Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/lGSh8HAGsvLzJWijuCn5mOFbAtA.roa
File: lGSh8HAGsvLzJWijuCn5mOFbAtA.roa (raw, json)
Hash identifier: g6Sdp9SO3zguPzUUGeNhkKmFB7oPgHI90W+QRmIj6bo=
Subject key identifier: 94:64:A1:F0:70:06:B2:F2:F3:25:68:A3:B8:29:F9:98:E1:5B:02:D0
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D7565A9AD33F1DD05DFE4FBF08950A
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/lGSh8HAGsvLzJWijuCn5mOFbAtA.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206487
IP address blocks: 5.40.18.0/24 maxlen: 24
5.40.41.0/24 maxlen: 24
5.40.80.0/23 maxlen: 24
5.40.85.0/24 maxlen: 24
5.40.106.0/24 maxlen: 24
5.40.136.0/24 maxlen: 24
5.40.138.0/24 maxlen: 24
5.40.149.0/24 maxlen: 24
5.40.156.0/24 maxlen: 24
5.40.244.0/24 maxlen: 24
5.40.253.0/24 maxlen: 24
62.82.50.0/24 maxlen: 24
62.82.158.0/24 maxlen: 24
62.174.66.0/24 maxlen: 24
62.175.252.0/24 maxlen: 24
62.175.253.0/24 maxlen: 24
89.140.16.0/23 maxlen: 24
95.39.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:56:5a:9a:d3:3f:1d:d0:5d:fe:4f:bf:08:95:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9464a1f07006b2f2f32568a3b829f998e15b02d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:83:77:ad:9e:18:77:48:b5:50:06:28:22:95:
66:e0:8b:fe:48:b2:02:82:75:43:05:a0:38:ac:90:
84:83:04:06:7a:90:0a:1f:c4:e6:b7:82:48:bf:b2:
fd:33:61:e2:03:8a:73:e4:84:a3:3b:b3:a4:8d:b1:
84:14:49:55:60:7a:0a:c8:ba:3f:53:af:e8:7a:c1:
d8:e3:26:47:1c:b1:e6:7c:c4:fb:1e:58:3e:49:f1:
e0:b2:07:de:fd:80:ef:24:74:1f:e0:4c:6a:43:c1:
c0:15:d1:9f:27:d4:6b:a3:92:44:7c:94:2d:91:37:
29:cc:e9:ec:88:49:22:ef:e5:e7:43:aa:0d:ab:57:
ff:38:90:05:18:99:73:1b:94:5c:19:c0:58:05:5e:
09:9f:76:8c:43:81:da:00:c1:45:e7:39:71:3e:81:
90:bb:4e:75:8a:74:25:f0:31:c7:00:c0:87:68:67:
15:37:e1:99:50:46:06:ea:c1:46:ea:3c:c0:d4:b8:
50:24:e9:38:0f:4a:5d:bf:90:53:e2:af:37:10:07:
bf:7a:75:71:62:14:67:e0:a0:6d:54:f2:1f:23:f2:
5b:bc:b0:b0:83:50:82:34:8d:64:22:9b:b9:96:71:
9f:30:da:7b:9c:b5:5b:e4:c9:7f:26:b8:9c:91:4a:
36:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:64:A1:F0:70:06:B2:F2:F3:25:68:A3:B8:29:F9:98:E1:5B:02:D0
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/lGSh8HAGsvLzJWijuCn5mOFbAtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.18.0/24
5.40.41.0/24
5.40.80.0/23
5.40.85.0/24
5.40.106.0/24
5.40.136.0/24
5.40.138.0/24
5.40.149.0/24
