Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/XHNHGBGPNzafqPbgo1yp-tdJ_90.roa
File: XHNHGBGPNzafqPbgo1yp-tdJ_90.roa (raw, json)
Hash identifier: rM62YiKjcddVHCq5Thz6YlMGcy5PoC3y4pyxeKHIx4s=
Subject key identifier: 5C:73:47:18:11:8F:37:36:9F:A8:F6:E0:A3:5C:A9:FA:D7:49:FF:DD
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 018E5C63FA91C5122B6B3A7387AC5FE0F388
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/XHNHGBGPNzafqPbgo1yp-tdJ_90.roa
Signing time: Wed 20 Mar 2024 15:03:59 +0000
ROA not before: Wed 20 Mar 2024 15:03:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24768
IP address blocks: 5.253.183.0/24 maxlen: 24
82.102.7.0/24 maxlen: 24
94.46.12.0/22 maxlen: 22
94.46.12.0/24 maxlen: 24
94.46.13.0/24 maxlen: 24
94.46.14.0/24 maxlen: 24
94.46.15.0/24 maxlen: 24
94.46.16.0/22 maxlen: 22
94.46.16.0/24 maxlen: 24
94.46.20.0/22 maxlen: 22
94.46.20.0/24 maxlen: 24
94.46.21.0/24 maxlen: 24
94.46.22.0/24 maxlen: 24
94.46.23.0/24 maxlen: 24
94.46.25.0/24 maxlen: 24
94.46.26.0/24 maxlen: 24
94.46.27.0/24 maxlen: 24
94.46.28.0/22 maxlen: 22
94.46.28.0/24 maxlen: 24
94.46.29.0/24 maxlen: 24
94.46.30.0/24 maxlen: 24
94.46.128.0/21 maxlen: 21
94.46.132.0/24 maxlen: 24
94.46.133.0/24 maxlen: 24
94.46.160.0/20 maxlen: 24
94.46.176.0/21 maxlen: 21
109.71.40.0/21 maxlen: 21
109.71.40.0/24 maxlen: 24
109.71.41.0/24 maxlen: 24
109.71.42.0/24 maxlen: 24
109.71.43.0/24 maxlen: 24
109.71.44.0/24 maxlen: 24
109.71.45.0/24 maxlen: 24
109.71.46.0/24 maxlen: 24
109.71.47.0/24 maxlen: 24
130.185.80.0/21 maxlen: 21
130.185.81.0/24 maxlen: 24
130.185.82.0/24 maxlen: 24
130.185.83.0/24 maxlen: 24
130.185.84.0/24 maxlen: 24
130.185.85.0/24 maxlen: 24
130.185.86.0/24 maxlen: 24
130.185.87.0/24 maxlen: 24
185.15.20.0/22 maxlen: 22
185.15.20.0/24 maxlen: 24
185.15.22.0/24 maxlen: 24
185.15.23.0/24 maxlen: 24
2a00:1650::/33 maxlen: 33
2a00:1650:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:63:fa:91:c5:12:2b:6b:3a:73:87:ac:5f:e0:f3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Mar 20 15:03:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c734718118f37369fa8f6e0a35ca9fad749ffdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7a:5d:e7:a9:bf:53:6e:a5:e4:36:ec:b6:68:
03:45:b9:d2:08:b7:e0:53:cb:a9:94:ab:02:cf:e9:
b3:82:fb:34:ff:7d:7e:55:86:31:48:90:e3:d4:09:
8b:9c:b2:ae:14:5c:b7:83:00:d2:a3:24:28:b0:57:
f2:c8:32:18:84:cf:cf:59:d0:6d:ba:1e:25:1c:f1:
24:a1:9d:92:45:e5:87:b5:5d:62:e1:0c:04:fe:07:
e8:ac:98:c5:70:b6:e6:2a:f4:ec:bf:4e:90:03:fc:
80:49:53:14:b2:61:44:a1:42:9e:a7:e2:1e:2d:8b:
8a:76:e0:c2:6f:a1:bc:6f:77:a2:6c:03:ba:57:6c:
ea:01:60:2b:a8:7e:49:06:75:37:15:02:82:4c:1c:
31:61:fe:4b:8d:ec:38:47:57:fe:56:41:3a:3f:25:
21:d9:77:d7:d8:1f:b8:33:8a:85:c4:dc:c3:f4:82:
16:e5:74:09:7a:8b:f8:2f:53:be:98:4a:8c:32:c4:
e1:db:a1:5a:86:38:a4:a8:3d:b2:02:dc:2a:7f:41:
