Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cqYNz36-MmxBh38Y300m3OVkGXs.roa
File: cqYNz36-MmxBh38Y300m3OVkGXs.roa (raw, json)
Hash identifier: JEBrnVYrALjO0yKRvoMvNrBrNp4qiLYFU9Afon1eMZQ=
Subject key identifier: 72:A6:0D:CF:7E:BE:32:6C:41:87:7F:18:DF:4D:26:DC:E5:64:19:7B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B24A0962DD3AA48FF26DB9669CAC63
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cqYNz36-MmxBh38Y300m3OVkGXs.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209043
IP address blocks: 5.180.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4a:09:62:dd:3a:a4:8f:f2:6d:b9:66:9c:ac:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a60dcf7ebe326c41877f18df4d26dce564197b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:6e:01:ea:eb:11:c6:a5:15:9d:5e:4c:ba:
dc:fd:03:a7:9e:f6:3d:c1:d4:91:89:96:1b:b1:86:
0e:89:ab:0f:49:d8:8b:76:33:62:2e:67:78:0e:37:
c3:25:30:1b:00:0c:b0:69:8d:4c:1b:d4:3f:0d:2d:
4b:77:f2:d4:c5:c4:b0:ff:89:5d:2c:cf:54:86:62:
98:53:58:ec:47:54:40:65:f0:0f:63:0c:ef:fd:5c:
5d:19:63:b0:e4:3a:45:11:15:5f:58:84:4f:65:52:
5d:6c:e9:6b:7c:06:d2:73:96:8b:2e:1f:d2:e3:df:
93:81:c2:d4:42:6b:15:4f:6d:86:b9:3b:0b:a2:8d:
da:ee:80:2c:2b:68:18:5f:d7:d5:75:ed:1f:77:7f:
94:45:50:02:45:5e:ab:b3:04:1f:17:50:3c:67:24:
79:ca:78:18:43:46:f4:dc:4d:f7:0e:ea:05:4f:05:
0b:9f:48:e8:b2:1a:e7:4e:d6:7b:ad:4d:bb:40:42:
26:b1:55:cd:f5:b7:32:d9:d2:a1:3c:c0:f5:14:2c:
4b:9d:de:95:fc:8f:35:51:fc:b3:12:a4:d6:c4:f1:
7f:75:7e:45:a6:8c:41:3f:9e:67:89:a9:d4:80:0c:
d6:c3:d9:05:a4:e9:cf:06:f4:c1:92:0b:40:8b:45:
9c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A6:0D:CF:7E:BE:32:6C:41:87:7F:18:DF:4D:26:DC:E5:64:19:7B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cqYNz36-MmxBh38Y300m3OVkGXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.235.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ac:bb:d4:64:a6:5d:82:9f:f2:bb:a4:b9:e1:6c:cd:54:47:
61:84:fb:ae:5b:0d:41:a9:30:8d:dc:2d:ef:c8:ab:77:88:34:
a7:7a:cd:0e:ce:12:fb:54:ff:ca:fa:58:61:7b:08:7b:45:c0:
4b:90:d7:6c:e0:9d:97:aa:cc:3d:b7:94:b0:c6:a2:45:05:98:
89:ae:83:4f:01:12:3b:c7:4f:b0:65:39:83:ff:55:2d:c4:1b:
d7:42:44:74:19:e5:44:79:b7:84:7e:ef:54:db:0a:cb:b2:4b:
1f:11:db:8f:c9:63:83:cc:d4:79:29:a5:a9:2c:a9:34:af:17:
ab:98:89:bf:6c:08:f7:26:c5:23:ac:9f:06:46:19:fd:56:ec:
9c:1e:b4:dd:f2:19:11:e2:af:a4:57:dd:71:3d:45:39:2a:8e:
ea:7e:47:78:bd:4d:c1:10:24:93:f0:16:e9:63:4c:0f:54:20:
98:5e:6d:b9:70:32:22:00:07:a6:5e:f3:0e:50:19:11:bb:e9:
aa:a5:fa:49:ef:d8:55:70:8a:c6:b0:b6:7b:14:b1:fa:a6:e5:
f5:f0:a2:e5:1b:e0:61:6f:4a:d1:c2:0c:2b:b5:ad:cf:44:5c:
fc:7c:f2:12:3d:1f:9a:9e:2a:55:d5:7c:29:81:df:3e:e0:95:
b5:2a:be:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskoJYt06pI/ybblmnKxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE2MGRjZjdlYmUzMjZjNDE4NzdmMThkZjRkMjZkY2U1NjQxOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5duAerrEcalFZ1eTLrc/QOnnvY9
wdSRiZYbsYYOiasPSdiLdjNiLmd4DjfDJTAbAAywaY1MG9Q/DS1Ld/LUxcSw/4ld
LM9UhmKYU1jsR1RAZfAPYwzv/VxdGWOw5DpFERVfWIRPZVJdbOlrfAbSc5aLLh/S
49+TgcLUQmsVT22GuTsLoo3a7oAsK2gYX9fVde0fd3+URVACRV6rswQfF1A8ZyR5
yngYQ0b03E33DuoFTwULn0joshrnTtZ7rU27QEImsVXN9bcy2dKhPMD1FCxLnd6V
/I81UfyzEqTWxPF/dX5FpoxBP55nianUgAzWw9kFpOnPBvTBkgtAi0WcOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKmDc9+vjJsQYd/GN9NJtzlZBl7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvY3FZTnozNi1NbXhCaDM4WTMwMG0zT1ZrR1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbTrMA0G
CSqGSIb3DQEBCwUAA4IBAQAerLvUZKZdgp/yu6S54WzNVEdhhPuuWw1BqTCN3C3v
yKt3iDSnes0OzhL7VP/K+lhhewh7RcBLkNds4J2Xqsw9t5SwxqJFBZiJroNPARI7
x0+wZTmD/1UtxBvXQkR0GeVEebeEfu9U2wrLsksfEduPyWODzNR5KaWpLKk0rxer
mIm/bAj3JsUjrJ8GRhn9VuycHrTd8hkR4q+kV91xPUU5Ko7qfkd4vU3BECST8Bbp
Y0wPVCCYXm25cDIiAAemXvMOUBkRu+mqpfpJ79hVcIrGsLZ7FLH6puX18KLlG+Bh
b0rRwgwrta3PRFz8fPISPR+anipV1Xwpgd8+4JW1Kr5y
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:15:03 2025 by rpki-client