Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/x0AcTRasjy0qWZOIGUnT1Kbz4uk.roa
File: x0AcTRasjy0qWZOIGUnT1Kbz4uk.roa (raw, json)
Hash identifier: zaM3VnNG9RVFofm3T8ZoNUTLDhK3X/kEUyA6UhvyMf0=
Subject key identifier: C7:40:1C:4D:16:AC:8F:2D:2A:59:93:88:19:49:D3:D4:A6:F3:E2:E9
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 019420D63FFBA3AF0DCAF3F14ECEEF82A48E
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/x0AcTRasjy0qWZOIGUnT1Kbz4uk.roa
Signing time: Wed 01 Jan 2025 07:48:19 +0000
ROA not before: Wed 01 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49808
IP address blocks: 5.159.0.0/21 maxlen: 22
31.193.160.0/21 maxlen: 21
63.247.208.0/20 maxlen: 24
85.118.184.0/21 maxlen: 21
85.193.160.0/20 maxlen: 24
86.109.24.0/21 maxlen: 24
89.249.184.0/21 maxlen: 21
109.68.104.0/21 maxlen: 21
139.178.96.0/19 maxlen: 19
145.40.32.0/19 maxlen: 24
162.211.104.0/22 maxlen: 24
162.213.160.0/22 maxlen: 24
185.16.112.0/22 maxlen: 22
185.21.96.0/22 maxlen: 23
185.44.210.0/23 maxlen: 24
193.41.207.0/24 maxlen: 24
194.107.144.0/24 maxlen: 32
198.89.232.0/21 maxlen: 24
2a03:c100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3f:fb:a3:af:0d:ca:f3:f1:4e:ce:ef:82:a4:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Jan 1 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7401c4d16ac8f2d2a5993881949d3d4a6f3e2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:c3:6e:98:b0:80:02:96:a5:74:9b:5f:69:
93:a7:5b:66:9c:76:73:f3:59:64:27:88:27:5a:89:
dc:14:3a:26:3d:d1:68:46:94:69:0b:1c:5b:d6:5a:
11:46:67:28:ad:35:f8:f6:bb:ff:df:95:db:d8:95:
af:02:a7:f9:4e:5b:a8:26:d5:ec:64:e6:83:b4:a1:
e7:b8:75:8f:2b:96:fb:5d:9d:86:66:fe:21:f7:a3:
f1:23:87:0a:67:65:f0:f1:b4:d6:b2:aa:16:dd:e7:
38:00:39:f0:48:ed:17:01:d6:2f:7a:57:f9:7e:7f:
ed:2c:28:aa:d8:20:64:31:d5:4a:bd:c4:ae:d2:03:
55:0a:16:db:98:7e:d0:99:db:8c:7b:4d:74:bd:30:
b4:e8:5c:a1:95:02:d3:a0:63:02:5c:33:07:a2:d8:
25:bc:e4:7d:e7:27:4f:cb:7d:63:dd:25:a9:e6:49:
e5:e5:bc:41:45:04:57:b1:60:53:62:96:80:b6:6f:
1d:52:85:00:3a:81:21:2f:7e:cf:6d:a8:a7:70:7c:
2c:67:5d:45:d5:79:6a:0c:dc:e1:74:c2:b5:bc:44:
7d:0e:a6:36:2c:6e:d8:8d:6d:0c:45:0a:12:69:84:
ce:17:76:ab:12:de:83:6d:e8:f8:fd:86:e8:46:8f:
cc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:40:1C:4D:16:AC:8F:2D:2A:59:93:88:19:49:D3:D4:A6:F3:E2:E9
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/x0AcTRasjy0qWZOIGUnT1Kbz4uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.0.0/21
31.193.160.0/21
63.247.208.0/20
85.118.184.0/21
85.193.160.0/20
86.109.24.0/21
89.249.184.0/21
109.68.104.0/21
139.178.96.0/19
145.40.32.0/19
162.211.104.0/22
162.213.160.0/22
185.16.112.0/22
