Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/1-I5euRLEKsr7FF-4VskQLdu5Wm0.roa
File: 1-I5euRLEKsr7FF-4VskQLdu5Wm0.roa (raw, json)
Hash identifier: 4AXnB9gGffBa+5UGJwTlfxl3dTLBtwfWaDwofBbf+WY=
Subject key identifier: F8:8E:5E:B9:12:C4:2A:CA:FB:14:5F:B8:56:C9:10:2D:DB:B9:5A:6D
Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial: 019423D7DCBBA8426B818918F4F781B9E61A
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/1-I5euRLEKsr7FF-4VskQLdu5Wm0.roa
Signing time: Wed 01 Jan 2025 21:48:56 +0000
ROA not before: Wed 01 Jan 2025 21:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15425
IP address blocks: 5.53.8.0/21 maxlen: 21
31.28.128.0/19 maxlen: 19
84.16.96.0/19 maxlen: 19
84.21.96.0/19 maxlen: 19
86.61.128.0/17 maxlen: 17
93.181.64.0/18 maxlen: 18
176.227.248.0/21 maxlen: 21
188.134.128.0/17 maxlen: 17
2a03:6e80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:dc:bb:a8:42:6b:81:89:18:f4:f7:81:b9:e6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Validity
Not Before: Jan 1 21:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f88e5eb912c42acafb145fb856c9102ddbb95a6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e0:d1:82:c9:e0:86:1e:af:44:43:e7:64:52:
83:c7:fd:e1:3c:b0:e5:fd:18:2a:74:c8:1d:94:13:
af:aa:82:43:44:93:ff:8f:25:cf:83:6a:a2:22:74:
b9:3a:ec:ad:fa:ff:db:f0:07:92:9c:b3:76:e5:83:
6a:14:9d:0c:5e:52:94:2f:b2:e3:19:c3:f4:23:d1:
aa:45:a4:41:c6:22:ef:53:71:d9:84:b5:cf:f7:16:
96:e0:67:6e:31:af:b4:26:6f:04:85:4d:27:c2:1d:
db:18:c1:4d:a2:60:80:8f:24:ec:b8:ba:3e:d6:b1:
9c:da:b6:92:43:b7:41:2d:a0:cb:48:64:62:0c:4d:
0e:1f:5d:3d:e1:88:56:0a:00:1b:d2:d4:07:be:e6:
56:31:a0:20:06:54:e3:8c:78:00:23:9c:e9:92:2f:
06:d7:cf:1e:8e:14:32:ef:98:89:7b:39:48:59:3e:
eb:d1:c7:12:29:15:75:cc:b6:07:a3:2b:63:ec:52:
60:4a:f0:54:3f:a5:6e:0d:70:a0:71:2a:d9:a9:da:
c4:62:09:67:2a:d3:f9:cd:d8:31:41:f4:56:e9:e5:
0c:3c:d5:f3:9f:d7:31:b9:22:49:58:3b:cc:ff:cf:
55:74:93:38:ce:2c:49:3b:c8:35:64:d2:2c:d5:6d:
d7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8E:5E:B9:12:C4:2A:CA:FB:14:5F:B8:56:C9:10:2D:DB:B9:5A:6D
X509v3 Authority Key Identifier:
keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/1-I5euRLEKsr7FF-4VskQLdu5Wm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.53.8.0/21
31.28.128.0/19
84.16.96.0/19
84.21.96.0/19
86.61.128.0/17
93.181.64.0/18
176.227.248.0/21
188.134.128.0/17
IPv6:
