Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Cqx50p5ptcFjypJvD79Nj4VL86Y.roa
File: Cqx50p5ptcFjypJvD79Nj4VL86Y.roa (raw, json)
Hash identifier: Y7eBwgaPVHapOuhLkYt0nqwiHsQMlikqLEuEy06LaWM=
Subject key identifier: 0A:AC:79:D2:9E:69:B5:C1:63:CA:92:6F:0F:BF:4D:8F:85:4B:F3:A6
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018E0D66BFC709E212D2A891F29EBDBC5287
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Cqx50p5ptcFjypJvD79Nj4VL86Y.roa
Signing time: Tue 05 Mar 2024 06:57:01 +0000
ROA not before: Tue 05 Mar 2024 06:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
2a12:adc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:66:bf:c7:09:e2:12:d2:a8:91:f2:9e:bd:bc:52:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 5 06:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aac79d29e69b5c163ca926f0fbf4d8f854bf3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9d:60:37:16:ce:76:e3:b6:4d:47:0c:b4:7d:
01:07:a8:75:7c:20:31:bf:da:70:47:87:cb:8f:eb:
6b:07:b3:60:1d:c0:50:c7:e3:45:a8:87:a0:49:90:
36:75:a0:55:a5:0a:ee:55:4d:57:1b:5e:1e:34:8f:
3a:32:bd:80:ee:4d:e5:43:c4:d1:be:2e:0b:0e:fd:
b3:89:dd:d0:d5:df:d4:6a:5a:3d:17:ba:9d:8f:b6:
10:18:22:99:8a:e6:6b:a5:cc:96:fb:29:13:fa:0c:
9b:b9:9c:ea:2b:db:06:47:82:42:31:fe:b4:55:a7:
4a:28:2f:10:9e:8f:4f:2b:26:15:ed:fe:51:fc:7a:
02:30:8e:aa:04:b4:1c:9c:28:c4:09:38:8c:8f:d9:
a0:77:1d:59:66:a0:6c:81:ca:06:7a:4d:8f:9b:86:
22:7c:15:a2:16:7a:a1:29:82:65:fe:a8:e2:3a:71:
63:c0:fe:8d:a7:b7:e7:7d:83:99:26:6c:cc:b3:37:
59:7c:29:d6:1f:7f:0c:28:e8:ce:ff:f8:e9:45:15:
84:6e:20:0f:da:fa:d0:fd:a1:86:fc:69:82:78:1c:
fc:6f:1c:fd:1e:a7:65:0b:36:5c:dc:1d:d5:f5:32:
4e:a6:8f:31:52:91:d8:ab:74:69:e0:57:ba:0a:dd:
08:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AC:79:D2:9E:69:B5:C1:63:CA:92:6F:0F:BF:4D:8F:85:4B:F3:A6
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Cqx50p5ptcFjypJvD79Nj4VL86Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
2a12:adc0::/29
Signature Algorithm: sha256WithRSAEncryption
17:f6:f8:59:f8:a4:e3:37:e4:f7:a5:eb:48:88:53:e8:f7:4c:
02:00:09:71:47:45:50:cf:9c:72:fb:19:13:38:7b:5e:bb:31:
85:fc:a5:14:54:5c:ff:88:7b:17:7c:58:97:79:33:19:91:1d:
06:d4:74:8b:5b:03:e2:84:2d:97:74:11:a4:50:86:e9:a2:20:
35:af:ad:f1:89:51:f5:5c:0d:b0:7c:64:b5:be:5c:02:a5:fb:
0b:28:e6:bb:78:50:b6:40:6f:99:0b:1d:a1:a0:a2:63:bd:86:
4b:9d:d0:41:d6:82:51:a6:82:d9:ae:dd:5f:a4:40:9e:d7:d9:
80:2f:bd:30:cc:91:d0:96:fc:53:81:fe:5d:0e:53:7a:23:ba:
9d:84:2c:44:b6:2a:af:ea:26:c6:4f:4c:5d:66:b1:59:ef:5a:
ef:ac:80:ac:0e:43:5d:f1:af:4c:41:d3:c8:37:cc:1d:7d:a1:
df:4c:5e:b3:eb:7d:89:f6:ae:bb:a7:9e:0c:70:88:85:e9:7b:
a2:d1:a4:b5:01:57:80:6e:58:85:21:89:bb:4c:ce:2f:2a:4b:
b1:d3:d1:5f:09:35:e9:14:58:96:f9:4e:3a:5d:6a:93:1f:ce:
b8:c7:d5:60:8c:b2:f2:bf:5e:f9:85:47:4f:f5:42:d9:9e:d1:
c8:0b:4e:db
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAY4NZr/HCeIS0qiR8p69vFKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzA1MDY1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFjNzlkMjllNjliNWMxNjNjYTkyNmYwZmJmNGQ4Zjg1NGJmM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ1gNxbOduO2TUcMtH0BB6h1fCAx
v9pwR4fLj+trB7NgHcBQx+NFqIegSZA2daBVpQruVU1XG14eNI86Mr2A7k3lQ8TR
vi4LDv2zid3Q1d/Ualo9F7qdj7YQGCKZiuZrpcyW+ykT+gybuZzqK9sGR4JCMf60
VadKKC8Qno9PKyYV7f5R/HoCMI6qBLQcnCjECTiMj9mgdx1ZZqBsgcoGek2Pm4Yi
fBWiFnqhKYJl/qjiOnFjwP6Np7fnfYOZJmzMszdZfCnWH38MKOjO//jpRRWEbiAP
2vrQ/aGG/GmCeBz8bxz9HqdlCzZc3B3V9TJOpo8xUpHYq3Rp4Fe6Ct0IcwIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFAqsedKeabXBY8qSbw+/TY+FS/OmMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvQ3F4NTBwNXB0Y0ZqeXBKdkQ3OU5qNFZMODZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCBuwQCAAEwgbQD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwDBAItnOADBABQ9h4DBABWabcDBABX7/4D
BABZI/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgD
BAK5k4wDBAK5mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQDBAC5uOQDBAC5vD0D
BAC5ybwDBAK52UADBAC58tkDBAC8d5oDBADBJFkDBADDL8IwgYQEAgACMH4DBQAq
AUdAAwUDKgUowAMFAyoF9MADBQMqBjBAAwUDKgZGwAMFAyoGSgADBQMqBlAAAwUD
KgZXAAMFAyoG34ADBQMqBuSAAwUDKgdHgAMFAyoHnIADBQMqB/LAAwUDKgowgAMF
AyoLP0ADBQMqDNjAAwUDKgzsQAMFAyoSrcAwDQYJKoZIhvcNAQELBQADggEBABf2
+Fn4pOM35Pel60iIU+j3TAIACXFHRVDPnHL7GRM4e167MYX8pRRUXP+Iexd8WJd5
MxmRHQbUdItbA+KELZd0EaRQhumiIDWvrfGJUfVcDbB8ZLW+XAKl+wso5rt4ULZA
b5kLHaGgomO9hkud0EHWglGmgtmu3V+kQJ7X2YAvvTDMkdCW/FOB/l0OU3ojup2E
LES2Kq/qJsZPTF1msVnvWu+sgKwOQ13xr0xB08g3zB19od9MXrPrfYn2rrunngxw
iIXpe6LRpLUBV4BuWIUhibtMzi8qS7HT0V8JNekUWJb5TjpdapMfzrjH1WCMsvK/
XvmFR0/1Qtme0cgLTts=
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:27:24 2025 by rpki-client