Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/2GHxfiOPwbVOTy5G53i5QmAAwSg.roa
File: 2GHxfiOPwbVOTy5G53i5QmAAwSg.roa (raw, json)
Hash identifier: iadwsn+4MKu/mlQdggoj9cx+xrbMZwAE31ck5bH3Eho=
Subject key identifier: D8:61:F1:7E:23:8F:C1:B5:4E:4F:2E:46:E7:78:B9:42:60:00:C1:28
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 0194266BB2A8CA9EA8E2314DE35EA838EF39
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/2GHxfiOPwbVOTy5G53i5QmAAwSg.roa
Signing time: Thu 02 Jan 2025 09:49:39 +0000
ROA not before: Thu 02 Jan 2025 09:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29037
IP address blocks: 5.57.192.0/21 maxlen: 24
77.236.104.0/21 maxlen: 24
77.236.112.0/21 maxlen: 24
79.171.176.0/21 maxlen: 24
82.115.96.0/19 maxlen: 24
93.119.240.0/20 maxlen: 24
178.248.216.0/21 maxlen: 24
185.5.168.0/22 maxlen: 24
185.39.108.0/22 maxlen: 24
192.54.67.0/24 maxlen: 24
192.54.68.0/22 maxlen: 24
212.7.160.0/19 maxlen: 24
217.17.16.0/20 maxlen: 24
2a01:5580::/32 maxlen: 48
2a02:1628::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b2:a8:ca:9e:a8:e2:31:4d:e3:5e:a8:38:ef:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Jan 2 09:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d861f17e238fc1b54e4f2e46e778b9426000c128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e7:2f:35:27:e4:85:66:de:92:ec:75:25:e3:
12:bf:f6:78:d6:5f:9e:e8:83:90:ff:0c:f9:95:d2:
88:ce:62:da:71:7c:d0:16:72:92:61:03:0b:61:dd:
1a:d9:be:3e:49:19:1a:8a:50:fd:d5:8f:a5:39:0c:
80:52:3e:9c:89:65:5a:22:9b:41:00:69:29:aa:80:
52:1f:b3:da:98:85:be:8f:0b:8c:ac:81:9c:e5:57:
e8:69:6e:28:ea:98:fb:46:f0:e9:be:34:ed:41:3d:
66:0a:e7:cd:60:48:be:42:32:06:e2:f9:be:ab:a3:
84:d1:30:d2:b9:37:2e:ba:9c:98:e5:0d:e2:a8:34:
4b:a4:f3:27:fe:bc:4c:4e:1a:c4:1b:c1:b8:b0:d0:
c8:ff:25:27:2d:3d:30:00:f7:1f:88:a3:b4:26:76:
60:65:61:2c:73:e4:04:bd:b2:51:0d:7c:2d:68:79:
b7:34:f8:73:80:7b:a1:33:f8:37:12:5c:65:67:09:
e5:26:ed:4f:a6:e7:91:33:fc:7b:a8:34:1a:4c:de:
63:88:a9:f6:14:3d:0e:33:01:7c:2b:24:32:28:b4:
08:25:9c:b6:8c:b3:61:2d:ba:ae:5f:0e:e0:b9:55:
d3:e1:8b:bd:0e:11:aa:8a:d1:6f:3d:dd:91:23:c2:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:61:F1:7E:23:8F:C1:B5:4E:4F:2E:46:E7:78:B9:42:60:00:C1:28
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/2GHxfiOPwbVOTy5G53i5QmAAwSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.192.0/21
77.236.104.0-77.236.119.255
79.171.176.0/21
82.115.96.0/19
93.119.240.0/20
178.248.216.0/21
