Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/5A2wLed6xy4LK7jvkiIkYMXSVEw.roa
File: 5A2wLed6xy4LK7jvkiIkYMXSVEw.roa (raw, json)
Hash identifier: eL5G+05NzxZ+JGYnXx8r5lFHlGHbv8UGaYg9EhNH504=
Subject key identifier: E4:0D:B0:2D:E7:7A:C7:2E:0B:2B:B8:EF:92:22:24:60:C5:D2:54:4C
Certificate issuer: /CN=e2110acce33ac85011ca8c22d2001666e45b9377
Certificate serial: 0195F706C126BD4197493AF2B3BF5D4E97D2
Authority key identifier: E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/5A2wLed6xy4LK7jvkiIkYMXSVEw.roa
Signing time: Wed 02 Apr 2025 15:02:49 +0000
ROA not before: Wed 02 Apr 2025 15:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 5.134.0.0/21 maxlen: 24
31.14.50.0/23 maxlen: 24
31.193.176.0/21 maxlen: 24
37.72.160.0/21 maxlen: 24
37.148.176.0/21 maxlen: 24
46.21.224.0/20 maxlen: 24
62.182.56.0/21 maxlen: 21
77.73.96.0/21 maxlen: 24
77.241.80.0/20 maxlen: 24
77.241.95.0/24 maxlen: 24
79.174.128.0/21 maxlen: 24
83.217.64.0/19 maxlen: 24
87.238.160.0/21 maxlen: 24
88.151.240.0/21 maxlen: 24
89.36.74.0/23 maxlen: 24
89.42.54.0/23 maxlen: 24
89.44.166.0/23 maxlen: 24
93.115.168.0/23 maxlen: 23
94.176.98.0/23 maxlen: 24
176.62.160.0/20 maxlen: 24
178.208.32.0/19 maxlen: 24
185.2.52.0/22 maxlen: 24
185.18.8.0/22 maxlen: 24
185.76.236.0/22 maxlen: 24
185.86.16.0/22 maxlen: 24
185.111.196.0/22 maxlen: 24
185.162.28.0/22 maxlen: 24
185.175.196.0/22 maxlen: 24
185.190.84.0/22 maxlen: 24
188.93.96.0/21 maxlen: 24
188.93.152.0/21 maxlen: 24
188.208.36.0/23 maxlen: 24
188.211.170.0/23 maxlen: 24
193.111.95.0/24 maxlen: 24
193.239.210.0/23 maxlen: 24
194.26.24.0/24 maxlen: 24
194.150.224.0/23 maxlen: 23
194.165.51.0/24 maxlen: 24
195.13.56.0/23 maxlen: 24
195.47.215.0/24 maxlen: 24
195.234.184.0/24 maxlen: 24
217.19.224.0/20 maxlen: 24
217.21.176.0/20 maxlen: 24
2a00:1c98::/32 maxlen: 64
2a00:1c98:fff0::/44 maxlen: 64
2a00:7000::/32 maxlen: 64
2a02:d08::/32 maxlen: 64
2a03:a800::/32 maxlen: 32
2a07:ca80::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:06:c1:26:bd:41:97:49:3a:f2:b3:bf:5d:4e:97:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2110acce33ac85011ca8c22d2001666e45b9377
Validity
Not Before: Apr 2 15:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e40db02de77ac72e0b2bb8ef92222460c5d2544c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:b2:34:25:9a:9a:b6:93:0a:0e:0b:ff:f5:
