Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/2ckuuQNGelqhfIDU0HMZ3G_jIN4.roa
File: 2ckuuQNGelqhfIDU0HMZ3G_jIN4.roa (raw, json)
Hash identifier: Ly3hlzB/x5T87M29FpEs5LMZzWEyS3uYaMyLbALjnTU=
Subject key identifier: D9:C9:2E:B9:03:46:7A:5A:A1:7C:80:D4:D0:73:19:DC:6F:E3:20:DE
Certificate issuer: /CN=c0a233590de586e0c55821c6f6d5732afc841229
Certificate serial: 0195D83113BDD24FCFB4F7F59A68A9E1CF08
Authority key identifier: C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/2ckuuQNGelqhfIDU0HMZ3G_jIN4.roa
Signing time: Thu 27 Mar 2025 15:20:49 +0000
ROA not before: Thu 27 Mar 2025 15:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57630
IP address blocks: 5.152.152.0/23 maxlen: 23
31.12.80.0/22 maxlen: 22
46.33.16.0/23 maxlen: 23
117.55.200.0/23 maxlen: 23
134.65.164.0/22 maxlen: 22
194.179.134.0/23 maxlen: 23
217.11.175.0/24 maxlen: 24
2a02:7e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:31:13:bd:d2:4f:cf:b4:f7:f5:9a:68:a9:e1:cf:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0a233590de586e0c55821c6f6d5732afc841229
Validity
Not Before: Mar 27 15:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9c92eb903467a5aa17c80d4d07319dc6fe320de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d5:c3:93:d9:e8:42:fe:44:6c:77:30:4e:be:
43:8b:36:a6:31:78:99:9d:95:3b:dc:60:e4:87:4e:
7a:20:71:91:d0:99:13:ab:7e:77:f4:0b:b2:f1:31:
de:60:ab:cd:41:9d:0f:57:0b:93:5d:98:7f:5f:f7:
a7:80:9c:9c:77:6a:36:7f:61:c6:c0:a2:81:c1:0f:
92:fd:d7:61:34:c5:a9:ed:35:69:0d:83:02:52:47:
68:51:99:d1:02:aa:89:24:23:42:c4:72:d0:6f:a6:
de:49:e1:db:3c:cc:ab:48:4c:d6:c3:d6:21:b5:e2:
f9:12:ac:17:ae:0d:c5:ea:06:22:44:78:b1:b8:e5:
2a:1c:9a:cc:a7:68:e7:87:1d:87:b9:a2:40:44:9e:
11:a2:4d:db:1b:95:65:21:67:a9:89:fe:d4:61:55:
77:77:11:e5:cb:b8:63:38:b8:db:c6:68:f9:5a:d9:
7a:0a:f5:5e:25:96:03:3c:65:ec:7e:8e:d4:87:fb:
7b:bf:e2:2e:7e:74:c5:b7:ed:79:0b:4c:ee:08:b9:
f5:59:7c:70:ed:b8:d7:f0:bb:da:5f:c9:52:aa:4b:
b5:1a:f4:38:fc:61:5c:cb:0e:9c:57:da:92:fa:4d:
2e:7b:2b:b0:12:b6:32:a9:b1:85:14:ec:d3:b3:1f:
1b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C9:2E:B9:03:46:7A:5A:A1:7C:80:D4:D0:73:19:DC:6F:E3:20:DE
X509v3 Authority Key Identifier:
keyid:C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/2ckuuQNGelqhfIDU0HMZ3G_jIN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/wKIzWQ3lhuDFWCHG9tVzKvyEEik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.152.0/23
31.12.80.0/22
46.33.16.0/23
117.55.200.0/23
134.65.164.0/22
194.179.134.0/23
217.11.175.0/24
