Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K2b4wyIOdCMKCKznzHMlfmb5dt0.roa
File: K2b4wyIOdCMKCKznzHMlfmb5dt0.roa (raw, json)
Hash identifier: UyqGmu7iqMlMAhRJokjH2TTfyvyMPqX7nExijATooDM=
Subject key identifier: 2B:66:F8:C3:22:0E:74:23:0A:08:AC:E7:CC:73:25:7E:66:F9:76:DD
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421440B45342FE0B7254C66B0BFBA05EE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K2b4wyIOdCMKCKznzHMlfmb5dt0.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60287
IP address blocks: 5.42.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0b:45:34:2f:e0:b7:25:4c:66:b0:bf:ba:05:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b66f8c3220e74230a08ace7cc73257e66f976dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:53:b8:15:c6:79:ca:8c:12:72:09:e9:21:a2:
6d:d4:95:fc:6c:19:21:70:44:97:55:c7:a5:bd:ac:
62:97:d4:61:60:6c:d4:4a:d0:fa:e5:e0:37:14:f6:
23:89:d2:74:ec:43:e5:d6:ad:c9:d9:98:3a:32:7d:
13:88:1f:4c:b1:35:9f:dc:af:fd:8f:77:fe:84:17:
89:00:b2:1b:f9:8c:27:e5:f4:9c:48:8f:bd:ef:a3:
07:e4:a6:10:e2:2a:be:25:81:11:cf:d2:ed:74:83:
71:88:10:54:45:e5:c8:64:6c:ef:5d:95:01:8b:68:
3f:c5:47:3c:0c:9d:4d:52:55:e3:f5:3d:23:da:03:
aa:00:fb:80:8f:88:18:92:ca:ef:4d:3d:53:13:00:
3a:b5:25:08:ad:d0:45:7d:a0:9a:df:4e:aa:3a:2a:
e8:e5:4f:07:1e:04:6a:e2:23:be:f8:5a:c8:9b:9d:
48:af:09:e5:a1:09:15:1d:65:c2:9c:ce:34:9f:11:
7e:fd:ce:41:5f:78:56:9e:77:73:4d:eb:17:bb:71:
6b:d2:c4:9a:8c:6f:38:4c:e4:b1:cc:47:2d:96:92:
11:bf:e8:38:9e:50:c7:1a:b9:79:52:95:da:bb:60:
ba:cb:d5:52:36:68:6d:8f:e8:bf:41:0c:49:84:3e:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:66:F8:C3:22:0E:74:23:0A:08:AC:E7:CC:73:25:7E:66:F9:76:DD
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K2b4wyIOdCMKCKznzHMlfmb5dt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.214.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ed:87:0f:69:23:52:64:b9:5f:92:1f:ea:04:3d:b3:a4:ad:
60:21:86:93:fc:62:a9:c2:3c:d3:7a:88:a3:6b:91:1c:39:3f:
c0:59:9f:b7:7a:a2:c7:fb:13:50:e9:39:db:39:44:90:93:e4:
35:4e:66:a0:40:a4:3b:25:ed:06:30:98:80:a8:97:67:3f:59:
2c:42:13:47:5e:06:f2:c7:60:87:90:04:cd:1a:09:10:17:08:
83:a1:ce:57:74:39:74:7a:52:06:42:aa:e0:1b:82:43:d8:1a:
aa:0f:7d:f9:03:eb:06:ee:ae:08:64:e4:ce:0a:66:05:9f:e1:
8a:79:28:9a:a3:04:59:cd:2b:3f:d6:17:fe:1c:67:fd:c8:5d:
77:a1:6a:95:62:59:de:f9:50:7f:2d:50:1e:0d:21:ac:00:bd:
35:cf:81:26:2c:4e:8c:87:61:ff:44:0d:1c:2b:9c:f2:93:c0:
bc:99:e4:9e:86:9d:a4:8e:a4:45:b6:c4:6c:e0:69:13:64:8d:
6f:6e:84:2b:07:2e:01:57:84:5a:c0:22:96:39:dd:e0:9b:67:
f6:b6:7a:ea:14:03:44:39:40:d9:38:6b:32:5d:4a:43:b4:c8:
12:09:33:c7:f1:f9:2f:69:92:06:3d:77:5c:f8:e3:73:1d:61:
cf:be:d1:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAtFNC/gtyVMZrC/ugXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY2ZjhjMzIyMGU3NDIzMGEwOGFjZTdjYzczMjU3ZTY2Zjk3NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1O4FcZ5yowScgnpIaJt1JX8bBkh
cESXVcelvaxil9RhYGzUStD65eA3FPYjidJ07EPl1q3J2Zg6Mn0TiB9MsTWf3K/9
j3f+hBeJALIb+Ywn5fScSI+976MH5KYQ4iq+JYERz9LtdINxiBBUReXIZGzvXZUB
i2g/xUc8DJ1NUlXj9T0j2gOqAPuAj4gYksrvTT1TEwA6tSUIrdBFfaCa306qOiro
5U8HHgRq4iO++FrIm51IrwnloQkVHWXCnM40nxF+/c5BX3hWnndzTesXu3Fr0sSa
jG84TOSxzEctlpIRv+g4nlDHGrl5UpXau2C6y9VSNmhtj+i/QQxJhD4q2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtm+MMiDnQjCgis58xzJX5m+XbdMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSzJiNHd5SU9kQ01LQ0t6bnpITWxmbWI1ZHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrWMA0G
CSqGSIb3DQEBCwUAA4IBAQAT7YcPaSNSZLlfkh/qBD2zpK1gIYaT/GKpwjzTeoij
a5EcOT/AWZ+3eqLH+xNQ6TnbOUSQk+Q1TmagQKQ7Je0GMJiAqJdnP1ksQhNHXgby
x2CHkATNGgkQFwiDoc5XdDl0elIGQqrgG4JD2BqqD335A+sG7q4IZOTOCmYFn+GK
eSiaowRZzSs/1hf+HGf9yF13oWqVYlne+VB/LVAeDSGsAL01z4EmLE6Mh2H/RA0c
K5zyk8C8meSehp2kjqRFtsRs4GkTZI1vboQrBy4BV4RawCKWOd3gm2f2tnrqFANE
OUDZOGsyXUpDtMgSCTPH8fkvaZIGPXdc+ONzHWHPvtEL
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:53 2025 by rpki-client