Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/jKXSdO5ssbkO4UKFgozgol3vJu8.roa
File: jKXSdO5ssbkO4UKFgozgol3vJu8.roa (raw, json)
Hash identifier: YPGfH29SvdQa56v2zyyalhu8hoDoDzq+0aoLmhKUw7Q=
Subject key identifier: 8C:A5:D2:74:EE:6C:B1:B9:0E:E1:42:85:82:8C:E0:A2:5D:EF:26:EF
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 019424455CEE2A144DB337328B3C2E49D463
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/jKXSdO5ssbkO4UKFgozgol3vJu8.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58345
IP address blocks: 5.134.32.0/20 maxlen: 20
185.102.204.0/22 maxlen: 22
193.108.206.0/23 maxlen: 23
193.108.230.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5c:ee:2a:14:4d:b3:37:32:8b:3c:2e:49:d4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ca5d274ee6cb1b90ee14285828ce0a25def26ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d8:a4:54:85:d6:73:3e:17:60:8a:e9:6b:56:
41:bd:42:cf:9f:6e:4b:9d:3f:cf:63:6c:22:63:b0:
33:64:07:95:b9:a2:0b:3f:49:78:63:b1:44:7a:9d:
ac:40:30:76:11:77:71:c4:29:f1:ac:ea:d4:c3:1c:
bd:57:fa:e3:a3:ab:dc:d0:aa:44:c5:0e:b9:79:b1:
69:5b:59:45:78:33:73:ab:5d:9a:78:e0:0b:33:98:
60:94:28:a5:1e:e8:9e:68:4b:b8:51:5b:6c:81:7c:
34:21:8a:3b:a3:e4:73:17:8e:a4:98:b4:14:69:85:
83:4a:27:33:82:77:3e:de:8b:18:68:79:59:1e:37:
58:ea:3a:cc:9d:c5:18:88:ee:33:d2:93:24:47:8c:
eb:3f:a5:5f:79:17:bf:c4:42:85:51:ea:eb:e9:9c:
29:66:84:25:f8:96:12:8d:9d:e4:98:fe:26:82:a6:
6a:c5:e2:39:ba:0b:92:3b:7b:9e:0c:8b:0b:ff:4b:
85:fa:63:be:81:c1:ce:24:69:96:ec:44:66:dc:c7:
52:63:e0:8f:21:d5:27:bb:1f:cd:d7:40:fe:dd:a4:
8e:0d:31:77:59:de:05:a2:17:73:06:57:02:32:3f:
37:fd:24:53:67:41:bf:81:4f:26:3b:de:d6:93:d0:
2c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A5:D2:74:EE:6C:B1:B9:0E:E1:42:85:82:8C:E0:A2:5D:EF:26:EF
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/jKXSdO5ssbkO4UKFgozgol3vJu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.32.0/20
185.102.204.0/22
193.108.206.0/23
193.108.230.0/23
Signature Algorithm: sha256WithRSAEncryption
37:9d:8e:bf:d5:93:c3:0b:a8:fa:43:c6:b7:2f:2d:51:7c:56:
b2:58:d8:8c:4a:28:79:9a:6f:0b:5a:cf:13:26:60:35:4f:94:
db:88:3c:52:d2:9c:6c:96:28:66:e6:56:30:0e:91:0b:8c:eb:
fe:a7:d5:4c:73:74:ac:57:ec:c8:89:39:30:dd:58:92:09:f6:
90:88:3e:02:53:9a:0d:a2:7c:c7:6e:65:2d:38:5d:02:71:27:
6b:08:98:fe:89:d4:4f:c8:20:b6:4a:33:f2:5c:f5:5b:2a:a5:
33:13:1a:16:f4:4b:41:82:b3:e1:62:37:4b:d8:cc:4e:d9:c2:
54:cc:2e:5a:d9:24:c7:20:cb:93:67:05:71:16:8f:e2:a6:37:
82:eb:f4:ed:cf:dd:64:66:36:cc:ca:34:47:89:ed:2c:20:ce:
c9:73:d6:b8:57:e1:0a:8c:f2:5c:70:d0:f9:9f:fc:03:61:cf:
90:79:ed:d7:93:0e:f0:02:51:35:71:ae:3f:57:41:e6:b0:05:
98:37:91:55:11:75:59:37:6e:dd:36:bf:06:36:1c:1d:b0:9f:
b2:32:4c:05:13:16:8d:7f:0a:f6:49:e3:1d:b7:91:99:05:f1:
94:0f:1f:95:08:a5:f1:86:99:68:1b:a1:69:06:6a:20:aa:68:
db:10:4b:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRVzuKhRNszcyizwuSdRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E1ZDI3NGVlNmNiMWI5MGVlMTQyODU4MjhjZTBhMjVkZWYyNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NikVIXWcz4XYIrpa1ZBvULPn25L
nT/PY2wiY7AzZAeVuaILP0l4Y7FEep2sQDB2EXdxxCnxrOrUwxy9V/rjo6vc0KpE
xQ65ebFpW1lFeDNzq12aeOALM5hglCilHuieaEu4UVtsgXw0IYo7o+RzF46kmLQU
aYWDSiczgnc+3osYaHlZHjdY6jrMncUYiO4z0pMkR4zrP6VfeRe/xEKFUerr6Zwp
ZoQl+JYSjZ3kmP4mgqZqxeI5uguSO3ueDIsL/0uF+mO+gcHOJGmW7ERm3MdSY+CP
IdUnux/N10D+3aSODTF3Wd4FohdzBlcCMj83/SRTZ0G/gU8mO97Wk9AsmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIyl0nTubLG5DuFChYKM4KJd7ybvMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvaktYU2RPNXNzYmtPNFVLRmdvemdvbDN2SnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBYYgAwQC
uWbMAwQBwWzOAwQBwWzmMA0GCSqGSIb3DQEBCwUAA4IBAQA3nY6/1ZPDC6j6Q8a3
Ly1RfFayWNiMSih5mm8LWs8TJmA1T5TbiDxS0pxslihm5lYwDpELjOv+p9VMc3Ss
V+zIiTkw3ViSCfaQiD4CU5oNonzHbmUtOF0CcSdrCJj+idRPyCC2SjPyXPVbKqUz
ExoW9EtBgrPhYjdL2MxO2cJUzC5a2STHIMuTZwVxFo/ipjeC6/Ttz91kZjbMyjRH
ie0sIM7Jc9a4V+EKjPJccND5n/wDYc+Qee3Xkw7wAlE1ca4/V0HmsAWYN5FVEXVZ
N27dNr8GNhwdsJ+yMkwFExaNfwr2SeMdt5GZBfGUDx+VCKXxhploG6FpBmogqmjb
EEvG
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:04:04 2025 by rpki-client on console.sobornost.net