Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1cBjbhQO7ncLuCJPPP3ax-BP1rc.roa
File: 1cBjbhQO7ncLuCJPPP3ax-BP1rc.roa (raw, json)
Hash identifier: Jy5kekjzCQxDaa0ItIoXnMNYM41DXr2Kna+F8NZUTeI=
Subject key identifier: D5:C0:63:6E:14:0E:EE:77:0B:B8:22:4F:3C:FD:DA:C7:E0:4F:D6:B7
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019422FC450B97237C25699D6A374DBE0558
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1cBjbhQO7ncLuCJPPP3ax-BP1rc.roa
Signing time: Wed 01 Jan 2025 17:49:05 +0000
ROA not before: Wed 01 Jan 2025 17:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61424
IP address blocks: 5.252.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:45:0b:97:23:7c:25:69:9d:6a:37:4d:be:05:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 1 17:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5c0636e140eee770bb8224f3cfddac7e04fd6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:62:e6:db:a4:2f:1e:6e:01:2b:69:41:5d:
81:e9:45:a9:ff:19:1d:67:ab:95:ba:f9:2b:5e:f4:
ce:09:bb:f3:b2:9c:1f:b0:ae:e9:99:24:dc:73:a3:
ac:a3:2d:dd:8c:78:f6:ca:cc:5d:ab:1a:80:eb:de:
c1:41:7a:8c:1c:c1:16:5e:8e:a7:98:47:aa:5f:65:
02:25:4e:2d:7e:5a:2d:b6:f4:f1:0a:2c:cb:9c:95:
8a:28:0d:69:66:80:dc:03:fa:0c:0d:57:0a:f2:bc:
66:02:bc:60:0c:bc:6c:80:47:38:2b:29:36:9f:49:
2f:6f:33:05:9f:4b:68:f0:fe:71:7e:b8:7b:89:44:
b1:ca:f4:dd:70:9d:a2:0b:11:0f:d3:d3:30:00:20:
bc:ea:dc:f1:1c:9d:4c:b0:0d:15:c8:65:6e:3a:5f:
b3:69:cd:ab:0e:38:9c:bc:8c:6b:b4:d2:d5:8b:3e:
28:4b:72:01:ba:f6:19:e9:49:91:f9:bb:d9:1b:cd:
ac:aa:d5:f3:28:8e:8c:b1:9b:5c:72:7a:49:99:ec:
a0:a8:cc:c5:c8:15:8b:29:e3:7e:cc:6f:74:30:4c:
8c:1e:a9:76:6b:0d:99:07:c2:cb:3c:99:18:43:aa:
74:c2:7c:bb:f3:fa:e8:62:93:7c:a2:a7:0c:63:fe:
92:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C0:63:6E:14:0E:EE:77:0B:B8:22:4F:3C:FD:DA:C7:E0:4F:D6:B7
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1cBjbhQO7ncLuCJPPP3ax-BP1rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.23.0/24
Signature Algorithm: sha256WithRSAEncryption
18:de:90:14:4d:ab:40:23:6f:09:db:02:9e:7e:2b:77:04:f2:
64:35:e1:5c:21:f7:1b:3a:73:77:c6:75:e1:01:60:2c:a1:04:
db:75:09:0b:d7:5b:ed:05:6c:46:42:48:d8:0e:9b:00:06:4f:
34:5e:99:52:3a:40:83:13:96:26:94:f4:fb:d8:66:d6:f2:1c:
2b:ec:06:1f:d1:d4:83:e5:90:f8:9b:ba:37:ef:bf:0d:2c:66:
ac:10:57:b1:73:83:22:4f:f5:80:81:4a:e9:93:7c:e8:3a:49:
ce:12:21:15:c7:f8:fe:bf:71:61:39:e7:ce:f1:bb:d3:62:95:
d2:a1:2f:11:2d:4c:b0:af:63:b4:a1:5c:af:69:4f:6b:b7:2a:
fd:b2:ce:e4:f6:e4:b9:c7:b2:ad:05:91:92:e6:ff:9e:b0:e9:
b9:7c:1d:ab:e2:d7:f6:fc:98:99:1e:d6:c1:f0:77:ef:99:e3:
d3:14:56:c9:7a:fa:de:83:af:87:e8:6e:f2:4d:6c:58:5b:69:
75:d2:01:7a:ac:6d:58:eb:6f:38:9b:d6:be:9a:20:0e:fb:23:
22:ba:f7:ad:3e:d5:a9:b3:be:4a:cb:6e:d9:1d:7e:ec:17:08:
45:92:b8:07:e6:6f:51:a7:5c:52:f3:2e:4e:f7:5b:a3:55:fc:
ae:12:57:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/EULlyN8JWmdajdNvgVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUwMTAxMTc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMwNjM2ZTE0MGVlZTc3MGJiODIyNGYzY2ZkZGFjN2UwNGZkNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Ji5tukLx5uAStpQV2B6UWp/xkd
Z6uVuvkrXvTOCbvzspwfsK7pmSTcc6Osoy3djHj2ysxdqxqA697BQXqMHMEWXo6n
mEeqX2UCJU4tflottvTxCizLnJWKKA1pZoDcA/oMDVcK8rxmArxgDLxsgEc4Kyk2
n0kvbzMFn0to8P5xfrh7iUSxyvTdcJ2iCxEP09MwACC86tzxHJ1MsA0VyGVuOl+z
ac2rDjicvIxrtNLViz4oS3IBuvYZ6UmR+bvZG82sqtXzKI6MsZtccnpJmeygqMzF
yBWLKeN+zG90MEyMHql2aw2ZB8LLPJkYQ6p0wny78/roYpN8oqcMY/6S/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXAY24UDu53C7giTzz92sfgT9a3MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvMWNCamJoUU83bmNMdUNKUFBQM2F4LUJQMXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfwXMA0G
CSqGSIb3DQEBCwUAA4IBAQAY3pAUTatAI28J2wKefit3BPJkNeFcIfcbOnN3xnXh
AWAsoQTbdQkL11vtBWxGQkjYDpsABk80XplSOkCDE5YmlPT72GbW8hwr7AYf0dSD
5ZD4m7o3778NLGasEFexc4MiT/WAgUrpk3zoOknOEiEVx/j+v3FhOefO8bvTYpXS
oS8RLUywr2O0oVyvaU9rtyr9ss7k9uS5x7KtBZGS5v+esOm5fB2r4tf2/JiZHtbB
8HfvmePTFFbJevreg6+H6G7yTWxYW2l10gF6rG1Y6284m9a+miAO+yMiuvetPtWp
s75Ky27ZHX7sFwhFkrgH5m9Rp1xS8y5O91ujVfyuElcF
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:26:41 2025 by rpki-client