Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/s5NfBBJCWwkg56h64SxZMZxnlwg.roa
File: s5NfBBJCWwkg56h64SxZMZxnlwg.roa (raw, json)
Hash identifier: FJxF1xFcRFmlC4MqQuyUXAAPNu/l5AbVFkQWsYjIQ3U=
Subject key identifier: B3:93:5F:04:12:42:5B:09:20:E7:A8:7A:E1:2C:59:31:9C:67:97:08
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 01960FD3EF8AE364561052ECE1081E89AB23
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/s5NfBBJCWwkg56h64SxZMZxnlwg.roa
Signing time: Mon 07 Apr 2025 10:37:49 +0000
ROA not before: Mon 07 Apr 2025 10:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 24
88.202.176.0/20 maxlen: 24
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/47 maxlen: 47
2a02:2498:4::/48 maxlen: 48
2a02:2498:5::/48 maxlen: 48
2a02:2498:16::/48 maxlen: 48
2a02:2498:1000::/36 maxlen: 36
2a02:2498:257b::/48 maxlen: 48
2a02:2498:53aa::/48 maxlen: 48
2a02:2498:6d7b::/48 maxlen: 48
2a02:2498:9000::/36 maxlen: 36
2a02:2498:9001::/48 maxlen: 48
2a02:2498:a000::/36 maxlen: 36
2a02:2498:b000::/36 maxlen: 36
2a02:2498:e000::/36 maxlen: 36
2a02:2498:e004::/48 maxlen: 48
2a02:2498:f000::/48 maxlen: 48
2a02:2498:f001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:d3:ef:8a:e3:64:56:10:52:ec:e1:08:1e:89:ab:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Apr 7 10:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3935f0412425b0920e7a87ae12c59319c679708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f1:53:ce:da:9d:c7:2b:f1:83:76:cd:93:30:
1f:fa:76:16:7f:e7:1f:97:fc:b8:78:19:21:fa:e4:
f0:41:da:86:4a:7f:1e:35:66:a2:df:34:ae:f8:da:
63:08:70:99:ec:d8:d8:47:25:b0:87:40:3a:11:ca:
97:3b:e3:85:f5:14:0a:bf:f1:e6:ce:0c:a9:a2:27:
4c:af:ba:72:4d:e2:41:63:5e:80:e6:7f:c1:b1:73:
bf:18:70:1b:9b:55:93:2c:d0:1f:f0:08:2e:0e:00:
76:37:ec:42:76:36:ea:25:61:34:b1:05:1e:a6:fd:
b9:46:27:fb:56:09:ce:59:32:f4:18:bd:57:d2:31:
67:47:d2:66:15:1f:f5:04:de:34:35:93:3b:0f:bd:
3e:ba:cd:6c:ba:06:08:1c:09:7c:18:35:bb:29:e5:
8e:f7:96:99:e7:09:6d:17:5e:7d:81:a2:3f:38:80:
41:ed:d1:2c:ec:94:1d:6b:f8:8c:51:b7:72:8f:57:
48:51:f5:62:75:44:3f:a0:f6:ff:d5:79:8c:18:fa:
4c:ed:56:83:54:c1:e4:d0:e2:82:f1:cf:fe:fd:90:
7f:bf:f7:ce:12:90:da:36:6b:a8:3c:11:91:b0:74:
1b:da:d5:7c:c3:ea:c9:48:8c:a8:9b:f7:b1:70:c1:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:93:5F:04:12:42:5B:09:20:E7:A8:7A:E1:2C:59:31:9C:67:97:08
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/s5NfBBJCWwkg56h64SxZMZxnlwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/47
2a02:2498:4::/47
2a02:2498:16::/48
2a02:2498:1000::/36
2a02:2498:257b::/48
2a02:2498:53aa::/48
