Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dOs3-I7LlOl7ApaiBMJvpsKo64g.roa
File: dOs3-I7LlOl7ApaiBMJvpsKo64g.roa (raw, json)
Hash identifier: Mq3ETt/U2k2PMc5Xxx5HdJzm7h2b4YHD3DfVF1Ccs1Y=
Subject key identifier: 74:EB:37:F8:8E:CB:94:E9:7B:02:96:A2:04:C2:6F:A6:C2:A8:EB:88
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195501AFBC88DF75D9E656D5CE689CB814B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dOs3-I7LlOl7ApaiBMJvpsKo64g.roa
Signing time: Sat 01 Mar 2025 05:08:20 +0000
ROA not before: Sat 01 Mar 2025 05:08:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213519
IP address blocks: 5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:50:1a:fb:c8:8d:f7:5d:9e:65:6d:5c:e6:89:cb:81:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 1 05:08:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74eb37f88ecb94e97b0296a204c26fa6c2a8eb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:61:c8:c0:a8:2c:10:fc:0c:cf:c8:01:db:43:
4f:08:0c:10:28:2b:9d:11:86:cb:0c:0a:88:0d:cd:
a8:f4:b1:ec:e1:b2:be:1a:56:af:96:2a:71:35:9f:
2d:26:94:d6:02:35:36:d5:ab:38:94:d9:34:04:70:
f5:d6:6e:3c:26:d8:df:1d:2d:63:be:44:26:c1:f1:
17:62:cd:50:e0:93:ed:c2:6c:76:3b:55:fc:77:d7:
c6:25:a3:45:52:f2:4b:6a:c5:4e:66:84:fd:7b:2e:
da:13:1b:ba:63:dc:cd:b1:a1:f5:c9:8d:f6:c6:27:
e8:14:c6:52:9a:b7:de:ae:07:2d:5b:d8:aa:b1:d3:
6e:8d:fe:3d:df:8f:09:cb:05:77:3f:8a:6c:b3:f9:
cd:55:07:78:0f:61:c2:65:f2:24:00:87:7b:42:ec:
2d:1a:e3:da:38:60:00:48:22:b2:52:74:35:bd:24:
f1:e7:ec:17:46:40:a3:74:69:30:50:e4:24:15:68:
7e:fd:96:b9:f5:47:0d:cf:fa:e7:c4:61:c2:49:86:
d0:23:b1:33:b0:0c:6b:db:c0:49:da:54:00:c9:75:
12:0b:6c:cb:af:b8:97:06:c4:21:33:f2:1b:b7:61:
29:96:f1:38:e9:34:a1:e0:5f:26:8c:fb:94:ca:3f:
86:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:EB:37:F8:8E:CB:94:E9:7B:02:96:A2:04:C2:6F:A6:C2:A8:EB:88
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dOs3-I7LlOl7ApaiBMJvpsKo64g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.237.0/24
5.175.239.0/24
5.231.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:37:a5:42:6b:62:b0:be:d7:65:15:68:86:11:6b:8d:b1:da:
0d:5a:01:88:01:80:7d:77:33:0f:17:24:8e:9e:11:d3:c6:34:
f9:43:dd:cc:c4:a4:2f:9e:2f:08:42:d4:d1:9b:15:34:cc:a4:
de:ab:4d:3f:9c:6c:42:e0:2d:94:70:64:89:a3:d2:8f:2f:fe:
d1:07:44:a6:98:73:45:d1:87:d9:c5:69:cf:32:ea:8e:27:33:
99:30:5b:15:3e:d2:ad:9e:7b:9b:6a:56:e6:d1:d2:ce:f4:2e:
00:f5:72:2a:fe:8f:6c:17:22:60:57:0b:b3:b2:ab:85:c7:3b:
cb:6b:09:48:4b:76:62:84:92:99:cb:a6:c1:c3:7d:55:b8:62:
f4:a2:27:f9:54:7e:e1:7c:8f:4f:9d:ef:82:e5:5e:16:3c:c5:
d6:2e:6c:5c:3f:3b:4b:1a:73:8a:e5:3a:d8:cc:f0:cc:a3:5d:
af:64:b2:30:91:b7:94:cf:55:76:cb:32:60:f8:68:ad:d9:ec:
44:53:e3:bd:72:2c:ff:78:2e:bc:26:3f:3c:5b:ad:64:dd:da:
43:01:54:4a:d2:01:7a:79:34:d1:b9:48:52:4a:f3:f0:13:8c:
74:84:75:d0:ef:d3:f7:01:00:ac:b6:92:79:be:35:f5:2f:db:
b4:47:62:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVQGvvIjfddnmVtXOaJy4FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzAxMDUwODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGViMzdmODhlY2I5NGU5N2IwMjk2YTIwNGMyNmZhNmMyYThlYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGHIwKgsEPwMz8gB20NPCAwQKCud
EYbLDAqIDc2o9LHs4bK+GlavlipxNZ8tJpTWAjU21as4lNk0BHD11m48JtjfHS1j
vkQmwfEXYs1Q4JPtwmx2O1X8d9fGJaNFUvJLasVOZoT9ey7aExu6Y9zNsaH1yY32
xifoFMZSmrfergctW9iqsdNujf49348JywV3P4pss/nNVQd4D2HCZfIkAId7Quwt
GuPaOGAASCKyUnQ1vSTx5+wXRkCjdGkwUOQkFWh+/Za59UcNz/rnxGHCSYbQI7Ez
sAxr28BJ2lQAyXUSC2zLr7iXBsQhM/Ibt2EplvE46TSh4F8mjPuUyj+GUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHTrN/iOy5TpewKWogTCb6bCqOuIMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZE9zMy1JN0xsT2w3QXBhaUJNSnZwc0tvNjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABa/tAwQA
Ba/vAwQABedgMA0GCSqGSIb3DQEBCwUAA4IBAQBcN6VCa2KwvtdlFWiGEWuNsdoN
WgGIAYB9dzMPFySOnhHTxjT5Q93MxKQvni8IQtTRmxU0zKTeq00/nGxC4C2UcGSJ
o9KPL/7RB0SmmHNF0YfZxWnPMuqOJzOZMFsVPtKtnnubalbm0dLO9C4A9XIq/o9s
FyJgVwuzsquFxzvLawlIS3ZihJKZy6bBw31VuGL0oif5VH7hfI9Pne+C5V4WPMXW
LmxcPztLGnOK5TrYzPDMo12vZLIwkbeUz1V2yzJg+Git2exEU+O9ciz/eC68Jj88
W61k3dpDAVRK0gF6eTTRuUhSSvPwE4x0hHXQ79P3AQCstpJ5vjX1L9u0R2KG
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:25:23 2025 by rpki-client