Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/da40cf-9836-482b-b7a6-c5ad16a55c5f/1/3jVXFu7sxd7Z7MS11EvasHq1q9w.roa
File: 3jVXFu7sxd7Z7MS11EvasHq1q9w.roa (raw, json)
Hash identifier: CPrvOOdN9pWoQFKrRCjpVHmzT25esYwRdYawJlikjJo=
Subject key identifier: DE:35:57:16:EE:EC:C5:DE:D9:EC:C4:B5:D4:4B:DA:B0:7A:B5:AB:DC
Certificate issuer: /CN=e4cd6e61c14e8391005a817b2722f7c4a81eb993
Certificate serial: 018CC726ACFDC24A38860F12657A8E07045D
Authority key identifier: E4:CD:6E:61:C1:4E:83:91:00:5A:81:7B:27:22:F7:C4:A8:1E:B9:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5M1uYcFOg5EAWoF7JyL3xKgeuZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/da40cf-9836-482b-b7a6-c5ad16a55c5f/1/3jVXFu7sxd7Z7MS11EvasHq1q9w.roa
Signing time: Mon 01 Jan 2024 22:30:49 +0000
ROA not before: Mon 01 Jan 2024 22:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202468
IP address blocks: 5.34.192.0/20 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ac:fd:c2:4a:38:86:0f:12:65:7a:8e:07:04:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4cd6e61c14e8391005a817b2722f7c4a81eb993
Validity
Not Before: Jan 1 22:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de355716eeecc5ded9ecc4b5d44bdab07ab5abdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e7:f9:61:9d:03:6f:03:cc:35:9c:d1:79:8b:
da:84:d6:48:ac:ae:cc:7c:71:5d:c0:e6:1c:be:5a:
fe:3e:39:e2:85:2a:2e:4e:0d:97:46:79:65:af:e7:
5f:a0:a8:60:fe:cb:ed:33:a2:41:10:c8:73:88:e5:
3e:24:7b:d1:0c:3b:78:78:eb:a2:e8:5e:6b:45:dc:
44:5b:21:0f:b1:20:dc:c2:15:0a:17:d2:1d:8e:9c:
67:27:26:9d:a0:07:ad:8c:96:be:db:8c:4a:53:ca:
c0:80:9a:17:37:d3:b9:91:9b:9c:85:c7:2d:e6:e5:
2d:f8:41:17:15:3a:da:15:b4:67:55:7e:ee:b5:07:
76:bc:c8:28:33:a7:9b:89:9a:17:8e:7b:9c:69:3b:
48:a3:29:cc:a7:70:e3:71:a0:0f:7e:a7:33:c8:1d:
f8:98:56:84:23:89:c4:d4:4b:28:f6:06:05:42:72:
c6:20:44:f2:3b:56:0b:b0:5d:e4:7e:5c:33:67:e8:
8b:a1:b8:d6:a3:8f:d0:46:97:56:6c:a7:c4:82:cc:
66:c9:4d:f8:9d:9a:d7:03:95:6e:22:0d:7e:76:8b:
b5:cb:fa:4f:0c:31:65:e9:91:da:d6:97:fb:55:6b:
07:cd:2e:da:fb:7c:f5:07:22:0c:36:57:bc:59:38:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:35:57:16:EE:EC:C5:DE:D9:EC:C4:B5:D4:4B:DA:B0:7A:B5:AB:DC
X509v3 Authority Key Identifier:
keyid:E4:CD:6E:61:C1:4E:83:91:00:5A:81:7B:27:22:F7:C4:A8:1E:B9:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5M1uYcFOg5EAWoF7JyL3xKgeuZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/da40cf-9836-482b-b7a6-c5ad16a55c5f/1/3jVXFu7sxd7Z7MS11EvasHq1q9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/da40cf-9836-482b-b7a6-c5ad16a55c5f/1/5M1uYcFOg5EAWoF7JyL3xKgeuZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.192.0/20