bd:ea:6d:9f:c1:f5:7d:2d:80:48:f7:25:7b:54:4b:
b0:a8:1f:c3:7d:57:d0:7a:b4:03:e8:98:57:94:dd:
d8:a5:56:96:75:22:6c:e3:2b:d8:25:ff:f0:e9:34:
d5:76:80:63:b6:7a:19:60:14:0f:5d:7f:70:fc:22:
0c:0b:60:71:2f:ee:93:da:33:de:0f:13:7d:e8:d9:
d7:1a:db:cd:c4:3a:c3:12:d2:dd:c4:ba:20:db:fe:
63:6d:3f:dc:d5:00:88:7a:99:6c:01:e4:10:ad:9b:
a6:97:15:4a:d3:08:f9:0c:63:a7:9f:47:f3:5d:f8:
c8:5e:71:83:b1:4d:d9:73:7f:9b:f0:52:ed:92:aa:
2b:94:74:8e:e1:2e:ec:bb:a0:f5:e6:d3:3e:c9:a4:
ab:f3:bd:7b:f4:42:ef:06:e0:54:da:8a:a1:0b:f0:
8c:3f:c2:46:b5:c8:32:cf:ea:34:d5:fb:23:0d:15:
b6:f2:4a:53:ff:29:d4:7b:36:bb:0e:89:f6:e6:c2:
f7:59:58:71:13:3f:d4:e2:da:d6:d4:e6:6f:f4:67:
96:9a:dc:e1:78:26:51:88:8a:69:65:25:d1:b1:0b:
84:89:09:71:eb:15:40:84:d8:87:d6:b4:3f:15:6e:
b6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0D:B0:2D:E7:7A:C7:2E:0B:2B:B8:EF:92:22:24:60:C5:D2:54:4C
X509v3 Authority Key Identifier:
keyid:E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/5A2wLed6xy4LK7jvkiIkYMXSVEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.0.0/21
31.14.50.0/23
31.193.176.0/21
37.72.160.0/21
37.148.176.0/21
46.21.224.0/20
62.182.56.0/21
77.73.96.0/21
77.241.80.0/20
79.174.128.0/21
83.217.64.0/19
87.238.160.0/21
88.151.240.0/21
89.36.74.0/23
89.42.54.0/23
89.44.166.0/23
93.115.168.0/23
94.176.98.0/23
176.62.160.0/20
178.208.32.0/19
185.2.52.0/22
185.18.8.0/22
185.76.236.0/22
185.86.16.0/22
185.111.196.0/22
185.162.28.0/22
185.175.196.0/22
185.190.84.0/22
188.93.96.0/21
188.93.152.0/21
188.208.36.0/23
188.211.170.0/23
193.111.95.0/24
193.239.210.0/23
194.26.24.0/24
194.150.224.0/23
194.165.51.0/24
195.13.56.0/23
195.47.215.0/24
195.234.184.0/24
217.19.224.0/20
217.21.176.0/20
IPv6:
2a00:1c98::/32
2a00:7000::/32
2a02:d08::/32
2a03:a800::/32
2a07:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
01:68:5b:48:4d:c4:f7:ab:3c:1c:c9:6d:cd:33:0b:31:a1:92:
e0:2e:db:3b:7a:ce:63:93:b6:fb:52:87:16:d5:10:cd:e6:3f:
b5:43:db:e8:73:6b:0f:65:65:d4:01:90:4d:7a:4a:0f:7a:3e:
47:1b:62:1e:8f:c4:ba:24:a1:98:3e:f5:48:98:24:8b:20:6c:
a1:77:c8:1d:71:2c:56:fe:ba:a6:38:74:d6:03:22:df:7c:dc:
3e:57:84:c1:f9:1f:a4:3e:76:f3:77:4e:80:af:d7:8f:db:b1:
89:8f:a8:47:21:dc:1d:f6:cd:60:44:a2:84:9e:c6:da:86:c2:
1e:d1:c5:25:f6:2a:89:e2:b7:5f:bf:1c:cc:88:00:20:78:9f:
