Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IP_OWu4CQzFziCZKvz4V9JHOdGA.roa
File: IP_OWu4CQzFziCZKvz4V9JHOdGA.roa (raw, json)
Hash identifier: RWvN+NagME6pQzALou5iNTl9fNkYPhoqSGlArMJPTKI=
Subject key identifier: 20:FF:CE:5A:EE:02:43:31:73:88:26:4A:BF:3E:15:F4:91:CE:74:60
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01945E032399B7504FC2DE57E07557DD5434
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IP_OWu4CQzFziCZKvz4V9JHOdGA.roa
Signing time: Mon 13 Jan 2025 04:54:11 +0000
ROA not before: Mon 13 Jan 2025 04:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35177
IP address blocks: 5.139.192.0/19 maxlen: 19
5.139.192.0/21 maxlen: 21
5.139.200.0/22 maxlen: 22
5.139.204.0/23 maxlen: 23
5.139.207.0/24 maxlen: 24
5.139.208.0/20 maxlen: 20
62.183.100.0/22 maxlen: 22
62.183.104.0/21 maxlen: 21
62.183.112.0/22 maxlen: 22
85.173.136.0/21 maxlen: 21
94.233.128.0/21 maxlen: 21
94.233.176.0/21 maxlen: 24
178.35.192.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:03:23:99:b7:50:4f:c2:de:57:e0:75:57:dd:54:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 13 04:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20ffce5aee0243317388264abf3e15f491ce7460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:91:c4:88:e2:6a:50:3c:61:62:eb:8b:85:b6:
44:db:72:4a:ef:87:d6:5a:34:91:d8:fa:ea:3d:f5:
52:76:0a:3e:b8:a5:53:92:11:29:35:8a:65:da:ef:
da:a3:6a:0f:91:aa:71:ce:08:00:45:45:bc:21:15:
a6:eb:60:90:fd:e6:da:93:f5:ba:e9:28:60:f5:7b:
5b:16:83:0a:ab:8d:7b:e5:91:b0:1f:08:ea:62:e9:
5a:f0:82:32:17:e7:bb:c7:b7:74:6b:6d:45:13:ae:
df:d7:5f:87:a9:5c:e6:60:9d:22:a0:a2:9b:8c:0b:
c8:80:8b:a3:1c:4a:e3:ae:a0:09:e5:c2:c1:eb:3e:
6e:a2:86:69:db:ef:38:4d:97:6a:14:8f:ef:23:49:
85:c7:33:66:13:5d:3e:49:37:4c:52:76:c2:06:43:
66:f3:52:9c:18:2a:2c:9e:68:9e:b9:29:ea:5d:50:
b0:61:c5:fa:d8:dd:5d:05:43:5f:97:15:3a:af:ce:
3f:d3:81:81:9e:0d:5f:9f:40:dc:57:2a:a5:1c:03:
07:56:68:46:52:00:29:c0:59:58:e9:66:8e:4b:f9:
a4:87:ac:9d:1e:50:9f:7e:ba:7e:09:04:96:d3:71:
cc:0c:e8:02:7a:02:ea:a9:89:20:95:ff:87:28:50:
74:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FF:CE:5A:EE:02:43:31:73:88:26:4A:BF:3E:15:F4:91:CE:74:60
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IP_OWu4CQzFziCZKvz4V9JHOdGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.139.192.0/19
62.183.100.0-62.183.115.255
85.173.136.0/21
94.233.128.0/21
94.233.176.0/21
178.35.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:4e:4d:56:24:c0:b1:77:7b:df:4a:1f:b2:91:35:15:0b:76:
37:19:5a:58:8c:40:e7:62:73:95:1b:ca:9c:a2:59:2c:17:37:
e7:99:04:3c:ea:51:0b:da:a2:21:fb:96:de:d7:ae:e6:a5:50:
0d:e2:37:6a:9f:3d:64:2d:fe:66:ba:cf:99:1f:2c:95:63:2c:
23:1d:8c:b9:73:e7:fb:82:65:c0:bb:f0:e8:58:e6:0d:0c:b4:
ce:d9:af:7f:fb:03:6e:60:79:84:18:ff:3e:be:eb:34:33:9d:
1e:af:00:8a:d9:a8:1b:ad:b5:eb:b6:ce:42:bc:5f:97:08:a3:
0d:c9:9e:cf:bb:a3:ef:f5:41:4c:d3:fe:c9:f2:d0:ed:af:0d:
73:ed:8f:ec:04:dd:cc:ed:c0:d2:0f:ed:1d:32:2c:24:fd:31:
34:1d:ed:ab:f1:49:72:4c:21:7c:cd:3f:31:12:c7:29:6b:b9:
77:bf:83:b5:6e:e7:40:49:9b:aa:18:da:3e:98:b8:16:e6:52:
32:3b:52:8d:24:9b:eb:3d:84:b3:34:40:14:6f:38:44:5f:71:
70:98:31:ee:ab:53:99:99:e9:dd:1e:ad:61:e3:3a:ab:12:b2:
96:b6:0e:1f:49:09:71:b4:ed:51:2f:66:6f:57:1b:0b:1e:ca:
8d:d0:f2:2c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZReAyOZt1BPwt5X4HVX3VQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTEzMDQ1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZmY2U1YWVlMDI0MzMxNzM4ODI2NGFiZjNlMTVmNDkxY2U3NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZHEiOJqUDxhYuuLhbZE23JK74fW
WjSR2PrqPfVSdgo+uKVTkhEpNYpl2u/ao2oPkapxzggARUW8IRWm62CQ/ebak/W6
6Shg9XtbFoMKq4175ZGwHwjqYula8IIyF+e7x7d0a21FE67f11+HqVzmYJ0ioKKb
jAvIgIujHErjrqAJ5cLB6z5uooZp2+84TZdqFI/vI0mFxzNmE10+STdMUnbCBkNm
81KcGCosnmieuSnqXVCwYcX62N1dBUNflxU6r84/04GBng1fn0DcVyqlHAMHVmhG
UgApwFlY6WaOS/mkh6ydHlCffrp+CQSW03HMDOgCegLqqYkglf+HKFB0cQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCD/zlruAkMxc4gmSr8+FfSRznRgMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvSVBfT1d1NENRekZ6aUNaS3Z6NFY5SkhPZEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQFBYvAMAwD
BAI+t2QDBAI+t3ADBANVrYgDBANe6YADBANe6bADBAWyI8AwDQYJKoZIhvcNAQEL
BQADggEBAHtOTVYkwLF3e99KH7KRNRULdjcZWliMQOdic5UbypyiWSwXN+eZBDzq
UQvaoiH7lt7XrualUA3iN2qfPWQt/ma6z5kfLJVjLCMdjLlz5/uCZcC78OhY5g0M
tM7Zr3/7A25geYQY/z6+6zQznR6vAIrZqButteu2zkK8X5cIow3Jns+7o+/1QUzT
/sny0O2vDXPtj+wE3cztwNIP7R0yLCT9MTQd7avxSXJMIXzNPzESxylruXe/g7Vu
50BJm6oY2j6YuBbmUjI7Uo0km+s9hLM0QBRvOERfcXCYMe6rU5mZ6d0erWHjOqsS
spa2Dh9JCXG07VEvZm9XGwseyo3Q8iw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:03 2025 by rpki-client