Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/SSLa7N3_MaNl7fGx5haI0AMfvNs.roa
File: SSLa7N3_MaNl7fGx5haI0AMfvNs.roa (raw, json)
Hash identifier: qJ7+JhijMf5b8qWPooa1sEJmOOnyzmXeAC46qg+YAa4=
Subject key identifier: 49:22:DA:EC:DD:FF:31:A3:65:ED:F1:B1:E6:16:88:D0:03:1F:BC:DB
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C2839813C1EDA253CF06011A6B7E4
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/SSLa7N3_MaNl7fGx5haI0AMfvNs.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 185.5.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:28:39:81:3c:1e:da:25:3c:f0:60:11:a6:b7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4922daecddff31a365edf1b1e61688d0031fbcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:59:26:cf:6a:cb:56:79:d2:6e:4c:08:7e:c3:
af:3f:be:56:f2:7b:b5:93:1b:93:70:ac:4e:30:d2:
3f:e2:a5:1d:f1:2f:0c:c1:b4:2f:8d:41:a2:90:c2:
a2:7d:5c:81:f7:be:b9:1c:a0:e0:46:88:cc:47:d5:
15:65:29:44:25:c6:5e:6a:82:5c:c0:07:aa:f3:29:
87:02:05:ea:3c:0b:86:55:9a:df:cd:f5:3d:7f:6e:
45:91:c9:17:61:54:17:9d:45:79:f0:c8:02:73:8f:
bf:02:73:45:10:6d:00:89:11:8c:63:c3:13:ee:b5:
f2:d5:69:71:8f:46:4f:25:3b:88:62:b5:82:21:b5:
6e:e5:23:ee:14:d6:d2:09:62:71:8f:06:11:2f:60:
64:01:a5:9e:d4:75:e8:4e:06:33:cb:cd:d0:13:2a:
a4:fc:a1:a3:a2:06:bd:3c:74:72:d0:0b:2b:f4:56:
cc:1b:aa:ed:38:09:a6:f8:43:c4:96:75:1f:9c:48:
8c:cc:05:a8:a4:f3:1f:0e:8a:44:7e:22:93:72:40:
00:a5:8c:35:8d:60:b2:4e:d4:ec:17:86:e5:96:1a:
83:cb:e3:fa:7d:28:1c:b7:1e:d7:12:05:27:52:9b:
d3:74:1d:01:67:39:99:78:87:28:71:13:ee:a7:c3:
1d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:22:DA:EC:DD:FF:31:A3:65:ED:F1:B1:E6:16:88:D0:03:1F:BC:DB
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/SSLa7N3_MaNl7fGx5haI0AMfvNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.38.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:98:d6:b6:6f:77:fd:5d:cf:30:03:27:49:9f:43:5b:c2:e6:
c0:bc:a5:19:be:aa:2d:d0:d8:28:f9:84:75:25:da:c6:49:92:
bb:e9:d7:d5:60:c7:5f:54:c3:07:7a:30:e2:b5:10:58:bb:31:
99:40:cd:c8:fc:29:88:1a:4d:ab:4e:04:79:f7:cb:a5:ef:92:
18:6e:bf:c2:94:2d:98:eb:b9:27:2d:1e:1f:bc:21:2c:a9:99:
72:b1:40:f5:dd:73:db:52:81:ff:9b:e1:2d:fd:ba:99:97:f2:
7b:53:80:c6:6f:c3:3d:f0:32:36:cc:55:be:8a:7c:ed:51:68:
94:5f:04:25:cf:4c:75:c8:fe:ae:a1:60:5a:42:6e:72:57:ae:
68:45:bb:a3:b5:bd:14:c7:68:75:d3:84:09:8c:1e:e9:1e:98:
1c:79:33:14:ab:c4:54:15:c4:00:7d:24:9b:52:45:17:11:50:
0e:b4:3f:86:34:11:ed:70:c4:d6:ba:e3:fe:b0:1a:e0:a0:9d:
10:47:44:3b:5d:19:e6:ef:8a:43:51:23:3e:2d:b6:bd:b1:01:
e2:39:77:56:bf:5e:a4:b6:1c:f0:16:36:3c:1e:3a:7f:a6:c8:
77:d3:48:f5:f3:09:a9:7c:ad:90:8f:16:c3:79:ef:0e:78:09:
b3:5f:38:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCg5gTwe2iU88GARprfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTIyZGFlY2RkZmYzMWEzNjVlZGYxYjFlNjE2ODhkMDAzMWZiY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fkmz2rLVnnSbkwIfsOvP75W8nu1
kxuTcKxOMNI/4qUd8S8MwbQvjUGikMKifVyB9765HKDgRojMR9UVZSlEJcZeaoJc
wAeq8ymHAgXqPAuGVZrfzfU9f25FkckXYVQXnUV58MgCc4+/AnNFEG0AiRGMY8MT
7rXy1Wlxj0ZPJTuIYrWCIbVu5SPuFNbSCWJxjwYRL2BkAaWe1HXoTgYzy83QEyqk
/KGjoga9PHRy0Asr9FbMG6rtOAmm+EPElnUfnEiMzAWopPMfDopEfiKTckAApYw1
jWCyTtTsF4bllhqDy+P6fSgctx7XEgUnUpvTdB0BZzmZeIcocRPup8MdwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEki2uzd/zGjZe3xseYWiNADH7zbMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvU1NMYTdOM19NYU5sN2ZHeDVoYUkwQU1mdk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQUmMA0G
CSqGSIb3DQEBCwUAA4IBAQDdmNa2b3f9Xc8wAydJn0NbwubAvKUZvqot0Ngo+YR1
JdrGSZK76dfVYMdfVMMHejDitRBYuzGZQM3I/CmIGk2rTgR598ul75IYbr/ClC2Y
67knLR4fvCEsqZlysUD13XPbUoH/m+Et/bqZl/J7U4DGb8M98DI2zFW+inztUWiU
XwQlz0x1yP6uoWBaQm5yV65oRbujtb0Ux2h104QJjB7pHpgceTMUq8RUFcQAfSSb
UkUXEVAOtD+GNBHtcMTWuuP+sBrgoJ0QR0Q7XRnm74pDUSM+Lba9sQHiOXdWv16k
thzwFjY8Hjp/psh300j18wmpfK2QjxbDee8OeAmzXzgZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:12:01 2025 by rpki-client