Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/3aqe87dN2fz6qQQtxNwtFo2__ps.roa
File: 3aqe87dN2fz6qQQtxNwtFo2__ps.roa (raw, json)
Hash identifier: Lt1Bd1g6jAvktpInXW5Oo10n3abY0buPeadfOybeVY0=
Subject key identifier: DD:AA:9E:F3:B7:4D:D9:FC:FA:A9:04:2D:C4:DC:2D:16:8D:BF:FE:9B
Certificate issuer: /CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Certificate serial: 0196244BDAC294CBB84A33B3696F74891E8A
Authority key identifier: 4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/3aqe87dN2fz6qQQtxNwtFo2__ps.roa
Signing time: Fri 11 Apr 2025 10:01:12 +0000
ROA not before: Fri 11 Apr 2025 10:01:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41023
IP address blocks: 5.102.64.0/23 maxlen: 23
5.102.66.0/23 maxlen: 23
5.102.68.0/22 maxlen: 22
5.102.71.0/24 maxlen: 24
195.189.78.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:4b:da:c2:94:cb:b8:4a:33:b3:69:6f:74:89:1e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Validity
Not Before: Apr 11 10:01:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddaa9ef3b74dd9fcfaa9042dc4dc2d168dbffe9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6f:01:77:8f:fe:64:30:36:26:fc:86:22:0d:
e6:3f:64:6b:b9:09:a2:11:c0:e9:39:e6:eb:42:a2:
3b:a4:8b:fb:b0:45:92:8e:6f:50:15:9d:64:f3:5c:
60:c0:e2:2b:07:8f:e7:29:30:2b:9f:c9:81:58:b5:
84:4d:00:14:ff:85:c2:6f:53:06:ff:b3:c8:bd:3d:
0f:62:41:ba:b9:c6:a2:a3:dc:6b:dd:6f:2b:b1:c6:
55:59:48:95:ca:b7:b4:4e:78:69:09:c4:a5:7d:62:
26:df:6b:25:22:16:2a:12:7e:9d:c0:8b:a6:bd:7f:
d5:41:fd:9d:ff:87:ae:91:de:d5:3c:cb:b0:25:8d:
75:de:84:17:75:19:95:d0:58:ac:46:d6:57:83:4d:
3f:3b:88:64:f1:30:04:03:25:83:25:19:40:84:5a:
7c:30:64:d5:d3:30:c4:7e:f3:ac:16:3c:c9:fc:9e:
99:a1:d2:7b:4a:cb:2f:55:74:19:ba:b2:b2:a6:41:
20:00:66:5c:ac:c8:1e:33:b8:1e:cc:63:8f:40:0e:
bb:43:8a:90:a1:a7:f2:16:c4:8b:b9:96:7f:69:1b:
d1:90:6c:95:72:a1:73:bc:2a:38:b5:49:30:1c:ea:
5d:1b:79:3b:9f:7d:b7:30:a3:2a:c4:38:9c:c1:94:
81:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AA:9E:F3:B7:4D:D9:FC:FA:A9:04:2D:C4:DC:2D:16:8D:BF:FE:9B
X509v3 Authority Key Identifier:
keyid:4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/3aqe87dN2fz6qQQtxNwtFo2__ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/TtaClltaFeoMReqF7z20vnFnlpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.64.0/21
195.189.78.0/23
Signature Algorithm: sha256WithRSAEncryption
84:e5:03:e9:59:10:2d:44:a2:8d:0f:5a:90:8a:e8:a6:0e:5e:
42:e3:ef:2c:b1:f4:41:af:a8:d2:87:25:08:54:24:e9:fb:cf:
be:03:1b:ae:cb:6d:72:7f:34:d9:4f:db:17:46:aa:01:9e:8b:
0d:5e:77:a0:03:71:43:30:74:39:9a:76:87:ab:7d:b9:0f:1f:
2a:92:2a:4a:02:87:2e:cd:d5:f9:7d:95:7f:80:95:84:b6:09:
99:82:8f:f3:4a:ee:5c:9b:54:c6:00:2e:1c:54:10:3a:95:a1:
c4:c6:60:fb:ea:1e:b5:ca:cd:f9:92:c1:94:8c:5f:93:49:85:
0a:d2:7d:a7:eb:ee:0d:3b:1e:38:e3:df:e2:86:32:72:62:f1:
27:c7:c2:8c:b4:db:96:ba:cb:ba:f4:2c:75:ae:07:0e:25:43:
f7:98:d1:d1:bb:ea:1b:05:9a:75:f5:24:26:7d:56:8c:84:34:
dd:2c:77:c4:b8:6d:02:68:29:65:66:f7:8b:08:cf:99:1a:73:
db:0b:02:cc:79:3b:ef:6e:a2:77:19:23:4d:c7:fc:43:3d:66:
65:ef:dc:73:ba:c9:0f:df:9c:f7:6b:7e:c5:af:cb:af:58:5a:
16:a7:f9:60:01:b8:be:1f:16:96:6b:d6:e7:d3:9d:af:56:d7:
4d:d1:66:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYkS9rClMu4SjOzaW90iR6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDY4Mjk2NWI1YTE1ZWEwYzQ1ZWE4NWVmM2RiNGJlNzE2
Nzk2OTYwHhcNMjUwNDExMTAwMTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFhOWVmM2I3NGRkOWZjZmFhOTA0MmRjNGRjMmQxNjhkYmZmZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA328Bd4/+ZDA2JvyGIg3mP2RruQmi
EcDpOebrQqI7pIv7sEWSjm9QFZ1k81xgwOIrB4/nKTArn8mBWLWETQAU/4XCb1MG
/7PIvT0PYkG6ucaio9xr3W8rscZVWUiVyre0TnhpCcSlfWIm32slIhYqEn6dwIum
vX/VQf2d/4eukd7VPMuwJY113oQXdRmV0FisRtZXg00/O4hk8TAEAyWDJRlAhFp8
MGTV0zDEfvOsFjzJ/J6ZodJ7SssvVXQZurKypkEgAGZcrMgeM7gezGOPQA67Q4qQ
oafyFsSLuZZ/aRvRkGyVcqFzvCo4tUkwHOpdG3k7n323MKMqxDicwZSB2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2qnvO3Tdn8+qkELcTcLRaNv/6bMB8GA1UdIwQY
MBaAFE7WgpZbWhXqDEXqhe89tL5xZ5aWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYt
MTMzZTdlNmY2MDY5LzEvM2FxZTg3ZE4yZno2cVFRdHhOd3RGbzJfX3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYtMTMzZTdlNmY2MDY5
LzEvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBWZAAwQB
w71OMA0GCSqGSIb3DQEBCwUAA4IBAQCE5QPpWRAtRKKND1qQiuimDl5C4+8ssfRB
r6jShyUIVCTp+8++Axuuy21yfzTZT9sXRqoBnosNXnegA3FDMHQ5mnaHq325Dx8q
kipKAocuzdX5fZV/gJWEtgmZgo/zSu5cm1TGAC4cVBA6laHExmD76h61ys35ksGU
jF+TSYUK0n2n6+4NOx4449/ihjJyYvEnx8KMtNuWusu69Cx1rgcOJUP3mNHRu+ob
BZp19SQmfVaMhDTdLHfEuG0CaCllZveLCM+ZGnPbCwLMeTvvbqJ3GSNNx/xDPWZl
79xzuskP35z3a37Fr8uvWFoWp/lgAbi+HxaWa9bn052vVtdN0WYc
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net