![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa
File: ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa (raw, json)
Hash identifier: SHKwnaRe/appNbcVWvQlAJculHJjzlHZPzKL+wqnct8=
Subject key identifier: 89:F1:2D:4A:D2:CF:78:00:3C:8C:A2:78:32:1C:69:66:FF:31:C2:ED
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C734908574891CDA799D0208D4714
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209303
IP address blocks: 5.3.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:73:49:08:57:48:91:cd:a7:99:d0:20:8d:47:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89f12d4ad2cf78003c8ca278321c6966ff31c2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cf:24:b8:df:d1:cf:4c:7a:78:b9:24:93:70:
3b:ba:39:eb:cd:23:87:58:3d:8d:ea:cb:5f:0c:81:
6d:10:ba:60:f6:2c:39:ec:f7:b1:00:29:41:06:ba:
9a:9e:bd:41:1f:aa:24:4e:64:33:b3:a7:d8:af:64:
3f:8a:72:9a:68:5b:56:62:5c:3b:d0:4b:d4:4c:7a:
a2:da:ff:50:6b:2b:88:1f:51:73:ea:38:94:b3:74:
c2:36:63:24:3a:99:74:34:8e:fe:d8:88:6d:93:d1:
41:c0:5a:f7:c2:03:6b:ba:cb:6a:32:ab:7e:f2:f7:
0f:71:ac:df:45:b3:9a:e7:ff:7f:88:58:87:f8:60:
21:89:13:8c:fc:a2:9d:8f:2b:0a:57:cf:90:17:32:
4b:bd:de:e7:e8:34:05:0f:9a:c9:02:04:a0:0b:7c:
2e:18:49:07:af:85:4b:5f:66:5f:2b:5e:2b:25:29:
2d:79:92:ca:eb:84:75:48:d8:60:08:bf:ca:24:cb:
d8:7e:0d:11:f6:af:1c:d7:eb:7d:73:26:a9:75:4b:
44:de:f3:e6:60:08:b1:71:2b:76:d8:d4:af:66:88:
03:e7:2d:4e:b7:0a:1b:d3:17:41:f1:a3:1e:e2:db:
b4:db:ac:22:c5:be:6e:9b:39:7a:de:ad:9d:70:3a:
ac:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F1:2D:4A:D2:CF:78:00:3C:8C:A2:78:32:1C:69:66:FF:31:C2:ED
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ifEtStLPeAA8jKJ4MhxpZv8xwu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.3.90.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:15:96:9c:68:c5:b2:76:bd:40:83:42:5a:4f:64:d6:2d:9e:
5d:b3:73:1b:3a:8f:11:f6:3c:8d:bf:d6:22:c2:2f:2c:dd:9a:
5d:be:f1:5a:94:b9:32:fc:9d:a9:45:33:f6:f6:6e:3d:88:7e:
d6:e6:79:dc:3f:22:b0:05:48:70:23:7f:8c:79:e7:65:8d:f5:
e5:3d:02:8b:04:f2:2d:4b:a5:d9:6f:95:9b:ee:b0:e2:5e:12:
18:a9:39:60:63:43:c0:4e:f6:a6:91:84:21:d1:90:13:b6:75:
66:d3:ca:b3:de:50:cf:8c:3d:6e:f7:a1:9c:1f:a9:f9:82:ed:
b7:d4:a2:33:b0:ab:67:bb:17:7c:50:3f:9e:7c:1a:18:e3:20:
50:c6:6f:95:12:ed:dc:97:6b:dd:da:15:f5:a4:27:5a:01:03:
68:bc:d5:4f:26:d8:14:a8:1c:5b:e3:57:84:dc:c5:37:cd:96:
ca:04:85:65:da:af:53:12:60:28:d2:e1:58:cc:3d:bb:b9:3b:
9d:98:c8:d1:4d:25:48:a6:9f:5e:6c:22:89:64:26:73:58:0e:
38:60:b6:db:a1:8e:31:fc:fa:a7:37:00:8d:b8:7f:7d:a2:34:
fa:16:5b:37:60:7f:1a:b1:bb:d5:dc:36:fd:a2:6c:5f:86:17:
3b:10:9f:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHNJCFdIkc2nmdAgjUcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWYxMmQ0YWQyY2Y3ODAwM2M4Y2EyNzgzMjFjNjk2NmZmMzFjMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs8kuN/Rz0x6eLkkk3A7ujnrzSOH
WD2N6stfDIFtELpg9iw57PexAClBBrqanr1BH6okTmQzs6fYr2Q/inKaaFtWYlw7
0EvUTHqi2v9QayuIH1Fz6jiUs3TCNmMkOpl0NI7+2Ihtk9FBwFr3wgNrustqMqt+
8vcPcazfRbOa5/9/iFiH+GAhiROM/KKdjysKV8+QFzJLvd7n6DQFD5rJAgSgC3wu
GEkHr4VLX2ZfK14rJSkteZLK64R1SNhgCL/KJMvYfg0R9q8c1+t9cyapdUtE3vPm
YAixcSt22NSvZogD5y1Otwob0xdB8aMe4tu026wixb5umzl63q2dcDqsvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInxLUrSz3gAPIyieDIcaWb/McLtMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvaWZFdFN0TFBlQUE4aktKNE1oeHBadjh4d3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQNaMA0G
CSqGSIb3DQEBCwUAA4IBAQBbFZacaMWydr1Ag0JaT2TWLZ5ds3MbOo8R9jyNv9Yi
wi8s3ZpdvvFalLky/J2pRTP29m49iH7W5nncPyKwBUhwI3+MeedljfXlPQKLBPIt
S6XZb5Wb7rDiXhIYqTlgY0PATvamkYQh0ZATtnVm08qz3lDPjD1u96GcH6n5gu23
1KIzsKtnuxd8UD+efBoY4yBQxm+VEu3cl2vd2hX1pCdaAQNovNVPJtgUqBxb41eE
3MU3zZbKBIVl2q9TEmAo0uFYzD27uTudmMjRTSVIpp9ebCKJZCZzWA44YLbboY4x
/PqnNwCNuH99ojT6Fls3YH8asbvV3Db9omxfhhc7EJ/7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:29 2025 by rpki-client