Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lrxK-1PHl8s1vOqLjVjH-6pK0Hg.roa
File: lrxK-1PHl8s1vOqLjVjH-6pK0Hg.roa (raw, json)
Hash identifier: 5IOX3bGAwFLQftDnwnahdls7yx7hu0G73F010XpJpSM=
Subject key identifier: 96:BC:4A:FB:53:C7:97:CB:35:BC:EA:8B:8D:58:C7:FB:AA:4A:D0:78
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6FE7AF40D0BD491A2942899E692F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lrxK-1PHl8s1vOqLjVjH-6pK0Hg.roa
Signing time: Thu 02 Jan 2025 09:50:28 +0000
ROA not before: Thu 02 Jan 2025 09:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34892
IP address blocks: 5.158.232.0/21 maxlen: 21
5.158.232.0/24 maxlen: 24
5.158.233.0/24 maxlen: 24
5.158.234.0/23 maxlen: 23
5.158.236.0/23 maxlen: 23
5.158.238.0/23 maxlen: 23
85.234.0.0/19 maxlen: 19
85.234.0.0/22 maxlen: 22
85.234.4.0/22 maxlen: 22
85.234.8.0/22 maxlen: 22
85.234.12.0/22 maxlen: 22
85.234.16.0/22 maxlen: 22
85.234.20.0/24 maxlen: 24
85.234.21.0/24 maxlen: 24
85.234.24.0/22 maxlen: 22
85.234.28.0/22 maxlen: 22
185.24.44.0/23 maxlen: 23
185.24.44.0/24 maxlen: 24
185.24.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6f:e7:af:40:d0:bd:49:1a:29:42:89:9e:69:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96bc4afb53c797cb35bcea8b8d58c7fbaa4ad078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:64:69:6e:39:9f:8e:8c:c8:b4:1a:b4:88:77:
61:97:a3:b8:dd:59:4a:9a:84:d0:83:d4:ee:11:ad:
fe:45:56:bf:80:a0:4a:58:3c:9b:38:3d:9c:9c:1b:
fb:1f:77:bf:c8:1a:3f:7b:48:a3:9d:d8:15:05:15:
87:90:0a:7d:28:b8:54:6a:77:10:b2:58:ea:da:7d:
5a:fe:0a:42:b2:64:00:56:fc:3d:d5:5b:df:45:ef:
2f:c9:43:74:06:07:53:1d:75:ea:a7:65:54:4d:a5:
ed:16:b3:61:17:74:cc:e9:ed:21:02:76:1b:00:6d:
77:3c:52:84:7d:d3:bf:92:b3:f1:80:f7:36:b2:06:
91:5e:8a:b1:7e:3b:ac:74:98:1d:bb:61:15:2e:97:
a8:94:38:ee:b2:0d:bc:15:cd:6a:0e:b8:f6:da:7e:
ab:bc:07:df:3e:c9:e2:f7:99:c3:33:38:aa:a2:0c:
58:c4:e5:9f:db:f8:81:97:22:9d:22:ff:8b:08:6a:
ff:be:ee:73:34:22:42:54:4b:4d:84:51:42:e2:76:
bf:04:16:c4:7e:fb:30:01:a0:36:dd:1a:ff:cc:68:
2a:b6:f9:1e:06:6e:6e:bd:12:e5:c6:23:a9:38:13:
15:b7:0d:04:54:46:6b:1f:25:46:a8:3d:41:30:c6:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BC:4A:FB:53:C7:97:CB:35:BC:EA:8B:8D:58:C7:FB:AA:4A:D0:78
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/lrxK-1PHl8s1vOqLjVjH-6pK0Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.232.0/21
85.234.0.0/19
185.24.44.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:5d:74:6d:48:54:3c:82:af:04:2e:db:b8:2b:3f:86:6d:de:
b6:21:2b:11:99:9b:88:86:09:f6:40:b3:0c:0e:8a:33:18:e3:
0f:aa:8e:56:60:0b:51:5d:aa:e9:eb:95:ad:aa:89:1e:7f:e6:
0c:86:c0:d2:6a:6d:a0:97:e6:5e:3d:28:d9:65:3d:d9:73:57:
02:b7:68:b4:dc:d7:91:78:a8:e4:71:d0:1d:cf:11:3c:0a:41:
a5:ff:55:20:0b:9c:c2:35:96:fe:8b:f6:36:92:42:ab:16:45:
7c:b5:60:82:85:b6:9d:83:3a:9a:b8:48:f0:5f:b2:79:dd:06:
90:5d:f1:bf:b4:6c:27:8b:b1:55:14:a5:c9:5a:2b:52:06:37:
66:7d:a6:78:2d:d5:4e:59:5b:68:9b:68:00:ec:64:07:e0:2c:
9f:17:4e:eb:c4:d9:8d:1c:fe:ca:98:56:ba:d3:2c:97:9a:a3:
f3:26:1f:2b:b3:94:31:14:87:9d:82:a1:8d:38:9f:fd:8c:e4:
08:89:6e:13:90:b3:d1:6a:fb:d4:f7:76:29:17:0c:f5:75:1e:
b2:df:a1:14:d0:01:01:e3:b5:e1:43:f4:35:e7:ab:6e:95:5b:
0f:5b:90:7c:43:2e:2d:19:40:39:24:b9:f1:51:bd:15:54:32:
ca:ea:4f:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQmbG/nr0DQvUkaKUKJnmkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJjNGFmYjUzYzc5N2NiMzViY2VhOGI4ZDU4YzdmYmFhNGFkMDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mRpbjmfjozItBq0iHdhl6O43VlK
moTQg9TuEa3+RVa/gKBKWDybOD2cnBv7H3e/yBo/e0ijndgVBRWHkAp9KLhUancQ
sljq2n1a/gpCsmQAVvw91VvfRe8vyUN0BgdTHXXqp2VUTaXtFrNhF3TM6e0hAnYb
AG13PFKEfdO/krPxgPc2sgaRXoqxfjusdJgdu2EVLpeolDjusg28Fc1qDrj22n6r
vAffPsni95nDMziqogxYxOWf2/iBlyKdIv+LCGr/vu5zNCJCVEtNhFFC4na/BBbE
fvswAaA23Rr/zGgqtvkeBm5uvRLlxiOpOBMVtw0EVEZrHyVGqD1BMMZ9FwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJa8SvtTx5fLNbzqi41Yx/uqStB4MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbHJ4Sy0xUEhsOHMxdk9xTGpWakgtNnBLMEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBZ7oAwQF
VeoAAwQBuRgsMA0GCSqGSIb3DQEBCwUAA4IBAQAMXXRtSFQ8gq8ELtu4Kz+Gbd62
ISsRmZuIhgn2QLMMDoozGOMPqo5WYAtRXarp65Wtqokef+YMhsDSam2gl+ZePSjZ
ZT3Zc1cCt2i03NeReKjkcdAdzxE8CkGl/1UgC5zCNZb+i/Y2kkKrFkV8tWCChbad
gzqauEjwX7J53QaQXfG/tGwni7FVFKXJWitSBjdmfaZ4LdVOWVtom2gA7GQH4Cyf
F07rxNmNHP7KmFa60yyXmqPzJh8rs5QxFIedgqGNOJ/9jOQIiW4TkLPRavvU93Yp
Fwz1dR6y36EU0AEB47XhQ/Q156tulVsPW5B8Qy4tGUA5JLnxUb0VVDLK6k8F
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:30 2025 by rpki-client