Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pNm8ni7zOchXPxBioIBSF7W0gg0.roa
File: pNm8ni7zOchXPxBioIBSF7W0gg0.roa (raw, json)
Hash identifier: 8lwUGmN/H6t2QgG7bPf4Qh0+YiSAWX5IRLoN5YW9njA=
Subject key identifier: A4:D9:BC:9E:2E:F3:39:C8:57:3F:10:62:A0:80:52:17:B5:B4:82:0D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 019420D5D8982FEFAF13182C3A79424A316B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pNm8ni7zOchXPxBioIBSF7W0gg0.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/22 maxlen: 22
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d8:98:2f:ef:af:13:18:2c:3a:79:42:4a:31:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4d9bc9e2ef339c8573f1062a0805217b5b4820d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:28:b8:46:52:9a:e4:54:10:24:f6:5d:19:db:
e6:c9:3d:fe:73:07:0d:41:fc:98:c4:1f:c1:65:ba:
f0:66:32:87:1c:90:32:7a:d3:bc:8f:b2:46:a2:9a:
c1:0e:e0:bc:ec:64:3b:74:e0:64:1b:da:63:16:13:
2e:4c:a3:2d:1a:20:52:fd:b9:3b:0a:50:31:9e:96:
f6:96:83:74:6d:98:9e:d1:2f:40:25:bc:66:a5:fd:
47:1d:7f:b6:e0:2b:92:a7:05:bb:09:30:9a:2f:e6:
43:a3:c1:43:d6:d2:63:27:6d:f9:a0:81:9d:53:c4:
c3:da:6f:15:64:f2:31:f6:23:55:f2:8c:b6:8c:b1:
e4:41:de:56:3e:38:a4:85:26:bf:2e:d3:2b:99:ba:
32:38:ba:78:96:f5:93:5b:5a:26:43:23:85:ec:6d:
9e:43:2b:85:7b:ea:a6:49:2e:cf:a0:4e:92:26:bd:
83:28:bc:76:51:18:43:54:74:5f:d0:5d:80:f1:36:
f4:ae:a1:67:f9:6c:85:7d:8f:ed:b4:ff:94:bb:0c:
ed:e8:dc:ef:d0:ce:ed:01:68:48:15:81:06:6e:90:
65:df:2a:d9:3b:84:c7:74:c3:b6:cf:44:3a:22:ee:
07:8d:13:70:9e:6d:0e:60:01:68:c5:33:a9:0f:b7:
9c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D9:BC:9E:2E:F3:39:C8:57:3F:10:62:A0:80:52:17:B5:B4:82:0D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pNm8ni7zOchXPxBioIBSF7W0gg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
185.81.217.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:de:a7:17:f6:5a:e3:96:94:9d:25:35:b9:a7:b6:50:0b:29:
ff:69:5c:3a:a3:97:11:fe:fb:9b:74:54:b5:4f:ce:fa:bd:91:
88:52:b7:83:1c:1c:61:63:9d:1c:6c:2f:44:1c:dc:e1:f9:7f:
35:e9:12:3c:54:8d:c8:ee:29:89:57:b5:89:20:b7:25:91:02:
ba:a3:8a:21:dc:b5:ff:67:9c:77:93:04:21:36:48:44:dd:4f:
d9:29:6a:f6:de:e3:8f:34:ba:ed:45:cd:f8:26:e1:eb:ad:84:
74:0d:98:24:a7:19:0c:d6:65:c3:e7:ed:30:97:74:a0:1f:c4:
9e:6f:79:d9:1c:d4:b5:20:3e:92:b5:e3:19:1d:37:06:1a:d6:
c8:7d:3d:78:54:b6:d8:fa:4c:5f:cf:6d:d4:0d:ad:2d:f5:3c:
50:8d:1a:5d:45:40:83:31:73:88:af:91:56:23:9c:30:29:f6:
d6:1f:e2:85:63:b2:97:81:df:e3:0b:f0:fb:b6:24:3a:63:af:
bb:08:93:4e:b1:5f:86:c7:ff:18:bb:bf:98:4c:e8:45:71:eb:
28:4c:0a:f3:8b:56:28:70:7d:60:95:01:14:18:da:33:ba:42:
1d:26:d9:e6:f5:67:2c:96:bb:95:0f:57:f2:31:b8:98:7d:3d:
7c:04:42:5f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQg1diYL++vExgsOnlCSjFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGQ5YmM5ZTJlZjMzOWM4NTczZjEwNjJhMDgwNTIxN2I1YjQ4MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCi4RlKa5FQQJPZdGdvmyT3+cwcN
QfyYxB/BZbrwZjKHHJAyetO8j7JGoprBDuC87GQ7dOBkG9pjFhMuTKMtGiBS/bk7
ClAxnpb2loN0bZie0S9AJbxmpf1HHX+24CuSpwW7CTCaL+ZDo8FD1tJjJ235oIGd
U8TD2m8VZPIx9iNV8oy2jLHkQd5WPjikhSa/LtMrmboyOLp4lvWTW1omQyOF7G2e
QyuFe+qmSS7PoE6SJr2DKLx2URhDVHRf0F2A8Tb0rqFn+WyFfY/ttP+Uuwzt6Nzv
0M7tAWhIFYEGbpBl3yrZO4THdMO2z0Q6Iu4HjRNwnm0OYAFoxTOpD7ecjQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKTZvJ4u8znIVz8QYqCAUhe1tIINMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcE5tOG5pN3pPY2hYUHhCaW9JQlNGN1cwZ2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBAC5UdkDBAK8QAgw
DQYJKoZIhvcNAQELBQADggEBAMjepxf2WuOWlJ0lNbmntlALKf9pXDqjlxH++5t0
VLVPzvq9kYhSt4McHGFjnRxsL0Qc3OH5fzXpEjxUjcjuKYlXtYkgtyWRArqjiiHc
tf9nnHeTBCE2SETdT9kpavbe4480uu1Fzfgm4euthHQNmCSnGQzWZcPn7TCXdKAf
xJ5vedkc1LUgPpK14xkdNwYa1sh9PXhUttj6TF/PbdQNrS31PFCNGl1FQIMxc4iv
kVYjnDAp9tYf4oVjspeB3+ML8Pu2JDpjr7sIk06xX4bH/xi7v5hM6EVx6yhMCvOL
VihwfWCVARQY2jO6Qh0m2eb1ZyyWu5UPV/IxuJh9PXwEQl8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:11 2025 by rpki-client