Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/v7J0SuAlQFdaHot7td83uoznPPo.roa
File: v7J0SuAlQFdaHot7td83uoznPPo.roa (raw, json)
Hash identifier: Ag0K9C9c2TlJAt8MNSulsrKBKAnHlI2lTalhgszhcOc=
Subject key identifier: BF:B2:74:4A:E0:25:40:57:5A:1E:8B:7B:B5:DF:37:BA:8C:E7:3C:FA
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 01954149B09379EC0DE0AAA193C886D4B467
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/v7J0SuAlQFdaHot7td83uoznPPo.roa
Signing time: Wed 26 Feb 2025 08:05:02 +0000
ROA not before: Wed 26 Feb 2025 08:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209604
IP address blocks: 5.144.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:49:b0:93:79:ec:0d:e0:aa:a1:93:c8:86:d4:b4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Feb 26 08:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfb2744ae02540575a1e8b7bb5df37ba8ce73cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:75:ee:f9:05:bc:ed:18:55:f5:79:26:ff:
c4:e3:af:89:c7:c2:b5:79:04:28:cc:a6:42:8d:02:
67:6d:b7:20:4b:9a:4c:1d:02:0a:20:d7:a2:e5:5f:
ff:58:18:18:e6:74:6a:96:9d:8d:77:9e:5a:48:dc:
5b:0b:6a:15:c1:6e:c6:b0:95:a8:b7:b2:6a:e8:dc:
e6:52:f1:95:38:d2:79:21:e1:b0:c8:73:f7:74:a1:
20:c2:98:f8:eb:60:69:d7:9c:e9:98:74:cd:c2:72:
26:9f:80:65:b2:83:a8:ed:ea:a3:aa:b7:a5:ef:e8:
b8:15:a3:b4:37:ab:a7:0d:1f:70:a7:ba:82:15:66:
ae:64:f1:4a:81:87:b2:da:c9:19:c7:ee:1d:a6:7c:
0f:8c:9d:c1:ff:f5:62:13:48:fb:49:19:fc:b8:40:
ce:48:81:77:7d:75:1c:02:a3:b8:1a:5c:c4:d4:a4:
09:a4:c6:ae:d1:f7:33:d0:a4:c9:95:1f:3f:c7:6b:
e8:10:a1:65:e8:37:c7:1f:09:14:e4:73:d4:99:70:
48:63:49:26:93:33:e2:5c:2f:63:66:8c:a3:8e:18:
d6:8b:f9:a7:eb:d7:69:cd:fd:9a:d9:80:dc:03:27:
79:8b:03:ad:76:1b:82:61:bb:81:2b:a1:68:ba:ec:
3d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B2:74:4A:E0:25:40:57:5A:1E:8B:7B:B5:DF:37:BA:8C:E7:3C:FA
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/v7J0SuAlQFdaHot7td83uoznPPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.177.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e7:f3:bf:e2:47:3a:93:5b:86:22:9a:1c:e6:a1:ea:84:d8:
ea:29:21:b3:42:ba:d4:7d:e7:92:0c:ec:f6:4d:9d:ac:c8:c4:
d1:e7:a0:94:2f:c8:32:63:1d:3e:21:f8:2b:d9:46:1c:00:6e:
af:92:e2:ad:5f:5e:42:fc:51:a7:96:67:55:98:ea:8e:5f:5d:
86:1c:af:ac:c2:13:1e:d4:6f:9b:55:aa:22:71:ef:b4:c7:da:
8c:9c:92:67:dd:29:03:96:1d:49:c1:02:cf:22:3f:5d:47:ae:
ac:45:b3:17:43:12:e5:45:12:6d:a1:31:73:8c:91:0a:3c:7a:
55:47:ed:42:5b:34:9a:fc:e3:bf:f8:17:73:b0:e3:5a:b1:00:
95:ea:93:5b:c7:ed:32:05:e8:76:ed:56:bd:d3:7b:84:8d:ce:
b5:b9:30:d2:8f:c0:02:22:9f:ca:02:a1:62:6a:90:a7:40:24:
ad:b4:96:9a:a5:a3:d6:fd:4c:96:be:8e:62:4d:27:3a:80:fb:
b7:f2:c9:ff:2e:da:84:3c:85:33:39:95:6c:e9:4b:5b:31:5e:
ca:98:cb:97:b3:d1:0f:1b:2a:74:17:71:1c:20:6d:f6:c4:03:
95:30:3a:cd:59:7b:9b:06:e2:99:76:f6:6e:fd:6e:9b:6b:3c:
16:8a:d1:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVBSbCTeewN4Kqhk8iG1LRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMjI2MDgwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmIyNzQ0YWUwMjU0MDU3NWExZThiN2JiNWRmMzdiYThjZTczY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc917vkFvO0YVfV5Jv/E46+Jx8K1
eQQozKZCjQJnbbcgS5pMHQIKINei5V//WBgY5nRqlp2Nd55aSNxbC2oVwW7GsJWo
t7Jq6NzmUvGVONJ5IeGwyHP3dKEgwpj462Bp15zpmHTNwnImn4BlsoOo7eqjqrel
7+i4FaO0N6unDR9wp7qCFWauZPFKgYey2skZx+4dpnwPjJ3B//ViE0j7SRn8uEDO
SIF3fXUcAqO4GlzE1KQJpMau0fcz0KTJlR8/x2voEKFl6DfHHwkU5HPUmXBIY0km
kzPiXC9jZoyjjhjWi/mn69dpzf2a2YDcAyd5iwOtdhuCYbuBK6Fouuw9lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+ydErgJUBXWh6Le7XfN7qM5zz6MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvdjdKMFN1QWxRRmRhSG90N3RkODN1b3puUFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCxMA0G
CSqGSIb3DQEBCwUAA4IBAQA+5/O/4kc6k1uGIpoc5qHqhNjqKSGzQrrUfeeSDOz2
TZ2syMTR56CUL8gyYx0+Ifgr2UYcAG6vkuKtX15C/FGnlmdVmOqOX12GHK+swhMe
1G+bVaoice+0x9qMnJJn3SkDlh1JwQLPIj9dR66sRbMXQxLlRRJtoTFzjJEKPHpV
R+1CWzSa/OO/+BdzsONasQCV6pNbx+0yBeh27Va903uEjc61uTDSj8ACIp/KAqFi
apCnQCSttJaapaPW/UyWvo5iTSc6gPu38sn/LtqEPIUzOZVs6UtbMV7KmMuXs9EP
Gyp0F3EcIG32xAOVMDrNWXubBuKZdvZu/W6bazwWitFL
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:34:03 2025 by rpki-client