92:81:5f:43:7a:dd:c1:fc:e6:fa:8b:52:60:94:35:
a2:25:11:e9:20:97:73:e8:72:de:ee:31:79:73:8b:
68:1b:ab:9a:01:46:43:cb:e0:6b:e6:71:5f:21:b5:
57:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:73:47:18:11:8F:37:36:9F:A8:F6:E0:A3:5C:A9:FA:D7:49:FF:DD
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/XHNHGBGPNzafqPbgo1yp-tdJ_90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.183.0/24
82.102.7.0/24
94.46.12.0-94.46.23.255
94.46.25.0-94.46.31.255
94.46.128.0/21
94.46.160.0-94.46.183.255
109.71.40.0/21
130.185.80.0/21
185.15.20.0/22
IPv6:
2a00:1650::/32
Signature Algorithm: sha256WithRSAEncryption
9c:f8:a2:26:f2:a7:9d:13:bf:f4:a6:22:3f:22:25:bc:a7:31:
5d:3a:4d:8e:7d:59:5d:6e:99:3d:72:63:a5:6f:ab:a0:cf:65:
29:af:d5:72:1b:e4:47:0a:08:f2:a9:6b:9f:53:67:f4:de:e6:
30:03:4e:86:9c:18:24:7d:b1:df:b2:fc:52:81:23:7c:b7:48:
c8:28:9f:ac:2b:04:d8:c5:6a:41:8b:10:62:95:f8:d6:01:3e:
6c:8c:5f:46:35:4b:09:0b:e1:0a:99:8f:32:0a:4c:1b:39:9b:
c3:b1:33:37:a6:6e:dd:19:2a:13:81:f1:5b:65:b4:af:64:8c:
85:b3:4f:01:51:65:43:2d:f1:76:99:a7:9e:27:1c:88:7d:35:
6c:6a:fe:8a:49:68:72:75:15:3e:d0:d9:4e:95:24:d6:35:05:
81:18:23:9d:f4:12:cb:a4:d4:37:15:2e:3b:4c:57:3b:ff:50:
e5:58:ee:17:d5:f8:b2:e2:f0:5d:a2:b1:d6:cc:94:fa:4f:19:
1f:e5:71:f6:a6:ec:1b:32:c8:2c:59:25:9d:1b:e7:6f:75:e5:
5c:6b:69:bb:50:49:03:5b:db:a6:b2:f0:3a:8c:c3:1e:76:43:
c3:a6:8f:52:8b:4d:6c:00:02:a6:04:06:fd:cf:f0:7e:7a:04:
1e:a7:e4:83
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY5cY/qRxRIrazpzh6xf4POIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjQwMzIwMTUwMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzczNDcxODExOGYzNzM2OWZhOGY2ZTBhMzVjYTlmYWQ3NDlmZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3pd56m/U26l5DbstmgDRbnSCLfg
U8uplKsCz+mzgvs0/31+VYYxSJDj1AmLnLKuFFy3gwDSoyQosFfyyDIYhM/PWdBt
uh4lHPEkoZ2SReWHtV1i4QwE/gforJjFcLbmKvTsv06QA/yASVMUsmFEoUKep+Ie
LYuKduDCb6G8b3eibAO6V2zqAWArqH5JBnU3FQKCTBwxYf5Ljew4R1f+VkE6PyUh
2XfX2B+4M4qFxNzD9IIW5XQJeov4L1O+mEqMMsTh26FahjikqD2yAtwqf0GSgV9D
et3B/Ob6i1JglDWiJRHpIJdz6HLe7jF5c4toG6uaAUZDy+Br5nFfIbVXnwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFFxzRxgRjzc2n6j24KNcqfrXSf/dMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvWEhOSEdCR1BOemFmcVBiZ28xeXAtdGRKXzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQABf23AwQA
UmYHMAwDBAJeLgwDBANeLhAwDAMEAF4uGQMEBV4uAAMEA14ugDAMAwQFXi6gAwQD
Xi6wAwQDbUcoAwQDgrlQAwQCuQ8UMA0EAgACMAcDBQAqABZQMA0GCSqGSIb3DQEB
CwUAA4IBAQCc+KIm8qedE7/0piI/IiW8pzFdOk2OfVldbpk9cmOlb6ugz2Upr9Vy
G+RHCgjyqWufU2f03uYwA06GnBgkfbHfsvxSgSN8t0jIKJ+sKwTYxWpBixBilfjW
AT5sjF9GNUsJC+EKmY8yCkwbOZvDsTM3pm7dGSoTgfFbZbSvZIyFs08BUWVDLfF2
maeeJxyIfTVsav6KSWhydRU+0NlOlSTWNQWBGCOd9BLLpNQ3FS47TFc7/1DlWO4X
1fiy4vBdorHWzJT6Txkf5XH2puwbMsgsWSWdG+dvdeVca2m7UEkDW9umsvA6jMMe
dkPDpo9Si01sAAKmBAb9z/B+egQep+SD
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:22:22 2025 by rpki-client