2a03:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
86:d6:ca:a1:97:54:8f:7b:43:1d:e7:2d:e2:8c:c0:f0:c3:ef:
19:87:93:09:76:4f:8b:47:7b:31:81:4f:f6:31:cd:b7:20:1c:
4a:a9:5e:cd:35:4f:fd:58:4e:8d:7e:7d:96:a0:28:54:bf:6e:
0f:4b:99:a5:c0:7b:94:08:a6:bb:6c:9d:51:d3:3b:d7:00:39:
0d:2f:ab:fe:86:89:62:44:0c:d7:57:87:9b:be:d1:45:86:ce:
d8:f3:63:e5:2c:1a:a1:97:41:2e:75:fd:0d:32:cc:6c:6a:c7:
11:b8:3f:a0:15:ff:de:87:a5:ba:f6:5f:60:c2:bc:dd:a4:22:
f3:a9:94:11:83:64:de:97:3b:95:8a:06:30:03:36:7e:e5:fb:
af:7e:e2:f2:bb:ff:cc:cb:32:f8:17:78:ed:e9:49:7b:0c:c4:
c3:5a:a5:52:3f:5f:16:0e:c2:4b:fc:e6:6e:34:8f:f0:6c:7c:
c7:62:1d:5d:6c:65:90:68:89:a8:ed:9d:dc:0a:52:15:f7:53:
4e:4d:a5:9e:e0:3a:3f:d7:ef:8c:05:2c:bc:3d:4d:1a:05:69:
e4:f3:41:7f:a3:56:20:c4:94:a5:fc:ff:dc:0f:3c:8c:6b:f2:
d5:c0:89:f8:8c:e3:ba:14:7d:1d:68:59:5d:e2:6f:53:d7:f9:
53:31:58:cb
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQj19y7qEJrgYkY9PeBueYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjUwMTAxMjE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhlNWViOTEyYzQyYWNhZmIxNDVmYjg1NmM5MTAyZGRiYjk1YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeDRgsnghh6vREPnZFKDx/3hPLDl
/RgqdMgdlBOvqoJDRJP/jyXPg2qiInS5Ouyt+v/b8AeSnLN25YNqFJ0MXlKUL7Lj
GcP0I9GqRaRBxiLvU3HZhLXP9xaW4GduMa+0Jm8EhU0nwh3bGMFNomCAjyTsuLo+
1rGc2raSQ7dBLaDLSGRiDE0OH1094YhWCgAb0tQHvuZWMaAgBlTjjHgAI5zpki8G
188ejhQy75iJezlIWT7r0ccSKRV1zLYHoytj7FJgSvBUP6VuDXCgcSrZqdrEYgln
KtP5zdgxQfRW6eUMPNXzn9cxuSJJWDvM/89VdJM4zixJO8g1ZNIs1W3XnwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPiOXrkSxCrK+xRfuFbJEC3buVptMB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvMS1JNWV1UkxFS3NyN0ZGLTRWc2tRTGR1NVdtMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvZDI2MWMxLWQ3ZjMtNGZlOC1hYmM2LTEwOTQzOTE2Njll
Zi8xL21uRi0wZHhJZ0VUbDRxc0FkVU0xV01fZWpJVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwU1CAME
BR8cgAMEBVQQYAMEBVQVYAMEB1Y9gAMEBl21QAMEA7Dj+AMEB7yGgDANBAIAAjAH
AwUAKgNugDANBgkqhkiG9w0BAQsFAAOCAQEAhtbKoZdUj3tDHect4ozA8MPvGYeT
CXZPi0d7MYFP9jHNtyAcSqlezTVP/VhOjX59lqAoVL9uD0uZpcB7lAimu2ydUdM7
1wA5DS+r/oaJYkQM11eHm77RRYbO2PNj5SwaoZdBLnX9DTLMbGrHEbg/oBX/3oel
uvZfYMK83aQi86mUEYNk3pc7lYoGMAM2fuX7r37i8rv/zMsy+Bd47elJewzEw1ql
Uj9fFg7CS/zmbjSP8Gx8x2IdXWxlkGiJqO2d3ApSFfdTTk2lnuA6P9fvjAUsvD1N
GgVp5PNBf6NWIMSUpfz/3A88jGvy1cCJ+IzjuhR9HWhZXeJvU9f5UzFYyw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net