Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sQmMbPxlddJR59NSy8a80FdIb1E.roa
File: sQmMbPxlddJR59NSy8a80FdIb1E.roa (raw, json)
Hash identifier: dZKMSxy/gHyMbmT0l8HkZdJGIRGwwG6J4OuL8BjdORc=
Subject key identifier: B1:09:8C:6C:FC:65:75:D2:51:E7:D3:52:CB:C6:BC:D0:57:48:6F:51
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421441D0D60010E3E2AD37813F081A332
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sQmMbPxlddJR59NSy8a80FdIb1E.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397373
IP address blocks: 5.182.118.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1d:0d:60:01:0e:3e:2a:d3:78:13:f0:81:a3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1098c6cfc6575d251e7d352cbc6bcd057486f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cb:b9:50:db:f5:5e:f3:3b:27:a5:bc:b0:a1:
30:93:25:79:cb:19:ba:cc:38:8f:60:42:ec:5a:ea:
73:46:5c:a1:bd:97:07:d1:74:a9:42:ec:33:22:72:
79:88:39:9f:f1:7f:53:3c:62:1f:88:ed:f7:a1:61:
a2:f7:f8:d1:a7:c7:15:b9:59:82:12:e9:58:c3:ad:
4f:f9:11:3c:72:af:eb:3d:0b:dd:22:b7:23:2a:4c:
48:ec:8b:12:77:2d:cd:26:b0:51:55:8e:52:5a:ea:
c8:ba:1a:45:c9:91:d9:fb:4e:3e:c7:7f:7d:0b:ac:
1b:b1:65:9e:43:1b:20:24:8c:3d:f4:b0:18:b3:7c:
54:3a:93:0c:ec:2e:4a:c3:58:a9:7f:3f:a2:a9:41:
95:1d:45:f6:a4:d9:f4:2f:48:c7:b9:b9:5f:88:59:
cb:4a:60:8b:84:b9:6b:b9:97:fb:84:ed:2e:13:3f:
ba:e4:5c:d8:4a:1d:09:81:b6:5a:56:66:f2:30:a8:
d5:29:1a:bd:b0:3c:e1:66:16:e3:67:75:f4:b0:b3:
2e:73:2e:e2:a5:70:f0:db:5b:a4:5b:33:e2:58:1d:
c2:30:64:9b:81:48:e8:b5:c9:6e:d8:a8:94:16:bc:
5a:da:97:f5:d8:44:2d:99:4d:92:36:3e:21:9c:fa:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:09:8C:6C:FC:65:75:D2:51:E7:D3:52:CB:C6:BC:D0:57:48:6F:51
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sQmMbPxlddJR59NSy8a80FdIb1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.118.0/23
Signature Algorithm: sha256WithRSAEncryption
03:2a:15:c8:00:3b:45:6d:d1:b2:86:6e:d2:f6:10:00:83:05:
8e:ce:55:41:e2:9a:89:5c:7b:7a:66:82:ae:ac:05:e0:64:de:
d2:e5:e7:d8:f4:05:10:42:4b:8d:c6:1f:91:ef:30:89:0c:06:
56:92:7b:26:9f:bd:4d:5f:33:eb:3b:d6:14:b5:31:fc:5f:f4:
0f:ba:e2:10:2b:0a:89:26:5c:15:a5:74:8d:db:e0:d2:bd:21:
26:2f:d3:b0:50:a3:0b:b1:c9:92:a0:16:73:d7:b5:e9:35:62:
00:81:40:7d:ba:2e:29:cf:04:bc:31:fa:96:cf:cd:bb:92:f4:
75:b0:78:a0:b6:ec:ba:02:bb:cf:34:3a:93:50:3b:01:78:1d:
13:a1:71:07:6c:5c:8b:c8:72:fe:cc:75:fc:2a:a1:d1:4c:8d:
da:f0:94:ef:86:1c:b6:2e:cd:6e:98:ea:47:9c:ce:43:37:28:
25:75:8a:49:64:07:5a:c0:52:d9:6d:82:b8:4b:2c:a2:67:45:
ab:1a:55:36:50:dc:ec:39:b9:ec:50:22:15:a0:51:c8:e5:82:
9d:be:b3:5d:06:3b:37:a2:7a:e3:53:9c:a1:26:89:8a:f8:c9:
be:6a:ce:03:c9:dd:29:dd:11:57:7e:56:c3:3d:ca:4e:1b:26:
f0:33:b1:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRB0NYAEOPirTeBPwgaMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA5OGM2Y2ZjNjU3NWQyNTFlN2QzNTJjYmM2YmNkMDU3NDg2ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8u5UNv1XvM7J6W8sKEwkyV5yxm6
zDiPYELsWupzRlyhvZcH0XSpQuwzInJ5iDmf8X9TPGIfiO33oWGi9/jRp8cVuVmC
EulYw61P+RE8cq/rPQvdIrcjKkxI7IsSdy3NJrBRVY5SWurIuhpFyZHZ+04+x399
C6wbsWWeQxsgJIw99LAYs3xUOpMM7C5Kw1ipfz+iqUGVHUX2pNn0L0jHublfiFnL
SmCLhLlruZf7hO0uEz+65FzYSh0JgbZaVmbyMKjVKRq9sDzhZhbjZ3X0sLMucy7i
pXDw21ukWzPiWB3CMGSbgUjotclu2KiUFrxa2pf12EQtmU2SNj4hnPrIBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEJjGz8ZXXSUefTUsvGvNBXSG9RMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvc1FtTWJQeGxkZEpSNTlOU3k4YTgwRmRJYjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbZ2MA0G
CSqGSIb3DQEBCwUAA4IBAQADKhXIADtFbdGyhm7S9hAAgwWOzlVB4pqJXHt6ZoKu
rAXgZN7S5efY9AUQQkuNxh+R7zCJDAZWknsmn71NXzPrO9YUtTH8X/QPuuIQKwqJ
JlwVpXSN2+DSvSEmL9OwUKMLscmSoBZz17XpNWIAgUB9ui4pzwS8MfqWz827kvR1
sHigtuy6ArvPNDqTUDsBeB0ToXEHbFyLyHL+zHX8KqHRTI3a8JTvhhy2Ls1umOpH
nM5DNygldYpJZAdawFLZbYK4SyyiZ0WrGlU2UNzsObnsUCIVoFHI5YKdvrNdBjs3
onrjU5yhJomK+Mm+as4Dyd0p3RFXflbDPcpOGybwM7Gs
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:04 2025 by rpki-client