2a02:2498:6d7b::/48
2a02:2498:9000::-2a02:2498:bfff:ffff:ffff:ffff:ffff:ffff
2a02:2498:e000::-2a02:2498:f001:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
67:ee:ac:15:ba:0a:52:7a:bd:84:b9:40:c7:bb:87:ce:a1:32:
db:d7:77:49:c6:5e:eb:ee:29:cd:88:09:4f:ec:76:d0:7c:8b:
09:b2:7a:a9:d8:e5:a8:a2:0b:0a:ab:60:69:b5:0b:f2:38:72:
8f:97:1b:3c:cb:3c:97:f9:e7:18:2f:26:1c:e5:69:9e:ab:4f:
61:c9:e3:c1:57:d7:51:74:f3:50:d6:93:7b:71:e2:f3:07:89:
d8:a0:b5:14:f8:b9:d7:10:06:66:79:4e:17:56:86:f5:b6:32:
62:9b:d0:b8:93:3c:47:7f:3f:bd:cb:27:7b:a8:05:ab:8a:16:
1d:87:45:60:e2:dc:9d:95:99:08:5b:c4:d3:04:81:46:c6:00:
71:ef:1a:55:05:69:67:83:b8:4b:be:53:ad:b3:45:43:37:52:
a5:d7:47:d0:a1:ec:1a:b5:1a:ab:e1:aa:72:b0:a2:6c:ab:a5:
29:b9:77:91:4a:78:0c:f5:56:c8:c9:33:d6:fd:73:89:76:2f:
ba:fe:e6:7d:35:10:ab:9f:58:7f:31:9f:8a:43:20:c4:bd:e8:
d1:0e:72:3a:a3:dc:51:aa:ff:ab:21:07:c8:82:f9:0d:7b:e9:
ec:5a:6a:70:5b:eb:e6:74:b7:7a:55:3e:b2:74:bf:18:9a:b0:
9d:dd:af:3e
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZYP0++K42RWEFLs4QgeiasjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwNDA3MTAzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkzNWYwNDEyNDI1YjA5MjBlN2E4N2FlMTJjNTkzMTljNjc5NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/FTztqdxyvxg3bNkzAf+nYWf+cf
l/y4eBkh+uTwQdqGSn8eNWai3zSu+NpjCHCZ7NjYRyWwh0A6EcqXO+OF9RQKv/Hm
zgypoidMr7pyTeJBY16A5n/BsXO/GHAbm1WTLNAf8AguDgB2N+xCdjbqJWE0sQUe
pv25Rif7VgnOWTL0GL1X0jFnR9JmFR/1BN40NZM7D70+us1sugYIHAl8GDW7KeWO
95aZ5wltF159gaI/OIBB7dEs7JQda/iMUbdyj1dIUfVidUQ/oPb/1XmMGPpM7VaD
VMHk0OKC8c/+/ZB/v/fOEpDaNmuoPBGRsHQb2tV8w+rJSIyom/excME9DwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFLOTXwQSQlsJIOeoeuEsWTGcZ5cIMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvczVOZkJCSkNXd2tnNTZoNjRTeFpNWnhubHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzBiBAIAATBcAwQDHxjg
AwQDJXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23w
AwQGbXtAAwQDsEOgAwQAsEOpMAwDBACwQ6sDBASwQ6ADBAK5B+AwaQQCAAIwYwMH
ASoCJJgAAAMHASoCJJgABAMHACoCJJgAFgMGBCoCJJgQAwcAKgIkmCV7AwcAKgIk
mFOqAwcAKgIkmG17MBADBgQqAiSYkAMGBioCJJiAMBEDBgUqAiSY4AMHASoCJJjw
ADANBgkqhkiG9w0BAQsFAAOCAQEAZ+6sFboKUnq9hLlAx7uHzqEy29d3ScZe6+4p
zYgJT+x20HyLCbJ6qdjlqKILCqtgabUL8jhyj5cbPMs8l/nnGC8mHOVpnqtPYcnj
wVfXUXTzUNaTe3Hi8weJ2KC1FPi51xAGZnlOF1aG9bYyYpvQuJM8R38/vcsne6gF
q4oWHYdFYOLcnZWZCFvE0wSBRsYAce8aVQVpZ4O4S75TrbNFQzdSpddH0KHsGrUa
q+GqcrCibKulKbl3kUp4DPVWyMkz1v1ziXYvuv7mfTUQq59YfzGfikMgxL3o0Q5y
OqPcUar/qyEHyIL5DXvp7FpqcFvr5nS3elU+snS/GJqwnd2vPg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:15 2025 by rpki-client on console.sobornost.net