Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d25e14-625d-47b5-a0ec-848f73df8b20/1/zohWKsAJg1AB7BcLgO5mP203ZJ8.roa
File: zohWKsAJg1AB7BcLgO5mP203ZJ8.roa (raw, json)
Hash identifier: qyr9zS4mbTGjUUiqIIIhploYFAxZHgevrVarc4Vt5k8=
Subject key identifier: CE:88:56:2A:C0:09:83:50:01:EC:17:0B:80:EE:66:3F:6D:37:64:9F
Certificate issuer: /CN=e6c9d48a18c3c0d2e4e63a7b83885a7967755826
Certificate serial: 019426D8AB67F653FC13BEA72A61D41F7E84
Authority key identifier: E6:C9:D4:8A:18:C3:C0:D2:E4:E6:3A:7B:83:88:5A:79:67:75:58:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5snUihjDwNLk5jp7g4haeWd1WCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d25e14-625d-47b5-a0ec-848f73df8b20/1/zohWKsAJg1AB7BcLgO5mP203ZJ8.roa
Signing time: Thu 02 Jan 2025 11:48:41 +0000
ROA not before: Thu 02 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25180
IP address blocks: 5.148.0.0/17 maxlen: 17
5.148.104.0/24 maxlen: 24
5.148.128.0/19 maxlen: 19
31.221.0.0/17 maxlen: 17
62.244.160.0/19 maxlen: 19
83.244.128.0/17 maxlen: 17
109.231.192.0/18 maxlen: 18
149.63.0.0/16 maxlen: 16
167.98.0.0/16 maxlen: 16
176.46.160.0/19 maxlen: 19
2a00:1d40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:ab:67:f6:53:fc:13:be:a7:2a:61:d4:1f:7e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c9d48a18c3c0d2e4e63a7b83885a7967755826
Validity
Not Before: Jan 2 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce88562ac009835001ec170b80ee663f6d37649f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:32:f1:68:c8:09:e2:cc:25:16:60:0d:92:
e0:8c:30:6f:84:68:0c:bc:a9:f2:66:b6:31:3f:a5:
82:3f:d5:7a:56:f1:1e:3f:fd:05:9f:92:d2:4e:5e:
ba:bc:82:6c:e9:16:2d:c0:ca:9c:bb:7e:b9:45:f3:
ab:93:27:02:75:c9:29:11:e6:ec:72:81:f4:71:4f:
f5:40:25:b7:ea:62:0f:03:89:61:83:fc:1c:c8:b5:
7e:9f:02:48:c3:06:e8:57:be:e9:3c:f9:a1:b7:41:
f0:a4:28:de:72:e4:e6:46:02:a0:e5:1e:f5:9f:19:
82:bd:38:01:8e:4a:c6:47:25:fa:f0:b8:61:31:74:
29:12:71:0b:59:b9:fa:f5:f5:f8:8c:c7:3f:62:41:
f1:34:52:cd:0b:42:b2:87:b3:f9:7c:f6:22:36:31:
a2:ed:e7:6e:b4:fa:2a:8e:63:85:77:37:ca:fc:9a:
c4:ca:59:b4:fa:8c:6b:22:58:18:55:21:4c:28:a3:
4d:04:ba:dd:d2:6e:1f:4e:b0:4a:d0:a6:43:f2:aa:
57:03:cd:58:f1:e2:6b:6e:84:2a:ab:77:cf:a7:c3:
e8:be:4e:4b:9c:91:3c:c1:94:67:bf:8c:5c:6d:b5:
fc:e6:8a:2b:fc:df:ca:63:b4:55:0e:b8:73:b0:81:
c3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:88:56:2A:C0:09:83:50:01:EC:17:0B:80:EE:66:3F:6D:37:64:9F
X509v3 Authority Key Identifier:
keyid:E6:C9:D4:8A:18:C3:C0:D2:E4:E6:3A:7B:83:88:5A:79:67:75:58:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5snUihjDwNLk5jp7g4haeWd1WCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d25e14-625d-47b5-a0ec-848f73df8b20/1/zohWKsAJg1AB7BcLgO5mP203ZJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d25e14-625d-47b5-a0ec-848f73df8b20/1/5snUihjDwNLk5jp7g4haeWd1WCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.148.0.0-5.148.159.255
