Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9exr4wpjgK3EPWUZHzPGJCvuGao.roa
File: 9exr4wpjgK3EPWUZHzPGJCvuGao.roa (raw, json)
Hash identifier: ewktaTPt5UuZ4KiBeTt+cVuQlsLuUj4hhiIMtSOpaco=
Subject key identifier: F5:EC:6B:E3:0A:63:80:AD:C4:3D:65:19:1F:33:C6:24:2B:EE:19:AA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01955B6CA02649EB2F62526C6B6CD4E25EF6
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9exr4wpjgK3EPWUZHzPGJCvuGao.roa
Signing time: Mon 03 Mar 2025 09:53:20 +0000
ROA not before: Mon 03 Mar 2025 09:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34892
IP address blocks: 5.158.232.0/24 maxlen: 24
5.158.233.0/24 maxlen: 24
5.158.234.0/23 maxlen: 23
5.158.236.0/23 maxlen: 23
5.158.238.0/23 maxlen: 23
85.234.0.0/19 maxlen: 19
85.234.0.0/22 maxlen: 22
85.234.4.0/22 maxlen: 22
85.234.8.0/22 maxlen: 22
85.234.12.0/22 maxlen: 22
85.234.16.0/22 maxlen: 22
85.234.20.0/24 maxlen: 24
85.234.21.0/24 maxlen: 24
85.234.24.0/22 maxlen: 22
85.234.28.0/22 maxlen: 22
185.24.44.0/23 maxlen: 23
185.24.44.0/24 maxlen: 24
185.24.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:6c:a0:26:49:eb:2f:62:52:6c:6b:6c:d4:e2:5e:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 3 09:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5ec6be30a6380adc43d65191f33c6242bee19aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c0:c5:70:c2:32:4f:d6:ea:2e:ed:d9:bc:69:
4d:68:03:09:9b:d0:92:48:bb:c3:b3:f9:f7:b7:0e:
d3:67:36:64:b3:6c:dc:3a:b9:2c:05:e1:34:c9:cb:
bc:1f:e9:a5:26:e6:9f:b4:8e:87:97:f6:ce:e5:2a:
53:b5:0f:ef:b0:64:fb:e8:13:e7:97:92:2d:65:22:
72:57:4c:78:d1:6f:3a:68:21:16:e8:41:9b:c8:61:
c3:97:b7:22:d8:43:56:95:f3:50:c7:b7:97:a3:d9:
e7:28:36:d7:f0:94:fe:6a:df:ae:9e:b9:23:2c:57:
0d:df:3e:83:4e:91:5f:c5:c8:83:13:36:1f:ce:70:
d6:e0:08:03:79:b5:ed:a7:f4:89:c0:e5:3a:9e:69:
51:7d:72:a3:04:da:66:53:07:a8:a7:0f:21:1d:a1:
6f:d8:43:92:04:8a:9c:11:b1:01:74:8d:31:6d:5f:
bd:78:62:b7:b5:db:28:e3:ee:b1:22:ff:a3:52:60:
ab:00:13:e8:fb:79:32:fc:04:c9:bf:ce:54:30:aa:
66:81:78:1d:15:05:64:82:c8:eb:83:4b:ac:14:7e:
77:b5:46:7e:57:10:2f:4c:51:cb:f0:ad:83:a2:57:
0e:63:6c:89:23:17:60:2f:16:2b:d0:5a:c1:8f:a0:
23:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:6B:E3:0A:63:80:AD:C4:3D:65:19:1F:33:C6:24:2B:EE:19:AA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/9exr4wpjgK3EPWUZHzPGJCvuGao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.232.0/21
85.234.0.0/19
185.24.44.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:00:be:32:22:98:c6:45:94:4f:34:27:85:4d:22:d9:13:48:
e2:f9:4c:4a:85:7d:51:08:d6:47:b2:88:61:48:c9:c1:a9:01:
5d:c8:22:e4:8b:ff:bb:76:94:3f:94:e8:8a:7f:f4:c8:92:7e:
0a:ed:ba:f2:40:c5:68:5b:2b:ae:af:4d:8a:bb:c9:47:03:5e:
90:fd:23:9a:d1:b7:21:fd:fd:af:a5:08:60:7a:1f:59:32:87:
96:48:5c:58:18:7f:d1:90:f9:1b:7b:b0:08:72:d1:f4:36:2b:
46:ca:dd:fe:70:ec:c8:03:5f:03:e4:fc:11:8c:8c:57:b3:30:
54:70:ee:77:85:4f:d0:17:32:9e:37:81:6b:2d:b7:36:55:2d:
66:19:f7:52:a1:0f:30:52:3d:8c:d7:af:ce:8a:e0:2e:a7:83:
a0:f8:e7:cc:c7:48:79:49:0a:9b:fd:8b:47:5c:7a:37:ee:27:
13:11:79:cd:26:c7:43:27:77:b0:42:84:31:1a:d4:a4:ee:dd:
5f:24:8a:d6:4a:54:69:65:0a:ce:75:e8:b5:40:cf:b2:ed:52:
28:79:26:48:3f:40:e3:a1:4c:0e:15:d2:78:ef:cc:2f:fa:82:
d7:b9:d4:51:05:64:f3:7d:74:75:76:cf:92:a3:c8:c4:a7:ee:
e4:31:d5:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVbbKAmSesvYlJsa2zU4l72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMzAzMDk1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWVjNmJlMzBhNjM4MGFkYzQzZDY1MTkxZjMzYzYyNDJiZWUxOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sDFcMIyT9bqLu3ZvGlNaAMJm9CS
SLvDs/n3tw7TZzZks2zcOrksBeE0ycu8H+mlJuaftI6Hl/bO5SpTtQ/vsGT76BPn
l5ItZSJyV0x40W86aCEW6EGbyGHDl7ci2ENWlfNQx7eXo9nnKDbX8JT+at+unrkj
LFcN3z6DTpFfxciDEzYfznDW4AgDebXtp/SJwOU6nmlRfXKjBNpmUweopw8hHaFv
2EOSBIqcEbEBdI0xbV+9eGK3tdso4+6xIv+jUmCrABPo+3ky/ATJv85UMKpmgXgd
FQVkgsjrg0usFH53tUZ+VxAvTFHL8K2DolcOY2yJIxdgLxYr0FrBj6AjIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPXsa+MKY4CtxD1lGR8zxiQr7hmqMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOWV4cjR3cGpnSzNFUFdVWkh6UEdKQ3Z1R2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBZ7oAwQF
VeoAAwQBuRgsMA0GCSqGSIb3DQEBCwUAA4IBAQA/AL4yIpjGRZRPNCeFTSLZE0ji
+UxKhX1RCNZHsohhSMnBqQFdyCLki/+7dpQ/lOiKf/TIkn4K7bryQMVoWyuur02K
u8lHA16Q/SOa0bch/f2vpQhgeh9ZMoeWSFxYGH/RkPkbe7AIctH0NitGyt3+cOzI
A18D5PwRjIxXszBUcO53hU/QFzKeN4FrLbc2VS1mGfdSoQ8wUj2M16/OiuAup4Og
+OfMx0h5SQqb/YtHXHo37icTEXnNJsdDJ3ewQoQxGtSk7t1fJIrWSlRpZQrOdei1
QM+y7VIoeSZIP0DjoUwOFdJ478wv+oLXudRRBWTzfXR1ds+So8jEp+7kMdXZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net