Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/AKlZz_H_FOBrvpUG1MYYy4SvRbQ.roa
File: AKlZz_H_FOBrvpUG1MYYy4SvRbQ.roa (raw, json)
Hash identifier: D2Jd18uk0dyIsersnMWt/4beoRKn1h5wpWxr/6dz56E=
Subject key identifier: 00:A9:59:CF:F1:FF:14:E0:6B:BE:95:06:D4:C6:18:CB:84:AF:45:B4
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019427B3DAFDA511D0FCA33DE9781FDEE78C
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/AKlZz_H_FOBrvpUG1MYYy4SvRbQ.roa
Signing time: Thu 02 Jan 2025 15:48:05 +0000
ROA not before: Thu 02 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29884
IP address blocks: 57.250.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:da:fd:a5:11:d0:fc:a3:3d:e9:78:1f:de:e7:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00a959cff1ff14e06bbe9506d4c618cb84af45b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:fb:27:8f:a6:4f:67:59:32:9f:1d:86:0e:
a2:ef:f1:b3:81:c7:42:d5:bc:1b:5f:f5:ec:2b:a9:
28:32:0e:bf:8c:9d:23:74:6d:c8:df:e2:58:b9:f1:
76:71:e2:26:c8:9f:ba:fe:c4:a8:50:51:8c:13:4f:
21:fb:1e:c2:1c:8f:61:90:6a:12:b9:4d:6b:84:25:
1d:c5:2b:a9:66:fc:f5:0e:b9:c9:a7:fd:c3:04:ca:
97:06:2a:10:57:36:93:b0:96:78:f6:32:31:d0:81:
5d:6f:fc:a1:08:1c:b3:98:61:05:1e:01:7e:5a:6e:
3f:ac:61:8a:dd:71:f3:c8:47:5b:d6:4f:b1:78:19:
35:e2:33:33:09:ea:ff:15:72:13:c9:14:08:fe:dc:
6e:1e:03:a3:e2:3b:9c:f4:01:c5:68:1d:ed:11:d3:
b4:eb:de:90:82:0a:b5:81:bb:4a:f7:b8:e9:27:9b:
10:7f:07:11:9b:29:05:2b:f6:b4:83:87:18:b2:4e:
58:3e:ae:11:d8:7b:db:7a:4a:b3:98:a0:85:6d:fd:
b3:87:14:7d:14:95:77:b7:d8:e5:6a:c0:15:9d:03:
df:94:84:2f:e6:70:b6:58:04:e8:2c:3c:57:6f:20:
f9:fb:fb:80:f7:23:cb:31:8c:a4:05:43:de:72:9e:
8b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A9:59:CF:F1:FF:14:E0:6B:BE:95:06:D4:C6:18:CB:84:AF:45:B4
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/AKlZz_H_FOBrvpUG1MYYy4SvRbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.56.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f7:45:39:39:9e:bf:86:91:4e:da:8f:e0:73:af:8a:76:11:
7c:49:b0:1d:71:21:41:8d:a1:b8:48:3e:27:4b:2d:00:1f:72:
29:f7:10:ee:9c:61:e6:37:0e:e4:ba:33:6a:41:77:32:87:6e:
ba:20:fb:52:29:79:9c:a1:c4:c2:2e:eb:dc:c6:de:72:a3:e6:
54:60:0e:79:18:bd:8c:11:9a:82:f7:a2:9f:ba:2e:0d:60:bb:
46:1c:7d:1f:98:5f:9b:be:f2:7f:e8:19:d5:73:c9:52:40:da:
f9:1a:44:66:06:bf:a5:ca:f1:aa:d8:90:fc:0e:7c:01:7d:03:
55:c6:a2:25:32:61:72:1e:80:a4:e7:b7:85:c6:fb:bb:55:ef:
6e:f4:7e:88:8c:b3:d6:9b:fa:ee:42:db:60:54:e5:ac:8a:ab:
21:48:a9:fc:87:14:74:c6:0e:59:62:52:8b:98:5f:a5:a9:2f:
99:2e:7d:de:05:c6:52:d0:03:7c:97:36:fd:87:f6:e4:69:54:
be:b4:67:db:89:5b:ce:e7:52:0e:f2:8a:e8:7c:f7:c6:11:11:
fd:01:f5:2b:ee:50:13:9a:db:56:8e:f5:0b:4b:1d:82:8b:2d:
1e:8a:7a:0d:89:af:e7:1a:dd:7a:26:f1:ed:0e:94:05:6c:4e:
27:ec:35:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns9r9pRHQ/KM96Xgf3ueMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwMTAyMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGE5NTljZmYxZmYxNGUwNmJiZTk1MDZkNGM2MThjYjg0YWY0NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqv7J4+mT2dZMp8dhg6i7/GzgcdC
1bwbX/XsK6koMg6/jJ0jdG3I3+JYufF2ceImyJ+6/sSoUFGME08h+x7CHI9hkGoS
uU1rhCUdxSupZvz1DrnJp/3DBMqXBioQVzaTsJZ49jIx0IFdb/yhCByzmGEFHgF+
Wm4/rGGK3XHzyEdb1k+xeBk14jMzCer/FXITyRQI/txuHgOj4juc9AHFaB3tEdO0
696Qggq1gbtK97jpJ5sQfwcRmykFK/a0g4cYsk5YPq4R2HvbekqzmKCFbf2zhxR9
FJV3t9jlasAVnQPflIQv5nC2WAToLDxXbyD5+/uA9yPLMYykBUPecp6LfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACpWc/x/xTga76VBtTGGMuEr0W0MB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvQUtsWnpfSF9GT0JydnBVRzFNWVl5NFN2UmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOfo4MA0G
CSqGSIb3DQEBCwUAA4IBAQC290U5OZ6/hpFO2o/gc6+KdhF8SbAdcSFBjaG4SD4n
Sy0AH3Ip9xDunGHmNw7kujNqQXcyh266IPtSKXmcocTCLuvcxt5yo+ZUYA55GL2M
EZqC96Kfui4NYLtGHH0fmF+bvvJ/6BnVc8lSQNr5GkRmBr+lyvGq2JD8DnwBfQNV
xqIlMmFyHoCk57eFxvu7Ve9u9H6IjLPWm/ruQttgVOWsiqshSKn8hxR0xg5ZYlKL
mF+lqS+ZLn3eBcZS0AN8lzb9h/bkaVS+tGfbiVvO51IO8orofPfGERH9AfUr7lAT
mttWjvULSx2Ciy0einoNia/nGt16JvHtDpQFbE4n7DVD
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:15:28 2025 by rpki-client