:3f:de:
69:32:69:33:c4:9f:6b:52:bb:07:ef:c4:20:f1:66:84:e0:f1:
9f:d3:81:d4:1f:60:a6:b7:b5:ef:b2:d1:3c:bd:a0:5e:36:d3:
39:df:27:64:10:d3:db:e8:96:3f:4c:25:28:92:78:d9:c1:4d:
75:46:8e:7a:91:3b:0c:41:cb:4f:d3:60:4b:58:88:60:69:3d:
26:fd:c4:bd:a1:27:f9:b1:35:cb:6c:93:b4:50:74:83:01:bb:
68:72:d7:22:72:04:70:3c:75:4d:83:27:b6:85:bf:97:de:f3:
b9:b3:17:13:7f:71:63:bf:2b:09:73:52:48:59:62:80:79:45:
b7:58:9e:95:f1:2d:92:1e:9d:89:c4:bf:9d:65:29:1d:b5:3e:
89:10:33:de:2e:04:56:a8:6e:81:36:e5:96:99:5c:e5:04:75:
3a:a3:bc:50
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZSnnnHjyG/3xW2cqJXzEdY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjUwMTI3MTE1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc1YzE1OTRjNWU1OGMwZWQ5YmVkYmFkZDNkYzI3ODI3Yzg0MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprMShuBA+PgHgCcG6O9Zqh+or9R2
8oy6c/60I1A84WuFC4WqTdu3kRfZdapm1xtrxWN07nVkhmKYEUwOWgLUlMG6cUsG
7C6PVhq61Z8l3YCcTGAqxIPV+PDwsoW5pVDXC0u3o8Aoz2GNDvSMdwy9jy6bLZrN
RXFbPaL39ZuZl8uFiYTMMlyBwfdXpPkSvmeQeqzsKanM3o58moqof7GoTAQzIJ14
cWAalrzxISWZGtGWWCeXngTD9R6x/kD7fZpv5WEwha9VNaNmltC6tvXmgHun9ZSs
ZSr7So1ajLllceh3UEmYkQwgYV2FreizDDNgufrVHGPhvV6/iLnqNAimRQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFBB1wVlMXljA7Zvtut09wngnyEINMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvRUhYQldVeGVXTUR0bS0yNjNUM0NlQ2ZJUWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBAL3rqme4ltO1ZgqqnrIcDV0Y3Ky43+z4WoKmd5hEogS1
0evL6y/4oDXykqTdPyKLQiWMUKjvZUXaoos7c1/T/TSVmkbBrQLBE9y7PpkwnZ9i
Zvha09NTDV0/3mkyaTPEn2tSuwfvxCDxZoTg8Z/TgdQfYKa3te+y0Ty9oF420znf
J2QQ09volj9MJSiSeNnBTXVGjnqROwxBy0/TYEtYiGBpPSb9xL2hJ/mxNctsk7RQ
dIMBu2hy1yJyBHA8dU2DJ7aFv5fe87mzFxN/cWO/KwlzUkhZYoB5RbdYnpXxLZIe
nYnEv51lKR21PokQM94uBFaoboE25ZaZXOUEdTqjvFA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:13:43 2025 by rpki-client