Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/4JT3Qv25vvnthFy0hg6UD0wDDn4.roa
File: 4JT3Qv25vvnthFy0hg6UD0wDDn4.roa (raw, json)
Hash identifier: BH5rVhvpPfaoQCtU3VT/0E/hulNFIQjc1CMsXaF98Hw=
Subject key identifier: E0:94:F7:42:FD:B9:BE:F9:ED:84:5C:B4:86:0E:94:0F:4C:03:0E:7E
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 018A2C576564FD85E3DB769B8A5AFCF743CC
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/4JT3Qv25vvnthFy0hg6UD0wDDn4.roa
Signing time: Fri 25 Aug 2023 10:57:19 +0000
ROA not before: Fri 25 Aug 2023 10:57:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41564
IP address blocks: 23.92.127.0/24 maxlen: 24
192.40.88.0/24 maxlen: 24
158.222.0.0/20 maxlen: 20
158.222.3.0/24 maxlen: 24
158.222.7.0/24 maxlen: 24
158.222.5.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
5.157.4.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
104.160.4.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
104.160.20.0/24 maxlen: 24
5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
2a02:5740:3::/48 maxlen: 48
2a02:5740::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:5::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
2a02:5740:2::/48 maxlen: 48
2a02:5740:6::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:57:65:64:fd:85:e3:db:76:9b:8a:5a:fc:f7:43:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Aug 25 10:57:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e094f742fdb9bef9ed845cb4860e940f4c030e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:fd:13:8e:34:77:69:c6:94:48:24:d5:8a:ce:
45:e8:ad:ec:c6:2f:ce:6f:03:72:4c:39:a2:0b:76:
5e:7b:24:6e:f4:1f:ff:9e:f8:29:e0:9d:07:6f:b1:
1f:59:06:bf:23:59:a1:66:71:2a:df:d5:84:d9:c2:
74:3c:65:08:73:8c:8f:e5:9d:55:5d:9d:80:2d:1e:
87:98:27:1f:c3:dd:3b:10:3b:d1:63:f6:7d:41:91:
0d:9f:57:80:74:b1:59:5d:05:48:f9:ee:10:e1:68:
12:8a:30:ca:e3:4c:9e:34:b5:c3:a2:bd:c7:02:59:
2c:c8:3b:bc:0c:c8:23:70:97:39:90:7f:82:28:e4:
63:65:81:ff:25:a7:18:55:ad:1f:e9:a5:2b:10:8a:
b9:92:75:5b:2d:7e:c9:25:d3:2c:ba:ed:a6:c0:c2:
0a:00:e7:0e:0f:76:48:e3:3f:f8:51:61:3d:39:a8:
af:21:b3:f2:3c:7e:68:26:28:9e:86:48:59:97:38:
00:ee:5a:83:76:53:51:9e:0b:8f:a9:2b:a6:56:33:
3d:6f:0a:f0:44:3f:6b:2a:f5:68:bb:5f:0b:76:b7:
b1:4d:35:0b:a4:20:a6:6a:b4:61:40:3f:f0:dc:38:
e8:3b:7f:de:75:c9:0a:71:62:f8:9d:14:54:d0:d8:
c5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:94:F7:42:FD:B9:BE:F9:ED:84:5C:B4:86:0E:94:0F:4C:03:0E:7E
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/4JT3Qv25vvnthFy0hg6UD0wDDn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.4.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.4.0/24
