Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/rRKhiSrbatFvYmuo6ymeVxGwrXE.roa
File: rRKhiSrbatFvYmuo6ymeVxGwrXE.roa (raw, json)
Hash identifier: FCC1G1laSHKy+MJRui/+QVk4PwxHWgeFN/8JBKnvpeQ=
Subject key identifier: AD:12:A1:89:2A:DB:6A:D1:6F:62:6B:A8:EB:29:9E:57:11:B0:AD:71
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C2FD2126DA6C9C301AFB2688F9A8C
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/rRKhiSrbatFvYmuo6ymeVxGwrXE.roa
Signing time: Thu 02 Jan 2025 09:50:11 +0000
ROA not before: Thu 02 Jan 2025 09:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215124
IP address blocks: 5.178.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2f:d2:12:6d:a6:c9:c3:01:af:b2:68:8f:9a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad12a1892adb6ad16f626ba8eb299e5711b0ad71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:4f:f1:dd:1c:7e:5c:78:fb:ae:48:07:67:
d3:ed:fd:66:f1:5c:9f:08:08:4e:49:6a:24:45:1f:
85:87:dc:c5:1b:25:82:9d:de:b5:42:2a:98:e6:f4:
62:5e:01:22:2f:92:82:81:04:61:e0:8d:8b:bf:c1:
89:80:be:ca:11:22:36:1c:79:4e:e2:c5:c0:dc:1d:
e1:de:c8:28:f7:90:4a:4b:6e:6b:6b:10:99:3c:3d:
84:a1:73:0a:a4:c0:b9:5f:36:05:16:7e:1d:22:6c:
0c:3d:5a:dd:eb:7e:c1:97:02:3a:eb:13:0a:44:5e:
4c:7a:b8:70:64:5d:2d:3c:40:d3:e1:4d:fd:51:d0:
0f:8a:ba:78:14:ae:a2:4b:10:c0:f3:9c:2a:da:71:
aa:5a:fd:4f:13:5a:2d:be:ae:9e:b8:e9:18:03:7f:
9d:33:5f:31:fa:3b:7b:35:92:0f:bd:a1:d9:df:fe:
17:d4:da:e6:1c:8d:3e:55:95:76:33:04:9d:a3:9d:
02:66:41:07:8f:3e:d4:f8:bc:1e:fc:68:f8:ca:a5:
67:59:38:de:5b:64:03:fa:af:75:55:e5:c8:11:0d:
f2:16:a0:a5:d7:c9:91:66:b6:a1:20:95:77:dd:da:
98:56:3c:e4:e3:e5:b7:d3:34:d7:86:a8:c6:71:04:
ca:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:12:A1:89:2A:DB:6A:D1:6F:62:6B:A8:EB:29:9E:57:11:B0:AD:71
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/rRKhiSrbatFvYmuo6ymeVxGwrXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.103.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:9e:c7:a7:8b:34:ea:b7:69:f6:e9:8c:c9:57:e0:60:12:1a:
b6:ee:db:05:a1:0e:08:3b:4e:3f:10:f4:db:c9:3b:a1:60:71:
fa:b4:58:4a:a0:4c:df:aa:70:8a:4b:a4:48:5c:7e:13:b3:e8:
e5:2b:8a:94:6e:ac:43:94:45:a6:e9:eb:6d:89:f6:1c:28:30:
8b:73:63:2d:cd:cb:9c:06:40:50:56:ec:52:1c:f4:78:2e:e9:
84:3a:21:fb:d5:79:7d:e5:d4:10:ee:10:7c:c1:b4:ab:25:fc:
b1:d7:63:6f:64:cd:04:0f:14:8f:68:d1:9a:de:db:a5:24:00:
23:a9:4e:4a:08:28:2c:1c:7f:82:8e:c9:f2:d6:56:95:62:03:
f8:7d:f6:86:5e:26:fd:15:f1:60:7c:e5:17:70:15:5d:08:df:
5a:b4:75:ff:13:f2:99:a3:7b:77:2c:cc:05:68:28:e4:69:5a:
77:80:81:a0:ab:99:55:bc:75:f3:3e:9e:dc:6e:a4:11:28:55:
f9:24:3d:f9:5f:5a:c1:e0:af:11:31:be:81:34:49:b8:fb:ba:
fd:15:88:b6:5f:67:e9:30:c1:c1:54:af:7d:52:87:fa:d9:c8:
fd:87:60:df:3a:db:9a:27:66:2a:86:b4:9a:af:59:47:74:ad:
58:7f:a8:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbC/SEm2mycMBr7Joj5qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDEyYTE4OTJhZGI2YWQxNmY2MjZiYThlYjI5OWU1NzExYjBhZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodBP8d0cflx4+65IB2fT7f1m8Vyf
CAhOSWokRR+Fh9zFGyWCnd61QiqY5vRiXgEiL5KCgQRh4I2Lv8GJgL7KESI2HHlO
4sXA3B3h3sgo95BKS25raxCZPD2EoXMKpMC5XzYFFn4dImwMPVrd637BlwI66xMK
RF5MerhwZF0tPEDT4U39UdAPirp4FK6iSxDA85wq2nGqWv1PE1otvq6euOkYA3+d
M18x+jt7NZIPvaHZ3/4X1NrmHI0+VZV2MwSdo50CZkEHjz7U+Lwe/Gj4yqVnWTje
W2QD+q91VeXIEQ3yFqCl18mRZrahIJV33dqYVjzk4+W30zTXhqjGcQTKJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0SoYkq22rRb2JrqOspnlcRsK1xMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvclJLaGlTcmJhdEZ2WW11bzZ5bWVWeEd3clhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJnMA0G
CSqGSIb3DQEBCwUAA4IBAQDlnsenizTqt2n26YzJV+BgEhq27tsFoQ4IO04/EPTb
yTuhYHH6tFhKoEzfqnCKS6RIXH4Ts+jlK4qUbqxDlEWm6ettifYcKDCLc2Mtzcuc
BkBQVuxSHPR4LumEOiH71Xl95dQQ7hB8wbSrJfyx12NvZM0EDxSPaNGa3tulJAAj
qU5KCCgsHH+Cjsny1laVYgP4ffaGXib9FfFgfOUXcBVdCN9atHX/E/KZo3t3LMwF
aCjkaVp3gIGgq5lVvHXzPp7cbqQRKFX5JD35X1rB4K8RMb6BNEm4+7r9FYi2X2fp
MMHBVK99Uof62cj9h2DfOtuaJ2YqhrSar1lHdK1Yf6iU
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:33:58 2025 by rpki-client