Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/5Z9zQYiQT-9bbmf1gYjYtdMqh-A.roa
File: 5Z9zQYiQT-9bbmf1gYjYtdMqh-A.roa (raw, json)
Hash identifier: dwoCL98zxAribSjy38tsgE74R02P0uk7PsgJvptX1JU=
Subject key identifier: E5:9F:73:41:88:90:4F:EF:5B:6E:67:F5:81:88:D8:B5:D3:2A:87:E0
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA503AFFD73ED06519C0B8A4E096BD
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/5Z9zQYiQT-9bbmf1gYjYtdMqh-A.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200682
IP address blocks: 84.207.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:50:3a:ff:d7:3e:d0:65:19:c0:b8:a4:e0:96:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e59f734188904fef5b6e67f58188d8b5d32a87e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:14:2d:c7:2f:ae:30:b6:50:c4:0e:34:10:
f0:c6:92:27:ff:da:55:a4:6c:10:16:1e:48:0f:30:
05:89:c3:3a:c4:a1:58:0c:44:95:66:f4:87:0b:ea:
df:64:2d:6d:11:72:83:1d:32:fd:a5:89:de:1c:9b:
86:fe:27:e5:e9:00:6e:4b:fa:1a:59:fc:86:a4:25:
96:19:9a:0b:69:63:86:bc:4b:5e:b7:ac:42:aa:97:
0e:d3:d4:cc:28:d4:a2:a8:0f:c6:d2:20:2c:de:24:
78:f8:30:a8:46:15:7c:a4:f0:97:24:a6:bc:69:ef:
d2:e4:4a:fe:62:9a:b2:7a:82:3f:58:56:e1:b9:5d:
c1:dd:5e:bb:ae:c5:79:81:cd:14:63:fe:5b:fa:ce:
4b:0e:20:9f:47:c8:49:39:c1:4d:5b:c9:ce:1c:76:
d6:59:fe:26:45:c4:38:85:55:6d:b4:ab:42:eb:fb:
70:7a:b0:0f:0b:1c:bf:e8:db:a1:f4:d2:1f:5d:13:
dc:54:04:7b:97:7c:a4:e3:53:f9:24:82:94:bc:94:
d9:a3:ad:71:ef:ba:89:1b:03:df:64:12:af:8c:e2:
28:1b:e9:50:f8:a1:6b:95:49:04:26:7a:4e:3c:76:
55:85:d4:1a:9c:8a:87:1c:2c:98:31:f5:6b:02:e9:
0d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9F:73:41:88:90:4F:EF:5B:6E:67:F5:81:88:D8:B5:D3:2A:87:E0
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/5Z9zQYiQT-9bbmf1gYjYtdMqh-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.247.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:c5:f4:f3:d1:41:85:ef:d0:36:50:29:c6:1b:c2:fd:86:a6:
50:ff:bc:89:f4:d4:15:43:75:40:59:f8:a4:86:d6:11:1f:ff:
ba:04:e2:a3:19:19:5b:a7:c3:36:22:6f:be:4d:e2:61:ee:53:
b4:34:2f:bc:c1:3f:ab:c0:27:1c:c7:8a:08:6d:d6:be:da:56:
28:fc:f5:13:a4:a6:e3:2f:bf:ab:93:7f:0c:48:58:0b:3c:c1:
2e:fa:9d:b7:8f:19:b6:a1:2f:ca:e5:50:bc:ca:48:6e:89:77:
30:3c:0c:d7:3d:09:0e:7c:52:ef:57:da:a7:fa:e5:da:a3:b5:
4f:e8:fc:c6:e9:4a:2a:73:18:9a:38:59:c0:e3:3f:1e:21:b0:
7a:d9:bf:01:9e:90:e7:ea:c9:6c:4a:d4:f1:5a:a8:e8:b2:fc:
ea:77:a9:ca:a6:ab:f7:96:cb:db:47:ae:34:7d:67:50:ab:8c:
d4:eb:7b:fc:08:16:a6:97:c5:e1:37:65:66:26:25:d7:5e:c6:
8f:93:39:b1:d0:eb:5c:32:81:06:03:c1:96:b1:a9:96:9e:34:
5d:a3:b6:9f:69:73:b5:c0:a8:db:39:c2:e6:14:b9:7f:6f:30:
a4:ba:19:65:d1:66:ee:7b:2c:0d:96:3c:b6:18:62:ac:2b:5a:
38:f5:87:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lA6/9c+0GUZwLik4Ja9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTlmNzM0MTg4OTA0ZmVmNWI2ZTY3ZjU4MTg4ZDhiNWQzMmE4N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnycULccvrjC2UMQONBDwxpIn/9pV
pGwQFh5IDzAFicM6xKFYDESVZvSHC+rfZC1tEXKDHTL9pYneHJuG/ifl6QBuS/oa
WfyGpCWWGZoLaWOGvEtet6xCqpcO09TMKNSiqA/G0iAs3iR4+DCoRhV8pPCXJKa8
ae/S5Er+YpqyeoI/WFbhuV3B3V67rsV5gc0UY/5b+s5LDiCfR8hJOcFNW8nOHHbW
Wf4mRcQ4hVVttKtC6/twerAPCxy/6Nuh9NIfXRPcVAR7l3yk41P5JIKUvJTZo61x
77qJGwPfZBKvjOIoG+lQ+KFrlUkEJnpOPHZVhdQanIqHHCyYMfVrAukNRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWfc0GIkE/vW25n9YGI2LXTKofgMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvNVo5elFZaVFULTliYm1mMWdZall0ZE1xaC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVM/3MA0G
CSqGSIb3DQEBCwUAA4IBAQCexfTz0UGF79A2UCnGG8L9hqZQ/7yJ9NQVQ3VAWfik
htYRH/+6BOKjGRlbp8M2Im++TeJh7lO0NC+8wT+rwCccx4oIbda+2lYo/PUTpKbj
L7+rk38MSFgLPMEu+p23jxm2oS/K5VC8ykhuiXcwPAzXPQkOfFLvV9qn+uXao7VP
6PzG6UoqcxiaOFnA4z8eIbB62b8BnpDn6slsStTxWqjosvzqd6nKpqv3lsvbR640
fWdQq4zU63v8CBaml8XhN2VmJiXXXsaPkzmx0OtcMoEGA8GWsamWnjRdo7afaXO1
wKjbOcLmFLl/bzCkuhll0WbueywNljy2GGKsK1o49Ycf
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:55:45 2025 by rpki-client