Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/o0ZwaYj89qD05J13n0pZ23X4IIA.roa
File: o0ZwaYj89qD05J13n0pZ23X4IIA.roa (raw, json)
Hash identifier: Y8iKBwsONnOxQpFezT8Qy8hc9RHNcwVnuvC+XOuLtNY=
Subject key identifier: A3:46:70:69:88:FC:F6:A0:F4:E4:9D:77:9F:4A:59:DB:75:F8:20:80
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 01942825874AB2D53F230D48D7A282340AC6
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/o0ZwaYj89qD05J13n0pZ23X4IIA.roa
Signing time: Thu 02 Jan 2025 17:52:15 +0000
ROA not before: Thu 02 Jan 2025 17:52:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 5.180.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:87:4a:b2:d5:3f:23:0d:48:d7:a2:82:34:0a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 17:52:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a346706988fcf6a0f4e49d779f4a59db75f82080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:ac:e0:a7:73:fe:c7:ce:02:83:ef:f3:27:
92:44:70:4e:ab:06:bb:87:8b:b2:3f:22:11:d4:df:
d9:b5:e6:80:9b:45:04:d0:9f:68:51:9c:24:d3:62:
20:00:ee:a0:ee:81:b9:7b:3f:f5:8d:c6:fb:a4:1a:
55:3e:34:bf:b1:ae:31:c5:6d:b1:01:a5:da:54:26:
94:5c:dc:0d:c6:a1:9b:3b:df:90:72:c9:b1:80:a1:
cb:05:f4:f7:31:36:da:3a:7f:a6:1a:56:af:6a:1a:
1d:3c:7f:3f:f5:fd:8f:ed:a8:e2:f7:c0:78:c3:d1:
8f:58:53:fd:24:a1:dc:31:bd:8a:01:ed:66:d6:33:
ad:e8:62:3c:bb:fb:74:53:70:50:a0:42:23:88:6d:
b1:17:7d:b7:1e:54:6c:d2:19:da:1d:f9:5c:66:c6:
48:2c:c0:19:78:bf:19:da:0b:96:9e:0c:c1:f2:a7:
e7:ca:52:ee:2f:6e:a2:40:06:0f:83:ec:f8:c0:f8:
1a:76:96:8d:db:3a:a4:8b:b8:4b:a1:58:9f:f0:2f:
47:01:2c:f1:f7:bb:5f:b8:08:f9:30:1c:3a:a2:24:
5e:ec:7f:87:82:db:74:68:e0:19:a6:85:48:11:3c:
1a:68:02:bd:c6:7b:cb:7d:9c:c4:93:b6:ac:d2:16:
8d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:46:70:69:88:FC:F6:A0:F4:E4:9D:77:9F:4A:59:DB:75:F8:20:80
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/o0ZwaYj89qD05J13n0pZ23X4IIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.84.0/22
Signature Algorithm: sha256WithRSAEncryption
80:0e:4a:00:81:1e:fc:8a:0e:fe:5e:35:c7:9c:6f:82:a4:87:
d1:9c:8c:25:c4:92:e1:2b:d3:1e:eb:0e:a2:62:d2:b8:78:74:
91:0f:60:d1:ba:0d:cd:46:df:59:ec:bb:d7:50:a7:c4:8d:25:
46:e7:67:e5:e9:d7:c2:b0:e3:03:b3:6b:f3:87:03:36:93:f0:
44:f3:88:60:84:4a:1c:ac:72:eb:b1:df:7d:3f:7a:87:4e:fe:
1b:91:fa:4f:12:97:b8:ab:83:ab:6f:e6:5f:c1:04:bc:c7:3f:
f0:3f:6a:2b:82:06:04:d7:9d:06:21:df:8c:bf:67:7d:d3:33:
86:52:a0:1a:ff:fe:60:84:57:47:95:90:2a:b4:87:83:3d:f9:
ae:b8:b5:95:aa:bd:c4:87:95:83:51:f4:ed:b7:b2:25:d4:e7:
e1:02:91:ed:f4:f5:59:3e:6a:18:fe:bc:b3:df:12:6b:6b:67:
3d:17:8d:9f:ba:e4:54:16:c9:cd:3c:b1:33:35:2c:40:c0:71:
8a:4d:4e:a0:07:8e:2b:eb:ad:46:b2:cb:e7:9f:92:e5:20:e5:
b0:4a:82:3f:a0:da:2a:2f:b8:00:94:97:9c:4b:f7:1f:31:76:
a3:f6:8a:63:d6:f1:fd:a9:cd:ea:bf:19:73:64:6e:94:1c:a5:
67:c5:39:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJYdKstU/Iw1I16KCNArGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjUwMTAyMTc1MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ2NzA2OTg4ZmNmNmEwZjRlNDlkNzc5ZjRhNTlkYjc1ZjgyMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIis4Kdz/sfOAoPv8yeSRHBOqwa7
h4uyPyIR1N/ZteaAm0UE0J9oUZwk02IgAO6g7oG5ez/1jcb7pBpVPjS/sa4xxW2x
AaXaVCaUXNwNxqGbO9+QcsmxgKHLBfT3MTbaOn+mGlavahodPH8/9f2P7aji98B4
w9GPWFP9JKHcMb2KAe1m1jOt6GI8u/t0U3BQoEIjiG2xF323HlRs0hnaHflcZsZI
LMAZeL8Z2guWngzB8qfnylLuL26iQAYPg+z4wPgadpaN2zqki7hLoVif8C9HASzx
97tfuAj5MBw6oiRe7H+Hgtt0aOAZpoVIETwaaAK9xnvLfZzEk7as0haN2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNGcGmI/Pag9OSdd59KWdt1+CCAMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvbzBad2FZajg5cUQwNUoxM24wcFoyM1g0SUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbRUMA0G
CSqGSIb3DQEBCwUAA4IBAQCADkoAgR78ig7+XjXHnG+CpIfRnIwlxJLhK9Me6w6i
YtK4eHSRD2DRug3NRt9Z7LvXUKfEjSVG52fl6dfCsOMDs2vzhwM2k/BE84hghEoc
rHLrsd99P3qHTv4bkfpPEpe4q4Orb+ZfwQS8xz/wP2orggYE150GId+Mv2d90zOG
UqAa//5ghFdHlZAqtIeDPfmuuLWVqr3Eh5WDUfTtt7Il1OfhApHt9PVZPmoY/ryz
3xJra2c9F42fuuRUFsnNPLEzNSxAwHGKTU6gB44r661Gssvnn5LlIOWwSoI/oNoq
L7gAlJecS/cfMXaj9opj1vH9qc3qvxlzZG6UHKVnxTmM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:45 2025 by rpki-client