46:d9:b5:f4:b7:40:8f:d3:3b:1c:a3:29:ac:1b:bf:10:7b:0c:
91:1c:67:34:a9:38:67:75:0f:a8:66:90:7c:f1:5b:c2:93:e5:
a2:51:6a:a5:37:ce:7b:d3:1f:6b:f4:65:03:10:d7:bb:a4:e9:
e0:82:21:a4:da:57:6c:f0:67:bb:5f:c3:96:4a:ae:48:9c:72:
6b:dd:5a:e5:47:d3:46:d6:37:cb:d3:cd:33:25:e7:df:1d:64:
e6:08:f4:00:d0:b0:6a:69:9e:d2:1a:ef:36:06:bc:78:52:a6:
5c:9a:b7:be
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZX3BsEmvUGXSTrys79dTpfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTEwYWNjZTMzYWM4NTAxMWNhOGMyMmQyMDAxNjY2ZTQ1
YjkzNzcwHhcNMjUwNDAyMTUwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBkYjAyZGU3N2FjNzJlMGIyYmI4ZWY5MjIyMjQ2MGM1ZDI1NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooeyNCWamraTCg4L//W96m2fwfV9
LYBI9yV7VEuwqB/DfVfQerQD6JhXlN3YpVaWdSJs4yvYJf/w6TTVdoBjtnoZYBQP
XX9w/CIMC2BxL+6T2jPeDxN96NnXGtvNxDrDEtLdxLog2/5jbT/c1QCIeplsAeQQ
rZumlxVK0wj5DGOnn0fzXfjIXnGDsU3Zc3+b8FLtkqorlHSO4S7su6D15tM+yaSr
87179ELvBuBU2oqhC/CMP8JGtcgyz+o01fsjDRW28kpT/ynUeza7Don25sL3WVhx
Ez/U4trW1OZv9GeWmtzheCZRiIppZSXRsQuEiQlx6xVAhNiH1rQ/FW626wIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFOQNsC3nescuCyu475IiJGDF0lRMMB8GA1UdIwQY
MBaAFOIRCszjOshQEcqMItIAFmbkW5N3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEt
ZDMzZjA4ZjNhNDhkLzEvNUEyd0xlZDZ4eTRMSzdqdmtpSWtZTVhTVkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEtZDMzZjA4ZjNhNDhk
LzEvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAQMEAgABMIH8
AwQDBYYAAwQBHw4yAwQDH8GwAwQDJUigAwQDJZSwAwQELhXgAwQDPrY4AwQDTUlg
AwQETfFQAwQDT66AAwQFU9lAAwQDV+6gAwQDWJfwAwQBWSRKAwQBWSo2AwQBWSym
AwQBXXOoAwQBXrBiAwQEsD6gAwQFstAgAwQCuQI0AwQCuRIIAwQCuUzsAwQCuVYQ
AwQCuW/EAwQCuaIcAwQCua/EAwQCub5UAwQDvF1gAwQDvF2YAwQBvNAkAwQBvNOq
AwQAwW9fAwQBwe/SAwQAwhoYAwQBwpbgAwQAwqUzAwQBww04AwQAwy/XAwQAw+q4
AwQE2RPgAwQE2RWwMCkEAgACMCMDBQAqAByYAwUAKgBwAAMFACoCDQgDBQAqA6gA
AwUDKgfKgDANBgkqhkiG9w0BAQsFAAOCAQEAAWhbSE3E96s8HMltzTMLMaGS4C7b
O3rOY5O2+1KHFtUQzeY/tUPb6HNrD2Vl1AGQTXpKD3o+RxtiHo/EuiShmD71SJgk
iyBsoXfIHXEsVv66pjh01gMi33zcPleEwfkfpD5283dOgK/Xj9uxiY+oRyHcHfbN
YESihJ7G2obCHtHFJfYqieK3X78czIgAIHifRtm19LdAj9M7HKMprBu/EHsMkRxn
NKk4Z3UPqGaQfPFbwpPlolFqpTfOe9Mfa/RlAxDXu6Tp4IIhpNpXbPBnu1/Dlkqu
SJxya91a5UfTRtY3y9PNMyXn3x1k5gj0ANCwamme0hrvNga8eFKmXJq3vg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:44 2025 by rpki-client on console.sobornost.net