Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/THEjTsFNcxDVZEOdq3GfXqXC4zc.roa
File: THEjTsFNcxDVZEOdq3GfXqXC4zc.roa (raw, json)
Hash identifier: x5CBmcScUC+Y/Wuw5WgYT+dNtpSqSEasQSVqzZJLzc4=
Subject key identifier: 4C:71:23:4E:C1:4D:73:10:D5:64:43:9D:AB:71:9F:5E:A5:C2:E3:37
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 0194A701E47AB9DADED7948AE9E1A7CC444D
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/THEjTsFNcxDVZEOdq3GfXqXC4zc.roa
Signing time: Mon 27 Jan 2025 09:05:06 +0000
ROA not before: Mon 27 Jan 2025 09:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202207
IP address blocks: 5.56.160.0/21 maxlen: 24
5.56.160.0/22 maxlen: 22
5.56.160.0/24 maxlen: 24
5.56.164.0/22 maxlen: 22
5.181.44.0/22 maxlen: 24
5.181.44.0/23 maxlen: 23
5.181.46.0/23 maxlen: 23
185.5.124.0/22 maxlen: 24
185.5.124.0/23 maxlen: 23
185.5.126.0/23 maxlen: 23
2a03:1c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:01:e4:7a:b9:da:de:d7:94:8a:e9:e1:a7:cc:44:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jan 27 09:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c71234ec14d7310d564439dab719f5ea5c2e337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f9:12:d4:f1:3a:59:c8:ca:7a:b7:10:62:71:
ff:66:39:9e:32:70:b9:2a:50:ad:7d:22:7c:04:db:
8d:bc:63:2f:31:3d:c7:78:5f:46:09:24:e9:73:0d:
cd:73:0d:a6:43:7f:01:41:79:fe:d6:21:8f:c7:cd:
84:f0:a7:25:09:1e:ed:14:07:a4:52:d9:ec:44:83:
fc:a4:1c:92:40:93:0a:3c:65:28:f2:97:a2:89:cd:
95:35:df:72:26:f0:9f:30:48:f1:78:6b:d7:21:13:
ad:cb:d6:b0:4b:ec:6d:e7:da:73:9d:90:0b:3e:ea:
bf:ce:c1:d4:09:14:ad:3b:02:81:41:bd:c3:15:75:
ed:6d:f2:fa:f2:1c:fb:f3:7e:1d:12:40:b7:3a:9e:
41:87:24:33:aa:30:53:de:08:e4:54:e6:48:be:66:
be:31:50:d4:5e:c7:4c:e0:52:54:32:98:6f:bc:09:
b1:63:9b:22:2f:61:3d:2e:6b:db:16:09:32:6e:0e:
b1:15:4c:9c:6c:4a:6c:47:55:6b:50:25:35:3d:da:
f6:a6:db:09:2f:a5:c6:af:96:85:4e:9c:22:a6:b3:
5a:c7:ad:fd:e5:bc:df:24:f9:10:ce:48:c5:b5:04:
b5:8e:79:24:f8:9c:de:cc:4c:78:a8:40:83:d7:c9:
fd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:71:23:4E:C1:4D:73:10:D5:64:43:9D:AB:71:9F:5E:A5:C2:E3:37
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/THEjTsFNcxDVZEOdq3GfXqXC4zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.160.0/21
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:87:1a:0d:92:28:99:17:52:da:15:b9:9b:05:9c:f9:f0:ca:
a0:1e:63:35:01:9c:3a:ed:d7:23:15:02:cb:a3:06:02:d8:ee:
ac:8e:fe:42:d8:b0:a9:b5:8d:a8:a4:32:5a:92:95:e8:ed:65:
a0:84:14:6f:51:33:77:59:67:1a:54:da:a7:b1:eb:07:6d:b9:
75:83:65:15:14:e8:41:d4:1d:c9:08:85:9e:66:71:bf:98:8c:
c4:41:ab:fc:f1:ac:ce:39:9e:e9:3d:e4:8c:7b:4e:38:e6:40:
70:fa:6b:31:8c:b0:89:78:0e:85:f3:ef:48:cf:1a:a2:c6:33:
2c:50:23:c0:b5:32:0d:64:8f:7b:db:02:e7:26:46:d8:4a:6c:
e3:48:d8:42:25:57:bc:8c:e8:c7:b6:0d:57:06:f2:86:c7:c1:
f6:3e:d3:66:a4:8a:3f:95:e8:72:c3:9d:4c:e1:f8:50:e1:5c:
72:61:89:6e:16:6b:3e:2a:e3:d3:a6:45:98:0e:37:03:78:c2:
98:1c:ed:46:77:16:c1:ff:7c:64:fb:11:00:69:9e:ff:83:f4:
44:8a:62:fc:e3:81:e9:0b:0c:aa:d6:d2:f5:db:12:12:ff:37:
39:4d:e7:4a:6f:57:c5:fd:c8:b9:61:26:2d:24:33:18:99:35:
cc:11:57:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZSnAeR6udre15SK6eGnzERNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjUwMTI3MDkwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzcxMjM0ZWMxNGQ3MzEwZDU2NDQzOWRhYjcxOWY1ZWE1YzJlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PkS1PE6WcjKercQYnH/ZjmeMnC5
KlCtfSJ8BNuNvGMvMT3HeF9GCSTpcw3Ncw2mQ38BQXn+1iGPx82E8KclCR7tFAek
UtnsRIP8pBySQJMKPGUo8peiic2VNd9yJvCfMEjxeGvXIROty9awS+xt59pznZAL
Puq/zsHUCRStOwKBQb3DFXXtbfL68hz7834dEkC3Op5BhyQzqjBT3gjkVOZIvma+
MVDUXsdM4FJUMphvvAmxY5siL2E9LmvbFgkybg6xFUycbEpsR1VrUCU1Pdr2ptsJ
L6XGr5aFTpwiprNax6395bzfJPkQzkjFtQS1jnkk+JzezEx4qECD18n9zQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFExxI07BTXMQ1WRDnatxn16lwuM3MB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvVEhFalRzRk5jeERWWkVPZHEzR2ZYcVhDNHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBTigAwQC
BbUsAwQCuQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQAShxoN
kiiZF1LaFbmbBZz58MqgHmM1AZw67dcjFQLLowYC2O6sjv5C2LCptY2opDJakpXo
7WWghBRvUTN3WWcaVNqnsesHbbl1g2UVFOhB1B3JCIWeZnG/mIzEQav88azOOZ7p
PeSMe0445kBw+msxjLCJeA6F8+9IzxqixjMsUCPAtTINZI972wLnJkbYSmzjSNhC
JVe8jOjHtg1XBvKGx8H2PtNmpIo/lehyw51M4fhQ4VxyYYluFms+KuPTpkWYDjcD
eMKYHO1GdxbB/3xk+xEAaZ7/g/REimL844HpCwyq1tL12xIS/zc5TedKb1fF/ci5
YSYtJDMYmTXMEVf4
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net