5.40.156.0/24
5.40.244.0/24
5.40.253.0/24
62.82.50.0/24
62.82.158.0/24
62.174.66.0/24
62.175.252.0/23
89.140.16.0/23
95.39.61.0/24
Signature Algorithm: sha256WithRSAEncryption
98:53:cb:2f:e5:23:53:95:f0:de:7b:26:46:70:3d:ea:ee:bf:
24:82:bb:e9:a9:90:93:7a:c9:a8:e2:05:3d:6a:a7:e5:0e:d2:
e6:3e:cc:41:fa:1b:58:d6:fc:6b:04:d7:4c:58:90:bc:8b:0e:
41:f1:4a:97:d0:91:e3:49:13:6e:00:b0:c8:04:2b:d2:99:37:
0f:a5:19:f2:a3:b3:37:32:48:c2:93:ea:78:a4:43:e6:11:01:
0c:60:2e:22:71:fb:95:0f:76:e1:dd:7b:79:e3:1b:78:64:0d:
26:70:f2:81:53:22:fa:95:87:91:e2:f7:1a:4b:d6:6d:39:64:
b6:58:77:45:73:2e:e7:38:f4:37:8c:71:84:c9:03:9f:57:af:
df:29:88:f6:77:20:6a:e2:f1:dd:9a:c1:b3:11:d1:d9:44:dc:
a8:da:f7:c9:ce:13:ee:52:07:29:8f:50:81:f9:e8:50:39:e3:
f8:de:17:18:13:35:a5:88:4f:bc:e4:6f:76:e4:43:57:fd:ba:
d1:66:7a:a2:47:73:9b:69:d3:fd:fd:a5:05:2f:4f:4b:af:85:
f8:02:c0:21:46:97:10:4b:fb:32:27:f2:8a:e5:3d:a9:5d:fd:
9a:e9:ed:88:bb:13:15:99:27:35:cd:6f:78:10:02:da:5a:20:
2f:bf:53:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQj11ZamtM/HdBd/k+/CJUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY0YTFmMDcwMDZiMmYyZjMyNTY4YTNiODI5Zjk5OGUxNWIwMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIN3rZ4Yd0i1UAYoIpVm4Iv+SLIC
gnVDBaA4rJCEgwQGepAKH8Tmt4JIv7L9M2HiA4pz5ISjO7OkjbGEFElVYHoKyLo/
U6/oesHY4yZHHLHmfMT7Hlg+SfHgsgfe/YDvJHQf4ExqQ8HAFdGfJ9Rro5JEfJQt
kTcpzOnsiEki7+XnQ6oNq1f/OJAFGJlzG5RcGcBYBV4Jn3aMQ4HaAMFF5zlxPoGQ
u051inQl8DHHAMCHaGcVN+GZUEYG6sFG6jzA1LhQJOk4D0pdv5BT4q83EAe/enVx
YhRn4KBtVPIfI/JbvLCwg1CCNI1kIpu5lnGfMNp7nLVb5Ml/JrickUo2TQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFJRkofBwBrLy8yVoo7gp+ZjhWwLQMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvbEdTaDhIQUdzdkx6SldpanVDbjVtT0ZiQXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABSgSAwQA
BSgpAwQBBShQAwQABShVAwQABShqAwQABSiIAwQABSiKAwQABSiVAwQABSicAwQA
BSj0AwQABSj9AwQAPlIyAwQAPlKeAwQAPq5CAwQBPq/8AwQBWYwQAwQAXyc9MA0G
CSqGSIb3DQEBCwUAA4IBAQCYU8sv5SNTlfDeeyZGcD3q7r8kgrvpqZCTesmo4gU9
aqflDtLmPsxB+htY1vxrBNdMWJC8iw5B8UqX0JHjSRNuALDIBCvSmTcPpRnyo7M3
MkjCk+p4pEPmEQEMYC4icfuVD3bh3Xt54xt4ZA0mcPKBUyL6lYeR4vcaS9ZtOWS2
WHdFcy7nOPQ3jHGEyQOfV6/fKYj2dyBq4vHdmsGzEdHZRNyo2vfJzhPuUgcpj1CB
+ehQOeP43hcYEzWliE+85G925ENX/brRZnqiR3ObadP9/aUFL09Lr4X4AsAhRpcQ
S/syJ/KK5T2pXf2a6e2IuxMVmSc1zW94EALaWiAvv1Oe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net