Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/L-IULiHiq0weUBk0UzoIvGvqlhE.roa
File: L-IULiHiq0weUBk0UzoIvGvqlhE.roa (raw, json)
Hash identifier: J4FS/zhYYSPqQhbBIIqyeRV5dVEV/tw1KbmHd4I20Eg=
Subject key identifier: 2F:E2:14:2E:21:E2:AB:4C:1E:50:19:34:53:3A:08:BC:6B:EA:96:11
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 0195EB55E5073CB4FE6F67CDDC62D33072A1
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/L-IULiHiq0weUBk0UzoIvGvqlhE.roa
Signing time: Mon 31 Mar 2025 08:33:49 +0000
ROA not before: Mon 31 Mar 2025 08:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31688
IP address blocks: 5.63.24.0/21 maxlen: 21
5.63.24.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
5.63.31.0/24 maxlen: 24
91.190.168.0/21 maxlen: 21
185.85.76.0/22 maxlen: 22
185.85.76.0/23 maxlen: 23
185.85.78.0/24 maxlen: 24
2a02:798::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:55:e5:07:3c:b4:fe:6f:67:cd:dc:62:d3:30:72:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Mar 31 08:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fe2142e21e2ab4c1e501934533a08bc6bea9611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:aa:e9:65:16:83:b7:b8:ce:27:67:14:d6:
35:5b:cc:0d:32:f5:9d:53:b4:17:c8:bd:71:f8:c3:
88:eb:d0:9e:5e:54:e1:c3:e6:81:79:d3:f6:ca:a3:
a6:c1:35:6c:3f:54:32:ac:bd:94:06:07:4c:28:dd:
87:e7:5b:67:98:05:c4:e4:51:27:99:7d:1c:1c:5e:
7f:19:11:8f:07:c7:96:ca:7c:06:f4:36:2c:21:60:
10:2b:7f:8a:fb:6b:b6:6a:39:c8:c4:ca:1a:43:e1:
f0:ed:7c:bd:10:1d:ef:cb:2a:a8:a7:cc:81:9b:f5:
41:79:24:8f:d1:82:f5:0b:d7:ea:14:2e:ab:01:d0:
c0:51:9e:5a:6b:48:a9:41:21:ad:c3:7c:b5:2b:2e:
fb:fb:be:fc:8d:bd:51:30:aa:00:93:cb:a9:5f:aa:
60:79:d1:7e:dd:a1:65:43:b5:1f:ea:b1:21:55:79:
37:bd:b4:b7:1c:11:59:54:61:ff:32:5c:ad:0c:30:
e2:96:2e:71:ec:57:50:45:b0:27:75:eb:83:40:6b:
16:ce:e7:66:e9:aa:1c:46:04:e3:ca:b7:6d:75:50:
88:22:7c:3f:21:11:f7:46:43:4c:8b:27:26:56:3b:
82:31:2d:87:c7:d1:f6:fa:20:70:00:ae:4d:8f:a4:
d0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E2:14:2E:21:E2:AB:4C:1E:50:19:34:53:3A:08:BC:6B:EA:96:11
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/L-IULiHiq0weUBk0UzoIvGvqlhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
8f:13:21:99:7e:91:b2:b3:86:04:92:ff:9c:e9:2d:e1:83:a2:
15:e5:47:46:de:e6:9b:60:6f:87:38:9f:54:f5:5c:9f:0a:60:
b3:2d:09:8a:e3:fe:66:8d:7c:b0:9d:d3:92:86:53:8f:73:cb:
12:ab:73:96:f8:ab:85:96:d0:1a:fc:e5:c1:ed:4e:3f:ed:93:
98:d6:32:57:3f:4a:30:34:b0:69:dd:d6:a4:d0:3b:1f:e8:e1:
39:bb:21:5e:3d:0f:ed:d3:5e:80:c3:6b:9a:d6:5c:25:4d:c0:
8f:22:81:57:e2:14:02:8f:2d:3c:94:26:22:0e:ea:ea:b2:9d:
1e:76:6a:8d:52:05:25:31:9b:03:a4:de:40:b2:9a:4c:de:97:
9f:9d:6a:07:10:75:56:29:51:7c:03:f7:62:ab:5a:44:ac:e5:
f0:bb:d8:a7:e6:1b:b3:75:bc:67:c7:50:fc:47:b4:3f:92:68:
05:6a:f0:98:d6:6c:e4:98:a6:bb:e6:7d:8d:91:ba:a8:60:1c:
82:5a:5b:b3:a4:e9:1a:bd:63:20:7d:81:48:9e:6d:e8:c7:a7:
94:55:fd:cc:48:f5:fd:f7:b9:b6:0c:7c:0d:6c:27:d7:8e:8c:
26:76:da:a9:aa:cc:15:9b:75:44:f8:0f:86:88:d8:71:4f:14:
0c:42:6f:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZXrVeUHPLT+b2fN3GLTMHKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjUwMzMxMDgzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmUyMTQyZTIxZTJhYjRjMWU1MDE5MzQ1MzNhMDhiYzZiZWE5NjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLqq6WUWg7e4zidnFNY1W8wNMvWd
U7QXyL1x+MOI69CeXlThw+aBedP2yqOmwTVsP1QyrL2UBgdMKN2H51tnmAXE5FEn
mX0cHF5/GRGPB8eWynwG9DYsIWAQK3+K+2u2ajnIxMoaQ+Hw7Xy9EB3vyyqop8yB
m/VBeSSP0YL1C9fqFC6rAdDAUZ5aa0ipQSGtw3y1Ky77+778jb1RMKoAk8upX6pg
edF+3aFlQ7Uf6rEhVXk3vbS3HBFZVGH/MlytDDDili5x7FdQRbAndeuDQGsWzudm
6aocRgTjyrdtdVCIInw/IRH3RkNMiycmVjuCMS2Hx9H2+iBwAK5Nj6TQBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC/iFC4h4qtMHlAZNFM6CLxr6pYRMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvTC1JVUxpSGlxMHdlVUJrMFV6b0l2R3ZxbGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQCPEyGZ
fpGys4YEkv+c6S3hg6IV5UdG3uabYG+HOJ9U9VyfCmCzLQmK4/5mjXywndOShlOP
c8sSq3OW+KuFltAa/OXB7U4/7ZOY1jJXP0owNLBp3dak0Dsf6OE5uyFePQ/t016A
w2ua1lwlTcCPIoFX4hQCjy08lCYiDurqsp0edmqNUgUlMZsDpN5AsppM3pefnWoH
EHVWKVF8A/diq1pErOXwu9in5huzdbxnx1D8R7Q/kmgFavCY1mzkmKa75n2Nkbqo
YByCWluzpOkavWMgfYFInm3ox6eUVf3MSPX997m2DHwNbCfXjowmdtqpqswVm3VE
+A+GiNhxTxQMQm9E
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:24:36 2025 by rpki-client on console.sobornost.net