Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5WDHZqYL4JoigK6ga5SoeGk4HdY.roa
File: 5WDHZqYL4JoigK6ga5SoeGk4HdY.roa (raw, json)
Hash identifier: dpLNM6hVekKCFYAooq6epOBSfyejH9hZmkbcw8tn9gU=
Subject key identifier: E5:60:C7:66:A6:0B:E0:9A:22:80:AE:A0:6B:94:A8:78:69:38:1D:D6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195B7E6C85C5DD0036E11E372CA2F8B996C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5WDHZqYL4JoigK6ga5SoeGk4HdY.roa
Signing time: Fri 21 Mar 2025 08:51:49 +0000
ROA not before: Fri 21 Mar 2025 08:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:e6:c8:5c:5d:d0:03:6e:11:e3:72:ca:2f:8b:99:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 21 08:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e560c766a60be09a2280aea06b94a87869381dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:71:c5:48:5e:43:36:e6:67:7b:cd:2e:f1:5c:
fb:a9:9e:2f:0e:04:c7:24:c5:b5:44:d3:63:59:6c:
b1:3d:9c:75:43:09:c3:5b:40:bf:87:f6:7e:40:9d:
25:4a:12:aa:ce:dc:31:55:80:2c:79:7a:bb:8a:fa:
c6:98:5b:d3:61:ae:41:6a:8e:81:e2:61:62:19:c6:
4c:e6:a6:a9:cd:02:f0:b9:ba:7d:8f:ea:f2:ed:cf:
a7:76:07:f5:ca:c5:f8:a5:fb:3e:36:30:63:ac:c0:
51:05:39:ac:22:bf:b2:70:44:b8:16:70:c7:a3:9d:
ce:53:f2:c7:d9:a0:ff:e4:b9:26:de:5e:77:15:cd:
2a:a0:cb:e1:b3:ba:7a:3f:05:93:5f:cd:a0:61:38:
52:23:ce:14:76:f1:14:9a:9a:4f:57:0f:21:2a:95:
81:fc:56:eb:42:c0:c3:fa:4d:8b:30:24:fb:d5:ea:
7b:2d:06:a2:b2:08:78:f5:c3:09:06:56:9a:45:d6:
9f:f4:c0:53:78:40:8f:de:1f:8d:14:78:7c:0e:d2:
47:27:18:a3:45:59:be:df:bd:1d:b4:a2:a5:ea:40:
8e:97:b5:f0:9f:a5:3b:ce:de:37:92:31:82:17:13:
42:c9:13:10:ef:32:b8:37:30:18:af:14:4e:e2:32:
9c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:60:C7:66:A6:0B:E0:9A:22:80:AE:A0:6B:94:A8:78:69:38:1D:D6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/5WDHZqYL4JoigK6ga5SoeGk4HdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.61.0/24
88.209.192.0/24
88.209.207.0/24
88.209.209.0/24
88.209.222.0/24
88.209.225.0/24
Signature Algorithm: sha256WithRSAEncryption
72:6b:a8:c9:f2:13:5a:0f:c5:c8:17:bc:81:73:60:2a:5a:bd:
8c:ed:cd:87:4e:82:75:0b:ea:5b:36:74:d7:39:cb:5b:49:91:
9e:ad:c4:c8:9e:c0:b0:3b:84:5b:dc:b9:8c:2e:51:24:fd:5b:
a1:c1:10:9f:9e:10:b9:a2:0c:20:29:ef:3c:93:fd:bb:c9:b0:
4a:d6:b6:a9:0f:24:9e:1b:90:15:26:70:48:64:4e:ac:38:a1:
e4:48:20:28:a5:5c:54:89:df:a3:68:61:62:f5:c0:81:d5:c9:
2d:ad:59:5a:0b:05:6c:20:0a:53:07:8b:c5:70:18:c6:b9:74:
64:63:c9:f0:92:a5:22:b3:f9:21:c7:4f:28:a6:30:2a:b9:4e:
65:37:1f:b4:e8:ae:2f:6e:83:78:68:9f:24:78:02:35:b1:9a:
39:74:df:3c:76:76:66:8f:6d:3e:e0:ff:14:b0:af:cc:29:53:
29:5e:e6:1f:44:b3:54:84:07:ec:e1:21:08:ed:12:56:41:95:
9d:0e:75:75:9e:79:a3:7b:b4:71:0a:f5:0e:a8:96:e8:81:32:
3f:76:0c:5b:c7:88:dc:ec:f4:61:10:35:8e:21:a6:e8:3c:8d:
a0:3c:7f:0f:9f:c7:f4:3a:27:6b:2b:0d:37:bf:66:84:57:8d:
80:76:4f:1c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZW35shcXdADbhHjcsovi5lsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzIxMDg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTYwYzc2NmE2MGJlMDlhMjI4MGFlYTA2Yjk0YTg3ODY5MzgxZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XHFSF5DNuZne80u8Vz7qZ4vDgTH
JMW1RNNjWWyxPZx1QwnDW0C/h/Z+QJ0lShKqztwxVYAseXq7ivrGmFvTYa5Bao6B
4mFiGcZM5qapzQLwubp9j+ry7c+ndgf1ysX4pfs+NjBjrMBRBTmsIr+ycES4FnDH
o53OU/LH2aD/5Lkm3l53Fc0qoMvhs7p6PwWTX82gYThSI84UdvEUmppPVw8hKpWB
/FbrQsDD+k2LMCT71ep7LQaisgh49cMJBlaaRdaf9MBTeECP3h+NFHh8DtJHJxij
RVm+370dtKKl6kCOl7Xwn6U7zt43kjGCFxNCyRMQ7zK4NzAYrxRO4jKcjwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOVgx2amC+CaIoCuoGuUqHhpOB3WMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNVdESFpxWUw0Sm9pZ0s2Z2E1U29lR2s0SGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjqrAwQA
WJc9AwQAWNHAAwQAWNHPAwQAWNHRAwQAWNHeAwQAWNHhMA0GCSqGSIb3DQEBCwUA
A4IBAQBya6jJ8hNaD8XIF7yBc2AqWr2M7c2HToJ1C+pbNnTXOctbSZGercTInsCw
O4Rb3LmMLlEk/VuhwRCfnhC5ogwgKe88k/27ybBK1rapDySeG5AVJnBIZE6sOKHk
SCAopVxUid+jaGFi9cCB1cktrVlaCwVsIApTB4vFcBjGuXRkY8nwkqUis/khx08o
pjAquU5lNx+06K4vboN4aJ8keAI1sZo5dN88dnZmj20+4P8UsK/MKVMpXuYfRLNU
hAfs4SEI7RJWQZWdDnV1nnmje7RxCvUOqJbogTI/dgxbx4jc7PRhEDWOIaboPI2g
PH8Pn8f0OidrKw03v2aEV42Adk8c
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:42:10 2025 by rpki-client