Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/24F3NWEaUDo-ywzWotAmlAOE0aY.roa
File: 24F3NWEaUDo-ywzWotAmlAOE0aY.roa (raw, json)
Hash identifier: ERf1+Eo8kcPOcjF9iXtlxaEqblrqJRaC4jpu9Wj4DSs=
Subject key identifier: DB:81:77:35:61:1A:50:3A:3E:CB:0C:D6:A2:D0:26:94:03:84:D1:A6
Certificate issuer: /CN=d291741252bb9c4cda80047dfb01ce98c219d180
Certificate serial: 019423D6A845516DF93E10DA3698FC4C0912
Authority key identifier: D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/24F3NWEaUDo-ywzWotAmlAOE0aY.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209441
IP address blocks: 5.253.220.0/24 maxlen: 24
5.253.221.0/24 maxlen: 24
5.253.222.0/24 maxlen: 24
5.253.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a8:45:51:6d:f9:3e:10:da:36:98:fc:4c:09:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d291741252bb9c4cda80047dfb01ce98c219d180
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db817735611a503a3ecb0cd6a2d026940384d1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7f:ef:e2:39:47:f7:89:fc:fb:a7:38:cf:31:
fa:3e:61:d9:2a:f3:e1:60:2c:cd:25:25:38:0c:55:
7b:34:c8:c0:9e:a1:6a:06:99:51:3d:c4:be:f4:6a:
79:7c:07:96:fd:35:4f:f7:25:99:3e:66:95:6e:65:
0f:63:a9:ac:08:13:71:fd:6a:e7:be:b9:04:dd:a4:
b6:ac:1d:94:e0:d3:a6:74:14:f7:a3:84:e6:27:a8:
80:6d:30:21:2a:84:4b:f9:30:71:c2:17:6d:da:25:
05:dd:ac:2f:5b:c3:cc:e5:63:8c:7f:20:3d:c2:6f:
ce:34:bf:a6:8e:22:b9:c3:98:68:64:42:c9:f1:93:
7c:e3:87:b2:50:9b:5d:47:8d:58:63:22:65:45:4c:
4b:8e:8f:fd:41:98:03:55:cf:28:3a:18:0b:5f:e8:
03:e7:6d:a8:1c:7c:79:e8:da:e0:0a:0c:a5:6d:82:
2f:23:97:3d:e1:a5:8a:c4:e8:8d:c9:d8:99:f8:23:
97:50:38:17:e7:bb:d9:1f:91:99:b6:d3:40:59:64:
03:f2:4c:cb:12:ef:e2:17:dc:77:ae:8b:33:35:3e:
33:38:32:0c:0d:8e:25:45:3b:2c:bf:5b:9a:2e:0d:
9a:44:a5:6f:19:03:44:4e:c8:a6:e5:9b:88:e4:1f:
86:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:81:77:35:61:1A:50:3A:3E:CB:0C:D6:A2:D0:26:94:03:84:D1:A6
X509v3 Authority Key Identifier:
keyid:D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/24F3NWEaUDo-ywzWotAmlAOE0aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.220.0/22
Signature Algorithm: sha256WithRSAEncryption
66:8a:60:44:80:ac:c0:3f:3b:59:fb:51:52:e2:59:33:23:76:
82:a4:d4:bd:82:88:78:ce:7a:2c:09:de:2d:ec:96:d5:40:50:
a6:40:ee:82:4e:a9:ee:1b:9a:0a:ac:bc:f6:f8:8f:bf:1d:9c:
60:ef:91:ac:49:0b:2d:58:e7:98:08:d8:b4:e3:71:6a:17:24:
27:df:fe:81:5c:41:2f:1c:c7:29:c7:3d:88:95:c3:45:20:32:
45:1e:4a:c8:94:77:a9:b2:65:d5:06:6d:56:54:8e:21:68:64:
80:c6:ce:ad:40:0a:9e:5b:dd:86:a5:5e:0c:28:eb:7c:c3:40:
5c:de:13:7b:92:76:d2:cb:74:a5:cb:cf:08:69:94:20:60:71:
05:3f:8c:5a:6d:78:9a:ca:67:51:48:4a:08:0f:c0:ff:51:0d:
55:69:25:a0:b3:78:24:f3:a7:ca:44:32:8a:d5:0c:30:36:b8:
26:85:26:7f:c7:d1:a1:a0:79:13:6a:5d:0a:e0:d6:78:cf:e5:
70:73:3e:d0:01:7b:a9:3e:26:25:bd:42:4d:82:f7:a3:a5:3a:
88:b0:66:96:fa:64:98:24:fe:be:b0:37:2c:38:41:57:a6:6f:
81:c4:e8:ad:9c:bc:83:f2:d0:72:63:79:45:f2:29:7a:45:52:
57:31:d2:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1qhFUW35PhDaNpj8TAkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTE3NDEyNTJiYjljNGNkYTgwMDQ3ZGZiMDFjZTk4YzIx
OWQxODAwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgxNzczNTYxMWE1MDNhM2VjYjBjZDZhMmQwMjY5NDAzODRkMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4n/v4jlH94n8+6c4zzH6PmHZKvPh
YCzNJSU4DFV7NMjAnqFqBplRPcS+9Gp5fAeW/TVP9yWZPmaVbmUPY6msCBNx/Wrn
vrkE3aS2rB2U4NOmdBT3o4TmJ6iAbTAhKoRL+TBxwhdt2iUF3awvW8PM5WOMfyA9
wm/ONL+mjiK5w5hoZELJ8ZN844eyUJtdR41YYyJlRUxLjo/9QZgDVc8oOhgLX+gD
522oHHx56NrgCgylbYIvI5c94aWKxOiNydiZ+COXUDgX57vZH5GZttNAWWQD8kzL
Eu/iF9x3roszNT4zODIMDY4lRTssv1uaLg2aRKVvGQNETsim5ZuI5B+GQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuBdzVhGlA6PssM1qLQJpQDhNGmMB8GA1UdIwQY
MBaAFNKRdBJSu5xM2oAEffsBzpjCGdGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjkt
NDhiOTU3MjY0YzI2LzEvMjRGM05XRWFVRG8teXd6V290QW1sQU9FMGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjktNDhiOTU3MjY0YzI2
LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf3cMA0G
CSqGSIb3DQEBCwUAA4IBAQBmimBEgKzAPztZ+1FS4lkzI3aCpNS9goh4znosCd4t
7JbVQFCmQO6CTqnuG5oKrLz2+I+/HZxg75GsSQstWOeYCNi043FqFyQn3/6BXEEv
HMcpxz2IlcNFIDJFHkrIlHepsmXVBm1WVI4haGSAxs6tQAqeW92GpV4MKOt8w0Bc
3hN7knbSy3Sly88IaZQgYHEFP4xabXiaymdRSEoID8D/UQ1VaSWgs3gk86fKRDKK
1QwwNrgmhSZ/x9GhoHkTal0K4NZ4z+Vwcz7QAXupPiYlvUJNgvejpTqIsGaW+mSY
JP6+sDcsOEFXpm+BxOitnLyD8tByY3lF8il6RVJXMdIz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:24 2025 by rpki-client on console.sobornost.net