Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iuGLJY_cwyZIHcaF-VD4ECuplCE.roa
File: iuGLJY_cwyZIHcaF-VD4ECuplCE.roa (raw, json)
Hash identifier: xa4IgK/LCG5Vhks6bEr7jAW/GGb+F5JK0nMa5ZXOhS4=
Subject key identifier: 8A:E1:8B:25:8F:DC:C3:26:48:1D:C6:85:F9:50:F8:10:2B:A9:94:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196144E2EECBD2CC06D45CFAEFB96A93357
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iuGLJY_cwyZIHcaF-VD4ECuplCE.roa
Signing time: Tue 08 Apr 2025 07:29:50 +0000
ROA not before: Tue 08 Apr 2025 07:29:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 5.253.59.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
171.22.16.0/24 maxlen: 24
171.22.19.0/25 maxlen: 25
171.22.19.128/25 maxlen: 25
212.87.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:4e:2e:ec:bd:2c:c0:6d:45:cf:ae:fb:96:a9:33:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 07:29:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ae18b258fdcc326481dc685f950f8102ba99421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:8c:4a:df:4f:03:7f:e7:aa:7a:ad:b4:41:
d6:e3:1a:83:37:c2:f3:c2:94:c5:8f:3a:f0:a1:5f:
4e:29:74:43:1b:4c:8f:0a:cc:72:8d:d6:09:a1:40:
64:a6:35:0e:39:02:f1:81:bf:ce:c3:8f:98:1a:db:
db:f1:1f:0a:2e:34:e3:04:90:87:a7:6c:f7:78:e7:
2b:4d:22:fd:eb:31:84:40:16:2b:a9:b3:59:a3:6b:
de:26:a7:97:d9:2d:15:91:2f:12:f8:24:d8:1a:a4:
31:b7:96:1b:a7:5a:58:0f:7f:88:09:5c:40:a9:75:
be:54:bf:bd:d3:c9:c9:8f:ae:9e:e0:76:28:fc:a2:
ea:ec:1f:ee:e1:e2:0e:e4:f9:32:c0:b1:43:b0:40:
c7:28:d3:8e:9d:f6:b9:17:1e:7e:aa:7a:3c:38:3f:
8e:10:72:94:cf:19:99:28:45:bc:8e:7b:17:02:f3:
e5:3b:7b:c2:52:0d:6b:e2:13:79:fe:37:6d:b3:05:
34:a4:60:80:31:8a:ca:f0:63:5a:43:6f:49:7e:57:
53:44:0a:03:d5:d1:96:e8:88:26:bf:2d:99:60:c9:
aa:0e:64:16:75:73:18:b6:14:60:ae:59:be:5b:85:
d7:fc:00:af:5f:0b:75:02:61:66:cf:8f:33:e6:e3:
55:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E1:8B:25:8F:DC:C3:26:48:1D:C6:85:F9:50:F8:10:2B:A9:94:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iuGLJY_cwyZIHcaF-VD4ECuplCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.59.0/24
85.208.139.0/24
171.22.16.0/24
171.22.19.0/24
212.87.222.0/24
Signature Algorithm: sha256WithRSAEncryption
90:82:10:cb:c2:1b:3d:07:50:46:48:a5:92:90:fe:8b:45:b5:
1d:00:ee:10:06:6b:31:24:5e:86:c1:4d:03:d4:48:f9:e5:94:
79:7c:f4:6b:45:f3:5e:31:94:8a:c1:7d:8f:12:11:a3:9f:ec:
0c:3c:38:6a:1f:bf:51:8f:96:34:9c:db:78:64:c0:72:b8:0c:
e1:73:d1:d0:af:d8:ce:f1:17:73:ab:75:59:85:b3:5e:4a:b8:
47:91:bc:03:bb:1f:7c:04:df:f1:83:66:0a:f2:2a:b1:70:4a:
72:31:89:a6:f2:0c:39:49:4b:ce:66:20:65:09:f3:f8:20:d5:
f6:e6:46:f5:e4:57:59:ac:86:45:92:aa:fb:51:bb:d3:ba:8b:
35:64:ed:bc:36:7e:51:c1:0a:69:5a:57:9f:63:07:3f:a4:4c:
db:9c:37:31:f1:02:e7:54:c1:5e:15:b2:ac:7f:ed:a6:1b:21:
f6:9b:b2:83:bf:34:b5:9f:42:86:1a:e0:d0:df:a4:9d:a9:6a:
78:74:06:0b:00:4d:37:f7:03:bb:74:98:69:81:71:ca:18:23:
86:f3:ee:02:89:2e:8e:77:6d:24:d5:69:c2:97:5d:90:a3:c3:
7a:38:f4:a3:2f:c4:3c:ef:13:a0:09:01:12:8e:56:e0:ad:05:
31:99:52:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYUTi7svSzAbUXPrvuWqTNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA4MDcyOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWUxOGIyNThmZGNjMzI2NDgxZGM2ODVmOTUwZjgxMDJiYTk5NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIeMSt9PA3/nqnqttEHW4xqDN8Lz
wpTFjzrwoV9OKXRDG0yPCsxyjdYJoUBkpjUOOQLxgb/Ow4+YGtvb8R8KLjTjBJCH
p2z3eOcrTSL96zGEQBYrqbNZo2veJqeX2S0VkS8S+CTYGqQxt5Ybp1pYD3+ICVxA
qXW+VL+908nJj66e4HYo/KLq7B/u4eIO5PkywLFDsEDHKNOOnfa5Fx5+qno8OD+O
EHKUzxmZKEW8jnsXAvPlO3vCUg1r4hN5/jdtswU0pGCAMYrK8GNaQ29JfldTRAoD
1dGW6Igmvy2ZYMmqDmQWdXMYthRgrlm+W4XX/ACvXwt1AmFmz48z5uNVjwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIrhiyWP3MMmSB3GhflQ+BArqZQhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaXVHTEpZX2N3eVpJSGNhRi1WRDRFQ3VwbENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf07AwQA
VdCLAwQAqxYQAwQAqxYTAwQA1FfeMA0GCSqGSIb3DQEBCwUAA4IBAQCQghDLwhs9
B1BGSKWSkP6LRbUdAO4QBmsxJF6GwU0D1Ej55ZR5fPRrRfNeMZSKwX2PEhGjn+wM
PDhqH79Rj5Y0nNt4ZMByuAzhc9HQr9jO8Rdzq3VZhbNeSrhHkbwDux98BN/xg2YK
8iqxcEpyMYmm8gw5SUvOZiBlCfP4INX25kb15FdZrIZFkqr7UbvTuos1ZO28Nn5R
wQppWlefYwc/pEzbnDcx8QLnVMFeFbKsf+2mGyH2m7KDvzS1n0KGGuDQ36SdqWp4
dAYLAE039wO7dJhpgXHKGCOG8+4CiS6Od20k1WnCl12Qo8N6OPSjL8Q87xOgCQES
jlbgrQUxmVLa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:44 2025 by rpki-client on console.sobornost.net