185.5.168.0/22
185.39.108.0/22
192.54.67.0-192.54.71.255
212.7.160.0/19
217.17.16.0/20
IPv6:
2a01:5580::/32
2a02:1628::/32
Signature Algorithm: sha256WithRSAEncryption
6c:47:21:b6:cd:50:4b:9c:95:d3:35:f0:3e:a0:13:18:79:6b:
04:57:28:c2:ab:25:44:cd:0f:2c:4c:a6:ea:de:6e:f4:f8:e4:
5e:e3:f1:7c:dd:06:84:04:87:80:7d:48:bb:70:13:74:ee:f5:
85:ad:45:6c:6a:30:6b:a3:39:46:81:82:ee:8c:18:ff:a9:a9:
34:19:26:93:dd:28:e8:86:7e:b3:5a:22:94:1c:3a:0c:08:89:
21:58:69:11:65:81:ee:53:ee:ee:7b:d8:ac:4d:94:ce:57:00:
7d:97:2d:82:51:a2:dc:3a:d9:d9:4a:16:4c:6c:2c:9e:4f:dd:
af:07:40:eb:2f:23:f8:32:d2:ad:de:b3:94:ba:09:e4:e4:f5:
2a:da:7e:2a:6a:db:c6:a7:8a:e3:b8:28:ea:6c:fb:55:c9:e4:
31:f1:80:cc:8c:d6:be:86:64:fb:de:38:96:5b:77:5e:91:09:
4c:38:05:25:8c:e0:ea:55:9a:5f:66:11:8b:d7:9a:a7:78:4e:
e5:16:d5:42:df:00:a8:ad:5d:5f:c6:b6:d4:94:64:2b:bc:0b:
e7:8c:15:06:95:b1:1e:d8:c4:26:df:a1:b8:58:e5:71:66:37:
94:ac:8d:c4:e1:8f:c2:44:72:d7:33:0b:f5:85:44:dd:6e:5d:
fd:b5:ca:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZQma7Koyp6o4jFN416oOO85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjUwMTAyMDk0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYxZjE3ZTIzOGZjMWI1NGU0ZjJlNDZlNzc4Yjk0MjYwMDBjMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+cvNSfkhWbekux1JeMSv/Z41l+e
6IOQ/wz5ldKIzmLacXzQFnKSYQMLYd0a2b4+SRkailD91Y+lOQyAUj6ciWVaIptB
AGkpqoBSH7PamIW+jwuMrIGc5VfoaW4o6pj7RvDpvjTtQT1mCufNYEi+QjIG4vm+
q6OE0TDSuTcuupyY5Q3iqDRLpPMn/rxMThrEG8G4sNDI/yUnLT0wAPcfiKO0JnZg
ZWEsc+QEvbJRDXwtaHm3NPhzgHuhM/g3ElxlZwnlJu1PpueRM/x7qDQaTN5jiKn2
FD0OMwF8KyQyKLQIJZy2jLNhLbquXw7guVXT4Yu9DhGqitFvPd2RI8K/wwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFNhh8X4jj8G1Tk8uRud4uUJgAMEoMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvMkdIeGZpT1B3YlZPVHk1RzUzaTVRbUFBd1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUgMEAwU5wDAM
AwQDTexoAwQDTexwAwQDT6uwAwQFUnNgAwQEXXfwAwQDsvjYAwQCuQWoAwQCuSds
MAwDBADANkMDBAPANkADBAXUB6ADBATZERAwFAQCAAIwDgMFACoBVYADBQAqAhYo
MA0GCSqGSIb3DQEBCwUAA4IBAQBsRyG2zVBLnJXTNfA+oBMYeWsEVyjCqyVEzQ8s
TKbq3m70+ORe4/F83QaEBIeAfUi7cBN07vWFrUVsajBrozlGgYLujBj/qak0GSaT
3Sjohn6zWiKUHDoMCIkhWGkRZYHuU+7ue9isTZTOVwB9ly2CUaLcOtnZShZMbCye
T92vB0DrLyP4MtKt3rOUugnk5PUq2n4qatvGp4rjuCjqbPtVyeQx8YDMjNa+hmT7
3jiWW3dekQlMOAUljODqVZpfZhGL15qneE7lFtVC3wCorV1fxrbUlGQrvAvnjBUG
lbEe2MQm36G4WOVxZjeUrI3E4Y/CRHLXMwv1hUTdbl39tcqK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:17 2025 by rpki-client on console.sobornost.net