Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-CQ1EYSY8AuOp5hudEhc5BlpkVA.roa
File: 1-CQ1EYSY8AuOp5hudEhc5BlpkVA.roa (raw, json)
Hash identifier: h5pY+IzWJElDq0Sdk0nkr8t9LIfP42FUUbclzeGbDHM=
Subject key identifier: F8:24:35:11:84:98:F0:0B:8E:A7:98:6E:74:48:5C:E4:19:69:91:50
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194C8A3A0CA0EE82D20AE8169D3582A7B55
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-CQ1EYSY8AuOp5hudEhc5BlpkVA.roa
Signing time: Sun 02 Feb 2025 21:49:14 +0000
ROA not before: Sun 02 Feb 2025 21:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197477
IP address blocks: 5.231.97.0/24 maxlen: 24
77.90.10.0/24 maxlen: 24
77.90.11.0/24 maxlen: 24
77.90.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:a3:a0:ca:0e:e8:2d:20:ae:81:69:d3:58:2a:7b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Feb 2 21:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f82435118498f00b8ea7986e74485ce419699150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:23:57:ac:a5:23:de:d0:ed:f3:df:bc:af:c6:
09:9f:5d:31:6a:bb:af:a9:ab:5c:34:f3:70:63:1a:
04:d5:a4:d1:1d:95:4d:80:76:81:c1:d6:08:60:76:
72:51:4c:c6:b1:39:08:1f:71:98:bd:d4:73:91:9f:
16:78:ff:9e:e6:8e:d1:b3:2d:cd:3f:ca:62:73:32:
59:8a:58:a8:67:31:52:c9:75:47:8c:0a:67:09:17:
68:1e:df:83:fe:86:be:46:e5:17:71:a7:12:2a:9e:
c1:3b:e9:1f:e7:1c:0d:e2:d5:ff:cb:6c:4a:9c:5f:
b0:de:52:51:fe:ea:ac:55:c1:cf:8d:88:6c:65:24:
e4:a6:f8:36:2f:8f:73:6d:08:de:ef:da:b8:78:a1:
c4:4a:0f:f7:9f:36:d7:26:ae:f1:f5:68:90:77:9b:
cd:12:28:d6:b2:aa:03:df:ae:42:2c:df:73:49:ba:
50:6c:28:e5:72:18:73:ec:e0:a8:73:c9:5d:bb:2e:
0e:49:f4:4b:03:07:6f:1e:9e:14:82:b1:f8:71:a8:
09:f9:92:db:1a:0e:fc:ff:dc:55:5c:2c:d2:88:d6:
2b:69:f0:a4:b8:2b:05:8c:2a:83:dd:01:e5:8b:52:
d5:2b:dc:2e:b5:01:51:3e:03:72:94:79:a4:a5:79:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:24:35:11:84:98:F0:0B:8E:A7:98:6E:74:48:5C:E4:19:69:91:50
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-CQ1EYSY8AuOp5hudEhc5BlpkVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.97.0/24
77.90.10.0/23
77.90.50.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:96:a1:77:39:b7:68:97:67:a5:56:1b:b8:cc:79:d7:71:09:
dc:67:df:e1:4a:33:32:96:50:64:32:29:ef:78:14:80:5d:37:
bc:ed:2e:f2:ba:53:b8:9b:ad:a2:5b:12:f0:3b:2f:ad:a2:a2:
5e:33:96:35:5b:74:f3:fa:db:d7:b4:3f:51:90:6a:af:24:49:
bb:49:6d:30:94:25:1f:fe:0c:7b:1d:3f:f5:47:42:dd:20:0c:
4c:d6:3f:fa:22:29:b3:2a:83:46:b0:fe:c9:4c:ab:4b:09:2a:
ed:d7:0d:0a:ec:9d:be:e7:9c:0d:33:b8:a5:ca:c6:72:b9:17:
6d:76:07:81:33:b2:19:49:02:a9:1c:83:07:21:a4:0a:46:7f:
f4:f7:80:58:4c:b6:c1:96:06:cd:f7:46:8a:93:59:37:a1:36:
3c:f9:ab:cb:67:f4:e6:42:89:be:a8:50:09:4b:0d:e7:e6:dd:
61:93:71:5a:5e:54:25:71:90:fa:1d:63:8d:36:60:41:2b:4d:
b4:71:09:44:29:09:53:2c:67:bc:c5:30:3e:9a:fa:40:51:76:
34:1f:2f:74:78:4a:a8:70:6b:6d:bc:1a:c0:32:c8:fe:f5:76:
20:2e:b5:0a:d0:f0:bb:d4:8e:fd:68:da:46:aa:8d:56:09:29:
ac:b1:38:48
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZTIo6DKDugtIK6BadNYKntVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMjAyMjE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODI0MzUxMTg0OThmMDBiOGVhNzk4NmU3NDQ4NWNlNDE5Njk5MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCNXrKUj3tDt89+8r8YJn10xaruv
qatcNPNwYxoE1aTRHZVNgHaBwdYIYHZyUUzGsTkIH3GYvdRzkZ8WeP+e5o7Rsy3N
P8piczJZilioZzFSyXVHjApnCRdoHt+D/oa+RuUXcacSKp7BO+kf5xwN4tX/y2xK
nF+w3lJR/uqsVcHPjYhsZSTkpvg2L49zbQje79q4eKHESg/3nzbXJq7x9WiQd5vN
EijWsqoD365CLN9zSbpQbCjlchhz7OCoc8lduy4OSfRLAwdvHp4UgrH4cagJ+ZLb
Gg78/9xVXCzSiNYrafCkuCsFjCqD3QHli1LVK9wutQFRPgNylHmkpXlYVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPgkNRGEmPALjqeYbnRIXOQZaZFQMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMS1DUTFFWVNZOEF1T3A1aHVkRWhjNUJscGtWQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOTY1ODM3LTUyY2ItNDZiNC1hZWRiLWUxYmQ4OGQzZmQw
Ny8xL1BtQ1hhWWFHNFZWZlVmYklnN3hhV0ZTYkkySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAXnYQME
AU1aCgMEAE1aMjANBgkqhkiG9w0BAQsFAAOCAQEATZahdzm3aJdnpVYbuMx513EJ
3Gff4UozMpZQZDIp73gUgF03vO0u8rpTuJutolsS8DsvraKiXjOWNVt08/rb17Q/
UZBqryRJu0ltMJQlH/4Mex0/9UdC3SAMTNY/+iIpsyqDRrD+yUyrSwkq7dcNCuyd
vuecDTO4pcrGcrkXbXYHgTOyGUkCqRyDByGkCkZ/9PeAWEy2wZYGzfdGipNZN6E2
PPmry2f05kKJvqhQCUsN5+bdYZNxWl5UJXGQ+h1jjTZgQStNtHEJRCkJUyxnvMUw
Ppr6QFF2NB8vdHhKqHBrbbwawDLI/vV2IC61CtDwu9SO/WjaRqqNVgkprLE4SA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:24:36 2025 by rpki-client