Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hUM0lQ0ODj8Qil7w4D2sZvQVB4w.roa
File: hUM0lQ0ODj8Qil7w4D2sZvQVB4w.roa (raw, json)
Hash identifier: 8bKnMQhqygeFZmPwESYE+kESImBLAc2qmeTscpnWZ2s=
Subject key identifier: 85:43:34:95:0D:0E:0E:3F:10:8A:5E:F0:E0:3D:AC:66:F4:15:07:8C
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019619C6AC098352355644DD5C7C24BD3AC7
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hUM0lQ0ODj8Qil7w4D2sZvQVB4w.roa
Signing time: Wed 09 Apr 2025 08:59:32 +0000
ROA not before: Wed 09 Apr 2025 08:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49687
IP address blocks: 5.157.136.0/21 maxlen: 21
5.157.137.0/24 maxlen: 24
5.157.138.0/24 maxlen: 24
5.157.140.0/22 maxlen: 22
5.157.144.0/21 maxlen: 21
5.157.224.0/22 maxlen: 22
37.35.44.0/22 maxlen: 22
146.66.216.0/23 maxlen: 23
178.157.127.0/24 maxlen: 24
188.74.170.0/24 maxlen: 24
188.119.176.0/22 maxlen: 22
2a03:8800::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:c6:ac:09:83:52:35:56:44:dd:5c:7c:24:bd:3a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Apr 9 08:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=854334950d0e0e3f108a5ef0e03dac66f415078c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:94:14:47:78:c6:b1:9f:76:a0:54:5e:0e:
db:be:75:9b:49:3f:b6:72:10:b8:e0:83:a8:6f:40:
77:81:80:2f:88:e9:8e:6a:f5:fd:aa:02:6b:8e:fc:
5b:57:1b:fd:d2:38:a0:d5:6f:79:c6:ef:de:d5:5c:
41:f6:58:91:34:69:ef:2a:5c:d4:d2:51:c6:7c:58:
b0:b9:f7:46:f3:e9:47:3a:47:17:9b:f1:01:63:ad:
15:41:ec:aa:07:fa:9c:23:a9:9b:13:81:af:9c:3b:
7f:47:76:37:48:01:86:d6:4c:84:93:4b:67:8d:e0:
93:fb:d3:55:7d:6c:d1:f5:97:bb:0c:2d:c1:92:92:
a3:c6:cb:f5:bc:6a:4f:f6:e4:06:37:28:25:aa:6d:
d3:6e:33:d5:68:7d:fa:46:45:f4:40:65:78:44:b9:
f2:19:0d:84:73:19:51:60:c0:1c:aa:ff:ba:01:0b:
d7:6c:ed:a9:b6:b7:f7:a4:56:28:82:b4:a0:fd:b0:
cd:f1:44:60:7d:1e:aa:0b:81:89:34:25:36:97:d0:
ad:bb:2e:e7:7c:73:34:1c:59:d1:53:8d:5f:5b:e7:
b3:7f:45:ce:f4:4e:20:a1:5c:57:03:a7:14:55:69:
13:9e:9a:f6:db:ee:14:33:45:fa:de:85:d5:2e:af:
d6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:43:34:95:0D:0E:0E:3F:10:8A:5E:F0:E0:3D:AC:66:F4:15:07:8C
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hUM0lQ0ODj8Qil7w4D2sZvQVB4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0-5.157.151.255
5.157.224.0/22
37.35.44.0/22
146.66.216.0/23
178.157.127.0/24
188.74.170.0/24
188.119.176.0/22
IPv6:
2a03:8800::/32
Signature Algorithm: sha256WithRSAEncryption
9f:7e:e2:3f:48:51:f2:46:b5:61:45:0f:be:47:57:70:fe:81:
66:bc:33:4d:b1:21:af:bd:81:b1:50:aa:9a:1d:cf:45:69:25:
88:34:05:97:dc:ed:6f:08:74:a9:e4:af:fa:c2:4c:35:06:58:
40:f0:cb:f5:e1:66:23:7d:d5:b1:ba:7a:ba:b8:98:44:71:8e:
27:ac:11:d0:eb:c6:ec:7d:68:17:18:7b:3f:6c:1e:38:fb:d7:
ea:34:c5:89:f1:c9:02:14:56:ce:2b:26:3a:d4:77:4b:32:a9:
d2:dd:1b:87:95:ee:c2:fc:c2:4c:9d:d8:b2:2c:bb:e3:bc:e0:
00:f6:cf:39:a2:9d:28:03:60:03:1e:87:61:eb:c3:d9:b6:69:
53:0d:7d:a2:b1:ce:6f:7b:88:f6:76:ca:f4:d1:ae:96:f6:dc:
63:9f:4e:0b:73:45:be:33:6f:ef:4a:78:1e:31:06:7f:3a:4d:
ab:7c:29:15:29:dc:81:b5:3d:fe:b6:50:7b:24:c7:76:5c:77:
82:3a:38:8d:dc:42:a6:6d:fe:69:c2:60:9d:45:88:5b:64:b1:
48:f5:df:c7:cf:37:bd:41:15:5c:b9:43:40:34:69:49:f3:82:
3d:4b:36:ed:57:00:23:6d:21:6d:b6:32:41:38:f4:d9:e4:05:
72:03:f7:71
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZYZxqwJg1I1VkTdXHwkvTrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNDA5MDg1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQzMzQ5NTBkMGUwZTNmMTA4YTVlZjBlMDNkYWM2NmY0MTUwNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocWUFEd4xrGfdqBUXg7bvnWbST+2
chC44IOob0B3gYAviOmOavX9qgJrjvxbVxv90jig1W95xu/e1VxB9liRNGnvKlzU
0lHGfFiwufdG8+lHOkcXm/EBY60VQeyqB/qcI6mbE4GvnDt/R3Y3SAGG1kyEk0tn
jeCT+9NVfWzR9Ze7DC3BkpKjxsv1vGpP9uQGNyglqm3TbjPVaH36RkX0QGV4RLny
GQ2EcxlRYMAcqv+6AQvXbO2ptrf3pFYogrSg/bDN8URgfR6qC4GJNCU2l9Ctuy7n
fHM0HFnRU41fW+ezf0XO9E4goVxXA6cUVWkTnpr22+4UM0X63oXVLq/WlQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFIVDNJUNDg4/EIpe8OA9rGb0FQeMMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvaFVNMGxRME9EajhRaWw3dzREMnNadlFWQjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBAMFnYgD
BAMFnZADBAIFneADBAIlIywDBAGSQtgDBACynX8DBAC8SqoDBAK8d7AwDQQCAAIw
BwMFACoDiAAwDQYJKoZIhvcNAQELBQADggEBAJ9+4j9IUfJGtWFFD75HV3D+gWa8
M02xIa+9gbFQqpodz0VpJYg0BZfc7W8IdKnkr/rCTDUGWEDwy/XhZiN91bG6erq4
mERxjiesEdDrxux9aBcYez9sHjj71+o0xYnxyQIUVs4rJjrUd0syqdLdG4eV7sL8
wkyd2LIsu+O84AD2zzminSgDYAMeh2Hrw9m2aVMNfaKxzm97iPZ2yvTRrpb23GOf
TgtzRb4zb+9KeB4xBn86Tat8KRUp3IG1Pf62UHskx3Zcd4I6OI3cQqZt/mnCYJ1F
iFtksUj138fPN71BFVy5Q0A0aUnzgj1LNu1XACNtIW22MkE49NnkBXID93E=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:25 2025 by rpki-client on console.sobornost.net