185.21.96.0/22
185.44.210.0/23
193.41.207.0/24
194.107.144.0/24
198.89.232.0/21
IPv6:
2a03:c100::/32
Signature Algorithm: sha256WithRSAEncryption
79:40:27:b1:8d:91:95:31:a0:95:79:3a:a2:00:23:f7:46:bb:
0c:76:76:22:d8:40:20:ae:4e:10:a2:b3:20:50:65:89:c5:ab:
e5:b1:5a:0b:a5:71:be:aa:fa:be:08:2a:e5:8d:ac:35:d7:67:
a2:01:7a:f5:1f:5f:2d:23:3d:46:a4:24:1a:93:a2:ac:c9:c2:
55:8b:99:7f:4f:ba:0d:62:be:69:44:9d:0e:11:9d:16:69:69:
66:b9:ec:56:18:8d:d0:98:03:e2:2e:c0:81:72:01:97:b5:95:
40:46:32:7a:22:0a:d2:a5:af:7a:62:46:53:b4:6c:3f:aa:de:
97:ae:7b:58:e9:0f:8a:43:d3:6e:39:81:47:a5:5d:fa:b2:d0:
3e:ff:0f:ec:65:b1:f2:fe:49:5d:58:54:3b:b6:25:43:25:92:
a1:d9:db:46:f6:e0:08:c2:c6:30:41:17:d0:d3:6b:16:f8:ca:
ec:df:a0:bc:99:53:07:79:f7:76:86:d5:be:b7:7f:d7:dd:31:
dd:95:7c:1a:62:a0:25:a6:58:1f:d0:66:76:91:12:a4:b9:e4:
d7:cc:e4:bb:f0:2c:fc:09:48:0b:a5:9d:f1:60:9b:f0:fc:ce:
22:e2:61:ca:85:04:15:9b:0b:d7:62:24:f6:e8:ec:56:d3:94:
e8:05:bf:54
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZQg1j/7o68NyvPxTs7vgqSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OWIxOGUzMjk2ZDc5NWQzYTljOTU5YmUyNWM3MGFhYWIz
NjUyMDAwHhcNMjUwMTAxMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzQwMWM0ZDE2YWM4ZjJkMmE1OTkzODgxOTQ5ZDNkNGE2ZjNlMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJnDbpiwgAKWpXSbX2mTp1tmnHZz
81lkJ4gnWoncFDomPdFoRpRpCxxb1loRRmcorTX49rv/35Xb2JWvAqf5TluoJtXs
ZOaDtKHnuHWPK5b7XZ2GZv4h96PxI4cKZ2Xw8bTWsqoW3ec4ADnwSO0XAdYvelf5
fn/tLCiq2CBkMdVKvcSu0gNVChbbmH7QmduMe010vTC06FyhlQLToGMCXDMHotgl
vOR95ydPy31j3SWp5knl5bxBRQRXsWBTYpaAtm8dUoUAOoEhL37PbaincHwsZ11F
1XlqDNzhdMK1vER9DqY2LG7YjW0MRQoSaYTOF3arEt6Dbej4/YboRo/MUQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFMdAHE0WrI8tKlmTiBlJ09Sm8+LpMB8GA1UdIwQY
MBaAFESbGOMpbXldOpyVm+JccKqrNlIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQt
NjVhODk5YTYwMzY2LzEveDBBY1RSYXNqeTBxV1pPSUdVblQxS2J6NHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQtNjVhODk5YTYwMzY2
LzEvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQDBZ8A
AwQDH8GgAwQEP/fQAwQDVXa4AwQEVcGgAwQDVm0YAwQDWfm4AwQDbURoAwQFi7Jg
AwQFkSggAwQCotNoAwQCotWgAwQCuRBwAwQCuRVgAwQBuSzSAwQAwSnPAwQAwmuQ
AwQDxlnoMA0EAgACMAcDBQAqA8EAMA0GCSqGSIb3DQEBCwUAA4IBAQB5QCexjZGV
MaCVeTqiACP3RrsMdnYi2EAgrk4QorMgUGWJxavlsVoLpXG+qvq+CCrljaw112ei
AXr1H18tIz1GpCQak6KsycJVi5l/T7oNYr5pRJ0OEZ0WaWlmuexWGI3QmAPiLsCB
cgGXtZVARjJ6IgrSpa96YkZTtGw/qt6XrntY6Q+KQ9NuOYFHpV36stA+/w/sZbHy
/kldWFQ7tiVDJZKh2dtG9uAIwsYwQRfQ02sW+Mrs36C8mVMHefd2htW+t3/X3THd
lXwaYqAlplgf0GZ2kRKkueTXzOS78Cz8CUgLpZ3xYJvw/M4i4mHKhQQVmwvXYiT2
6OxW05ToBb9U
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:52 2025 by rpki-client