31.221.0.0/17
62.244.160.0/19
83.244.128.0/17
109.231.192.0/18
149.63.0.0/16
167.98.0.0/16
176.46.160.0/19
IPv6:
2a00:1d40::/32
Signature Algorithm: sha256WithRSAEncryption
0e:93:2f:4d:9f:ca:da:06:52:2e:e3:93:89:c4:c5:5d:2e:50:
04:92:0f:66:65:ac:b6:7b:cb:85:26:51:bd:a1:da:ca:b5:40:
5c:49:81:ea:fd:43:2b:02:b8:19:bc:cb:cf:74:ca:15:05:f8:
0e:23:c2:64:1d:20:6c:d8:dc:e4:45:45:39:56:30:46:94:4f:
08:23:56:d4:64:45:a1:00:19:ca:60:b4:e5:b0:e3:21:27:4c:
f0:f2:15:46:20:43:52:5e:56:05:50:30:99:54:a7:4f:c5:d0:
b0:ed:a3:96:9a:4d:bc:f2:17:46:84:3e:8e:47:e7:11:f5:bb:
b8:79:7a:c4:c7:6d:47:ef:67:7c:d7:b7:4e:58:22:15:db:f4:
94:1a:75:d7:31:f3:b5:c6:36:e2:3c:55:d3:8d:b6:d7:c5:7b:
bc:7a:16:31:8a:19:3f:f9:88:e4:a1:95:3f:ee:55:d0:ff:d0:
c9:1e:6c:c1:12:d7:18:7d:cd:8d:d2:ae:df:a5:b0:55:e2:1e:
56:7a:01:d0:28:5b:82:d2:cf:6d:f2:90:50:45:b5:80:6e:92:
45:ff:fc:04:59:a6:61:54:d9:4c:f6:f8:ba:24:c4:17:c7:82:
95:be:a3:31:cf:24:8d:ff:12:2a:b3:45:c2:a3:cf:a7:bc:3b:
4b:18:b3:92
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQm2Ktn9lP8E76nKmHUH36EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzlkNDhhMThjM2MwZDJlNGU2M2E3YjgzODg1YTc5Njc3
NTU4MjYwHhcNMjUwMTAyMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTg4NTYyYWMwMDk4MzUwMDFlYzE3MGI4MGVlNjYzZjZkMzc2NDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta0y8WjICeLMJRZgDZLgjDBvhGgM
vKnyZrYxP6WCP9V6VvEeP/0Fn5LSTl66vIJs6RYtwMqcu365RfOrkycCdckpEebs
coH0cU/1QCW36mIPA4lhg/wcyLV+nwJIwwboV77pPPmht0HwpCjecuTmRgKg5R71
nxmCvTgBjkrGRyX68LhhMXQpEnELWbn69fX4jMc/YkHxNFLNC0Kyh7P5fPYiNjGi
7edutPoqjmOFdzfK/JrEylm0+oxrIlgYVSFMKKNNBLrd0m4fTrBK0KZD8qpXA81Y
8eJrboQqq3fPp8Povk5LnJE8wZRnv4xcbbX85oor/N/KY7RVDrhzsIHDlwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFM6IVirACYNQAewXC4DuZj9tN2SfMB8GA1UdIwQY
MBaAFObJ1IoYw8DS5OY6e4OIWnlndVgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNuVWloakR3TkxrNWpwN2c0aGFlV2QxV0NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kMjVlMTQtNjI1ZC00N2I1LWEwZWMt
ODQ4ZjczZGY4YjIwLzEvem9oV0tzQUpnMUFCN0JjTGdPNW1QMjAzWko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kMjVlMTQtNjI1ZC00N2I1LWEwZWMtODQ4ZjczZGY4YjIw
LzEvNXNuVWloakR3TkxrNWpwN2c0aGFlV2QxV0NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA7BAIAATA1MAsDAwIFlAME
BQWUgAMEBx/dAAMEBT70oAMEB1P0gAMEBm3nwAMDAJU/AwMAp2IDBAWwLqAwDQQC
AAIwBwMFACoAHUAwDQYJKoZIhvcNAQELBQADggEBAA6TL02fytoGUi7jk4nExV0u
UASSD2ZlrLZ7y4UmUb2h2sq1QFxJger9QysCuBm8y890yhUF+A4jwmQdIGzY3ORF
RTlWMEaUTwgjVtRkRaEAGcpgtOWw4yEnTPDyFUYgQ1JeVgVQMJlUp0/F0LDto5aa
TbzyF0aEPo5H5xH1u7h5esTHbUfvZ3zXt05YIhXb9JQaddcx87XGNuI8VdONttfF
e7x6FjGKGT/5iOShlT/uVdD/0MkebMES1xh9zY3Srt+lsFXiHlZ6AdAoW4LSz23y
kFBFtYBukkX//ARZpmFU2Uz2+LokxBfHgpW+ozHPJI3/EiqzRcKjz6e8O0sYs5I=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net