IPv6:
2a02:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
f2:75:33:fc:89:f5:68:80:bc:90:1d:10:76:e0:59:18:e2:fb:
7a:e6:75:68:1f:6d:35:13:53:8c:01:2c:5b:62:c0:98:23:6e:
4f:61:67:43:e5:47:5b:88:64:92:70:56:75:61:d4:49:9b:26:
af:3e:b1:51:f6:49:da:65:7f:52:08:98:0b:07:3d:d0:fe:9e:
bc:fd:af:b1:14:6e:91:03:17:bd:a4:96:76:52:13:f9:d7:e4:
d1:2d:18:90:5f:fc:cb:8f:13:de:56:aa:e8:fc:eb:64:e1:c5:
22:98:47:74:71:d2:e8:ae:31:8c:5b:60:3d:72:01:0a:00:c2:
a7:ed:25:ca:02:3e:33:e5:9f:e5:13:10:fc:55:77:37:44:c4:
41:63:3e:10:19:1b:5a:87:ef:16:21:aa:39:69:58:3b:2d:f3:
3d:17:c3:7b:67:af:99:25:76:cc:16:21:01:ad:77:0e:d9:cb:
91:54:90:ba:9c:bb:73:82:be:f3:42:db:73:8a:53:65:a9:f4:
b7:74:56:5b:5a:2a:72:f8:8e:f0:06:5a:2b:35:be:e5:fd:28:
bc:12:65:aa:74:b2:45:58:28:53:e6:eb:5b:fb:4e:e7:49:a6:
88:88:1b:af:dd:81:8d:f3:ec:86:e6:6a:72:45:06:d1:7d:f6:
5e:73:d4:37
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZXYMRO90k/PtPf1mmip4c8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYTIzMzU5MGRlNTg2ZTBjNTU4MjFjNmY2ZDU3MzJhZmM4
NDEyMjkwHhcNMjUwMzI3MTUyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM5MmViOTAzNDY3YTVhYTE3YzgwZDRkMDczMTlkYzZmZTMyMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNXDk9noQv5EbHcwTr5DizamMXiZ
nZU73GDkh056IHGR0JkTq3539Auy8THeYKvNQZ0PVwuTXZh/X/engJycd2o2f2HG
wKKBwQ+S/ddhNMWp7TVpDYMCUkdoUZnRAqqJJCNCxHLQb6beSeHbPMyrSEzWw9Yh
teL5EqwXrg3F6gYiRHixuOUqHJrMp2jnhx2HuaJARJ4Rok3bG5VlIWepif7UYVV3
dxHly7hjOLjbxmj5Wtl6CvVeJZYDPGXsfo7Uh/t7v+IufnTFt+15C0zuCLn1WXxw
7bjX8LvaX8lSqku1GvQ4/GFcyw6cV9qS+k0ueyuwErYyqbGFFOzTsx8bLQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNnJLrkDRnpaoXyA1NBzGdxv4yDeMB8GA1UdIwQY
MBaAFMCiM1kN5YbgxVghxvbVcyr8hBIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1Mzgt
YTg0ZWI0MTFlZjhhLzEvMmNrdXVRTkdlbHFoZklEVTBITVozR19qSU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1MzgtYTg0ZWI0MTFlZjhh
LzEvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBBZiYAwQC
HwxQAwQBLiEQAwQBdTfIAwQChkGkAwQBwrOGAwQA2QuvMA0EAgACMAcDBQMqAn4A
MA0GCSqGSIb3DQEBCwUAA4IBAQDydTP8ifVogLyQHRB24FkY4vt65nVoH201E1OM
ASxbYsCYI25PYWdD5UdbiGSScFZ1YdRJmyavPrFR9knaZX9SCJgLBz3Q/p68/a+x
FG6RAxe9pJZ2UhP51+TRLRiQX/zLjxPeVqro/Otk4cUimEd0cdLorjGMW2A9cgEK
AMKn7SXKAj4z5Z/lExD8VXc3RMRBYz4QGRtah+8WIao5aVg7LfM9F8N7Z6+ZJXbM
FiEBrXcO2cuRVJC6nLtzgr7zQttzilNlqfS3dFZbWipy+I7wBlorNb7l/Si8EmWq
dLJFWChT5utb+07nSaaIiBuv3YGN8+yG5mpyRQbRffZec9Q3
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:32 2025 by rpki-client on console.sobornost.net