Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/75Z80cMIw9L93uMBOflZZGwjQVQ.roa
File: 75Z80cMIw9L93uMBOflZZGwjQVQ.roa (raw, json)
Hash identifier: QGG1+03274jcSEhqA224YdneUpIUe5yKtX9tZpXYsWs=
Subject key identifier: EF:96:7C:D1:C3:08:C3:D2:FD:DE:E3:01:39:F9:59:64:6C:23:41:54
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 018571309A71B39587427CDE90DEAAB10305
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/75Z80cMIw9L93uMBOflZZGwjQVQ.roa
Signing time: Mon 02 Jan 2023 06:34:48 +0000
ROA not before: Mon 02 Jan 2023 06:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41204
IP address blocks: 151.237.186.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:9a:71:b3:95:87:42:7c:de:90:de:aa:b1:03:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef967cd1c308c3d2fddee30139f959646c234154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c9:e3:d8:43:2b:d0:20:b2:b2:f4:64:04:ef:
3a:c1:f0:46:37:4e:33:0c:6b:52:32:26:9a:4d:a2:
ac:f1:cc:38:39:f4:aa:66:1f:66:cb:05:68:c9:f8:
df:1b:05:32:6d:62:2d:9e:bf:c2:33:d0:fc:ea:fb:
cb:35:7d:2f:ee:c0:7c:2f:4a:0f:7b:3f:5f:32:3f:
4f:ca:6e:67:0b:39:40:6b:bf:50:ee:9f:cf:53:e6:
56:f2:aa:a4:48:04:73:4a:c2:3a:d1:86:c0:ea:89:
1b:b7:f2:48:4c:14:5b:5b:c1:b2:ef:0a:bd:ef:c7:
08:67:b8:fe:c5:a1:d9:f2:fb:02:6f:09:0a:00:2e:
68:f6:95:23:4e:b9:04:41:17:a2:43:38:06:85:84:
9b:2e:50:fa:3a:49:ef:a0:ae:8c:55:50:08:b2:68:
83:4a:8c:05:36:ee:40:1f:47:7c:61:44:b2:cb:98:
9d:4a:95:a7:82:b0:86:8e:94:1d:a9:3a:c2:a1:b8:
2e:df:c3:70:84:c8:1c:09:41:84:10:41:fc:1d:05:
33:84:21:c4:bf:7f:bf:73:2c:b0:d9:3a:0e:a0:60:
9c:00:92:fb:2c:22:89:e3:b6:3d:73:ed:d0:d4:29:
0c:cd:0b:d4:11:2f:42:11:cb:d2:e8:37:90:d0:ad:
ec:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:96:7C:D1:C3:08:C3:D2:FD:DE:E3:01:39:F9:59:64:6C:23:41:54
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/75Z80cMIw9L93uMBOflZZGwjQVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.8.0/24
5.157.17.0/24
5.157.42.0/24
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
151.237.186.0/24
Signature Algorithm: sha256WithRSAEncryption
79:cf:d6:10:38:90:e9:70:4c:d8:e7:c0:53:64:7a:74:f2:09:
70:c2:b2:76:66:44:99:d7:50:fa:cb:44:7e:b0:a6:92:cb:09:
a4:6b:3b:44:74:57:03:17:fc:3c:9a:c3:20:f2:03:d4:b3:c5:
14:cc:24:0d:e9:f1:4d:64:bb:3e:a6:de:9d:4e:44:ab:0f:88:
05:37:52:f2:45:71:26:cb:bc:b8:e4:15:ef:2a:77:74:23:26:
82:50:04:34:2d:4a:41:af:7a:da:a5:e5:41:f1:7a:a6:3c:a8:
86:27:3a:ed:14:ed:e7:9d:3a:7a:de:5e:78:6e:31:1f:19:3c:
ca:84:7b:3d:64:74:ce:b0:36:95:77:64:21:b6:6e:ed:26:4d:
c0:03:df:dc:7f:11:d1:ef:02:21:31:18:de:12:9b:80:9b:66:
75:bf:ab:73:38:b9:0e:4f:6a:eb:21:3c:eb:9e:45:6a:29:85:
bf:d5:2a:f0:72:20:92:fb:bd:c1:bb:89:1f:a7:33:fa:08:bd:
73:6a:87:c6:dc:9c:1e:7c:87:42:23:36:83:0a:24:47:c4:c5:
9b:80:25:3f:93:42:5b:bd:b2:4c:1d:48:97:f8:2e:19:d5:50:
cf:12:b2:23:98:7f:6f:0c:7a:b0:3a:31:24:7a:61:e7:fa:99:
1a:68:5a:1f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVxMJpxs5WHQnzekN6qsQMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjk2N2NkMWMzMDhjM2QyZmRkZWUzMDEzOWY5NTk2NDZjMjM0MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8nj2EMr0CCysvRkBO86wfBGN04z
DGtSMiaaTaKs8cw4OfSqZh9mywVoyfjfGwUybWItnr/CM9D86vvLNX0v7sB8L0oP
ez9fMj9Pym5nCzlAa79Q7p/PU+ZW8qqkSARzSsI60YbA6okbt/JITBRbW8Gy7wq9
78cIZ7j+xaHZ8vsCbwkKAC5o9pUjTrkEQReiQzgGhYSbLlD6OknvoK6MVVAIsmiD
SowFNu5AH0d8YUSyy5idSpWngrCGjpQdqTrCobgu38NwhMgcCUGEEEH8HQUzhCHE
v3+/cyyw2ToOoGCcAJL7LCKJ47Y9c+3Q1CkMzQvUES9CEcvS6DeQ0K3srwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFO+WfNHDCMPS/d7jATn5WWRsI0FUMB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvNzVaODBjTUl3OUw5M3VNQk9mbFpaR3dqUVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABZ0IAwQA
BZ0RAwQABZ0qAwQABZ0tAwQABZ04MAwDBAEFnToDBAYFnQADBACX7bowDQYJKoZI
hvcNAQELBQADggEBAHnP1hA4kOlwTNjnwFNkenTyCXDCsnZmRJnXUPrLRH6wppLL
CaRrO0R0VwMX/DyawyDyA9SzxRTMJA3p8U1kuz6m3p1ORKsPiAU3UvJFcSbLvLjk
Fe8qd3QjJoJQBDQtSkGvetql5UHxeqY8qIYnOu0U7eedOnreXnhuMR8ZPMqEez1k
dM6wNpV3ZCG2bu0mTcAD39x/EdHvAiExGN4Sm4CbZnW/q3M4uQ5PaushPOueRWop
hb/VKvByIJL7vcG7iR+nM/oIvXNqh8bcnB58h0IjNoMKJEfExZuAJT+TQlu9skwd
SJf4LhnVUM8SsiOYf28MerA6MSR6Yef6mRpoWh8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 14:11:39 2025 by rpki-client