Signature Algorithm: sha256WithRSAEncryption
02:7f:88:7b:c7:96:d4:ce:aa:c5:45:53:05:c0:f1:23:c4:73:
c5:a6:6b:86:0b:fd:8a:ab:c7:0a:9e:5b:ef:fb:4c:1c:ce:95:
cc:58:51:22:8d:4f:70:30:c3:38:7f:84:01:0b:c0:33:42:a3:
6b:70:c6:ee:46:b6:7d:0a:7e:a5:5c:45:5b:dc:0d:bb:83:26:
71:09:e7:63:5b:8c:c8:bf:3b:b8:b6:fe:7d:f7:85:60:2e:f7:
af:ad:62:49:c9:1c:65:02:52:dd:a2:52:32:f2:8f:d6:1c:5a:
60:0c:d6:ce:5f:0d:33:f3:de:1b:d8:44:d6:6a:54:9f:af:22:
b2:88:61:34:63:97:a8:6c:cd:b7:4b:92:60:ae:38:8a:bc:ad:
7a:3c:84:3b:7c:9a:78:5d:f9:5f:47:12:41:70:48:db:d3:b8:
66:29:1f:3a:3f:4d:db:13:ea:5a:37:a3:1c:a0:90:b6:ad:65:
6a:e7:b0:2a:80:12:67:37:2f:8d:69:d7:a1:82:1d:ec:3c:77:
21:81:fb:21:71:df:5d:27:c6:54:6e:cf:1f:88:f6:4b:09:85:
61:f8:1e:e5:bc:04:c5:65:83:10:e2:a0:9f:f1:9a:ff:49:9a:
a7:57:cd:96:03:af:23:cf:ed:8c:b3:f6:f0:ce:90:72:8e:43:
58:e9:e7:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJqz9wko4hg8SZXqOBwRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2Q2ZTYxYzE0ZTgzOTEwMDVhODE3YjI3MjJmN2M0YTgx
ZWI5OTMwHhcNMjQwMTAxMjIzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM1NTcxNmVlZWNjNWRlZDllY2M0YjVkNDRiZGFiMDdhYjVhYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOf5YZ0DbwPMNZzReYvahNZIrK7M
fHFdwOYcvlr+PjnihSouTg2XRnllr+dfoKhg/svtM6JBEMhziOU+JHvRDDt4eOui
6F5rRdxEWyEPsSDcwhUKF9IdjpxnJyadoAetjJa+24xKU8rAgJoXN9O5kZuchcct
5uUt+EEXFTraFbRnVX7utQd2vMgoM6ebiZoXjnucaTtIoynMp3DjcaAPfqczyB34
mFaEI4nE1Eso9gYFQnLGIETyO1YLsF3kflwzZ+iLobjWo4/QRpdWbKfEgsxmyU34
nZrXA5VuIg1+dou1y/pPDDFl6ZHa1pf7VWsHzS7a+3z1ByIMNle8WTisDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN41Vxbu7MXe2ezEtdRL2rB6tavcMB8GA1UdIwQY
MBaAFOTNbmHBToORAFqBeyci98SoHrmTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU0xdVljRk9nNUVBV29GN0p5TDN4S2dldVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYTQwY2YtOTgzNi00ODJiLWI3YTYt
YzVhZDE2YTU1YzVmLzEvM2pWWEZ1N3N4ZDdaN01TMTFFdmFzSHExcTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYTQwY2YtOTgzNi00ODJiLWI3YTYtYzVhZDE2YTU1YzVm
LzEvNU0xdVljRk9nNUVBV29GN0p5TDN4S2dldVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBSLAMA0G
CSqGSIb3DQEBCwUAA4IBAQACf4h7x5bUzqrFRVMFwPEjxHPFpmuGC/2Kq8cKnlvv
+0wczpXMWFEijU9wMMM4f4QBC8AzQqNrcMbuRrZ9Cn6lXEVb3A27gyZxCedjW4zI
vzu4tv5994VgLvevrWJJyRxlAlLdolIy8o/WHFpgDNbOXw0z894b2ETWalSfryKy
iGE0Y5eobM23S5JgrjiKvK16PIQ7fJp4XflfRxJBcEjb07hmKR86P03bE+paN6Mc
oJC2rWVq57AqgBJnNy+Nadehgh3sPHchgfshcd9dJ8ZUbs8fiPZLCYVh+B7lvATF
ZYMQ4qCf8Zr/SZqnV82WA68jz+2Ms/bwzpByjkNY6ee9
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:08 2025 by rpki-client