104.160.6.0/24
104.160.10.0/24
104.160.20.0/24
151.237.186.0/24
158.222.0.0/20
192.40.88.0/24
IPv6:
2a02:5740::-2a02:5740:6:ffff:ffff:ffff:ffff:ffff
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
74:52:2c:51:be:b2:7d:bd:dc:90:ee:47:46:83:89:f5:69:c0:
9b:b6:2e:25:c4:77:79:e6:7d:33:e5:f0:a7:25:61:13:83:24:
24:f2:da:ac:11:d8:92:7d:b5:38:36:43:d4:3d:8d:d1:e0:13:
91:7f:48:da:86:7b:c2:f4:d3:42:14:92:ed:66:8f:7f:b3:d1:
3a:b7:1e:d7:b1:e5:f2:78:70:4c:bd:2c:2c:10:3c:c1:4f:21:
23:f9:62:79:74:23:96:0f:59:ae:0c:b1:b2:71:cd:4b:1b:34:
08:cb:ec:58:9f:6a:62:f2:f9:05:c8:3e:0f:64:13:9b:00:74:
62:ea:69:61:71:e3:00:e2:8a:24:fc:06:d9:d2:22:d8:67:92:
32:44:d2:07:0f:6d:56:f6:ce:19:51:0a:57:58:5b:18:7a:e7:
9b:12:3d:d9:1d:c7:24:81:10:15:e3:bd:33:a7:62:92:0c:f1:
ff:4d:41:42:56:b4:75:cc:a3:82:d3:b2:b5:f2:75:4c:7c:53:
0b:c0:59:57:f7:4c:a1:95:8a:c6:6e:7d:04:1d:62:35:61:15:
87:5d:c3:62:c3:5e:b0:5e:fa:fb:75:0e:1f:75:9c:3a:cc:2f:
f6:48:4d:58:3e:bf:f4:d5:ac:54:64:1d:08:b7:c8:d1:0a:fa:
e6:02:81:6e
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYosV2Vk/YXj23abilr890PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwODI1MTA1NzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk0Zjc0MmZkYjliZWY5ZWQ4NDVjYjQ4NjBlOTQwZjRjMDMwZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7v0TjjR3acaUSCTVis5F6K3sxi/O
bwNyTDmiC3ZeeyRu9B//nvgp4J0Hb7EfWQa/I1mhZnEq39WE2cJ0PGUIc4yP5Z1V
XZ2ALR6HmCcfw907EDvRY/Z9QZENn1eAdLFZXQVI+e4Q4WgSijDK40yeNLXDor3H
AlksyDu8DMgjcJc5kH+CKORjZYH/JacYVa0f6aUrEIq5knVbLX7JJdMsuu2mwMIK
AOcOD3ZI4z/4UWE9OaivIbPyPH5oJiiehkhZlzgA7lqDdlNRnguPqSumVjM9bwrw
RD9rKvVou18LdrexTTULpCCmarRhQD/w3DjoO3/edckKcWL4nRRU0NjFwwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFOCU90L9ub757YRctIYOlA9MAw5+MB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvNEpUM1F2MjV2dm50aEZ5MGhnNlVEMHdERG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBnQQCAAEwgZYDBAAF
mewDBAAFme8DBAAFnQQDBAAFnQgwDAMEAAWdDQMEAAWdDgMEAAWdEQMEAAWdFgME
AAWdGzAMAwQABZ0pAwQABZ0qAwQABZ0tAwQABZ04MAwDBAEFnToDBAYFnQADBAAX
XH8DBABooAIDBABooAQDBABooAYDBABooAoDBABooBQDBACX7boDBASe3gADBADA
KFgwRwQCAAIwQTAQAwUGKgJXQAMHACoCV0AABgMHACoCV0AAEQMHACoCV0AAGDAS
AwcAKgJXQAAhAwcAKgJXQAAiAwcAKgJXQAAmMA0GCSqGSIb3DQEBCwUAA4IBAQB0
UixRvrJ9vdyQ7kdGg4n1acCbti4lxHd55n0z5fCnJWETgyQk8tqsEdiSfbU4NkPU
PY3R4BORf0jahnvC9NNCFJLtZo9/s9E6tx7XseXyeHBMvSwsEDzBTyEj+WJ5dCOW
D1muDLGycc1LGzQIy+xYn2pi8vkFyD4PZBObAHRi6mlhceMA4ook/AbZ0iLYZ5Iy
RNIHD21W9s4ZUQpXWFsYeuebEj3ZHcckgRAV470zp2KSDPH/TUFCVrR1zKOC07K1
8nVMfFMLwFlX90yhlYrGbn0EHWI1YRWHXcNiw16wXvr7dQ4fdZw6zC/2SE1YPr/0
1axUZB0It8jRCvrmAoFu
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:49:25 2025 by rpki-client