Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Al23qWYeXXkMY8GVKDqYuaJUWxA.roa
File: Al23qWYeXXkMY8GVKDqYuaJUWxA.roa (raw, json)
Hash identifier: R9dgXnKs30ahNqlTiasP+7pTeyTjFFhmnVctti79xI8=
Subject key identifier: 02:5D:B7:A9:66:1E:5D:79:0C:63:C1:95:28:3A:98:B9:A2:54:5B:10
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 019523C6C055D82C4C49E8AB026DC49B571A
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Al23qWYeXXkMY8GVKDqYuaJUWxA.roa
Signing time: Thu 20 Feb 2025 14:33:02 +0000
ROA not before: Thu 20 Feb 2025 14:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
85.9.192.0/19 maxlen: 19
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:c6:c0:55:d8:2c:4c:49:e8:ab:02:6d:c4:9b:57:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Feb 20 14:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=025db7a9661e5d790c63c195283a98b9a2545b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:df:f2:6f:c2:32:59:f6:5a:52:ba:09:d6:49:
3f:a9:6c:80:bf:bb:f0:c7:04:66:24:ea:f9:0d:44:
d6:4b:f5:8c:19:9e:91:65:15:44:ce:30:60:e1:bc:
ad:d9:a0:9b:67:5c:09:f0:f1:0c:b4:16:6f:f7:5d:
7c:c3:9c:4e:42:7d:3a:72:1b:3b:22:28:58:94:66:
09:2e:5a:ef:ed:10:d7:a0:dd:5a:1a:a8:eb:3a:fb:
98:72:3d:0b:e5:c0:55:71:cf:a5:d6:5f:2e:52:cd:
1a:2b:85:90:73:28:fd:3f:2a:09:82:aa:2e:40:8d:
99:3d:63:84:e7:fe:36:5f:00:b3:ba:1b:cf:eb:00:
60:4c:07:6f:45:b8:5b:e1:54:ff:30:ca:cf:d9:2f:
33:5f:3f:c5:24:69:d2:b5:02:e8:48:a5:55:39:f6:
b1:45:62:37:23:ea:53:bd:82:fb:9c:88:7d:4e:3b:
2e:a4:4c:50:08:47:0e:f8:30:31:27:57:52:06:6d:
30:8a:22:98:6f:d9:bd:66:f3:52:f1:76:b9:0d:18:
72:ec:4b:9d:a1:94:9e:0b:64:37:a5:46:a8:0d:30:
dc:2c:d8:17:16:06:ef:49:61:d0:05:e7:ca:0f:47:
2a:13:03:0d:bf:3c:ec:02:af:7d:af:5b:cd:13:9f:
aa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5D:B7:A9:66:1E:5D:79:0C:63:C1:95:28:3A:98:B9:A2:54:5B:10
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Al23qWYeXXkMY8GVKDqYuaJUWxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
85.9.192.0/19
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:68:77:17:69:0e:1f:72:73:34:26:41:ba:9e:7b:65:85:3b:
52:e0:2d:a9:0a:f5:87:b1:2a:e5:61:ec:7f:b7:68:88:c1:25:
4b:e4:87:9f:68:af:2a:6d:3c:8a:1b:5b:5a:87:f0:78:53:bb:
7a:84:5c:07:3e:a0:ab:cf:a1:4c:be:40:43:b2:bc:d6:2c:b9:
61:9d:13:a1:91:b2:18:0f:16:f9:ec:f7:2b:5b:30:4d:09:f5:
b1:57:f2:95:5d:62:40:53:3f:68:41:cd:08:56:56:aa:37:42:
13:fe:39:9c:50:fc:a5:70:78:a1:73:40:4d:09:6a:82:f9:86:
b2:fa:9b:38:6f:48:25:c0:b7:5c:bf:f7:b4:59:cb:48:e0:a5:
4a:f2:9e:71:83:1b:e2:52:68:c2:26:e9:e5:90:5c:ef:ca:77:
74:d4:22:87:69:be:da:60:69:e8:8b:08:a1:29:96:7b:20:94:
61:bd:28:10:c6:c9:ac:48:af:4a:cb:83:b4:b9:0a:85:e4:77:
a9:ae:d3:08:f2:a7:d5:35:16:8d:fd:c9:93:4e:40:ba:b8:e1:
be:d9:84:6a:64:fd:41:60:a0:ec:2e:a9:d6:d9:1e:c2:f3:29:
96:ce:90:81:23:5b:93:9b:bc:df:fa:3c:ba:20:16:cf:bc:e7:
dd:de:7b:6a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZUjxsBV2CxMSeirAm3Em1caMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMjIwMTQzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjVkYjdhOTY2MWU1ZDc5MGM2M2MxOTUyODNhOThiOWEyNTQ1YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d/yb8IyWfZaUroJ1kk/qWyAv7vw
xwRmJOr5DUTWS/WMGZ6RZRVEzjBg4byt2aCbZ1wJ8PEMtBZv9118w5xOQn06chs7
IihYlGYJLlrv7RDXoN1aGqjrOvuYcj0L5cBVcc+l1l8uUs0aK4WQcyj9PyoJgqou
QI2ZPWOE5/42XwCzuhvP6wBgTAdvRbhb4VT/MMrP2S8zXz/FJGnStQLoSKVVOfax
RWI3I+pTvYL7nIh9TjsupExQCEcO+DAxJ1dSBm0wiiKYb9m9ZvNS8Xa5DRhy7Eud
oZSeC2Q3pUaoDTDcLNgXFgbvSWHQBefKD0cqEwMNvzzsAq99r1vNE5+qJQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFAJdt6lmHl15DGPBlSg6mLmiVFsQMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvQWwyM3FXWWVYWGtNWThHVktEcVl1YUpVV3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwVwQCAAEwUQMEBAUW0AME
AlBFrAMEA1OI+AMEBVUJwDALAwMAXu0DBABe7X4wDAMEBl9vwAMEAl9v0AMEA19v
2AMEArkUiAMEArkaMAMEArlGxAMEAsI+YDAWBAIAAjAQMA4DBQYqBDVAAwUAKgQ1
RjANBgkqhkiG9w0BAQsFAAOCAQEAHmh3F2kOH3JzNCZBup57ZYU7UuAtqQr1h7Eq
5WHsf7doiMElS+SHn2ivKm08ihtbWofweFO7eoRcBz6gq8+hTL5AQ7K81iy5YZ0T
oZGyGA8W+ez3K1swTQn1sVfylV1iQFM/aEHNCFZWqjdCE/45nFD8pXB4oXNATQlq
gvmGsvqbOG9IJcC3XL/3tFnLSOClSvKecYMb4lJowibp5ZBc78p3dNQih2m+2mBp
6IsIoSmWeyCUYb0oEMbJrEivSsuDtLkKheR3qa7TCPKn1TUWjf3Jk05AurjhvtmE
amT9QWCg7C6p1tkewvMpls6QgSNbk5u83/o8uiAWz7zn3d57ag==
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:56:26 2025 by rpki-client on console.sobornost.net