Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/5kFz87V3cREdddc3AsaZImesrc4.roa
File: 5kFz87V3cREdddc3AsaZImesrc4.roa (raw, json)
Hash identifier: GMf/VeYSaAQLAvigW84goiaYuSw8QRXcx94y9RzK0U8=
Subject key identifier: E6:41:73:F3:B5:77:71:11:1D:75:D7:37:02:C6:99:22:67:AC:AD:CE
Certificate issuer: /CN=0958b54bfee9896c4ada7dc18b3b7f9719da046b
Certificate serial: 01942143D7352D0BB86AF10F317F456D53DB
Authority key identifier: 09:58:B5:4B:FE:E9:89:6C:4A:DA:7D:C1:8B:3B:7F:97:19:DA:04:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVi1S_7piWxK2n3Bizt_lxnaBGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/5kFz87V3cREdddc3AsaZImesrc4.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 193.0.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d7:35:2d:0b:b8:6a:f1:0f:31:7f:45:6d:53:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0958b54bfee9896c4ada7dc18b3b7f9719da046b
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e64173f3b57771111d75d73702c6992267acadce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:93:8f:ed:07:c7:b8:6c:be:d8:de:51:4d:
a8:81:c7:02:8a:f4:a0:f5:e3:ee:f5:67:cb:01:96:
de:a7:f4:02:37:b4:6e:06:7a:80:8b:45:e4:3d:bf:
f8:81:11:c6:ca:0c:80:22:a2:dd:27:07:b8:d0:3d:
44:e8:cd:36:ef:cf:a9:50:c9:1c:32:82:cb:df:a5:
61:17:ed:ab:9f:2b:09:c6:2a:da:58:dc:4a:0d:3d:
5b:80:e8:c5:0d:6d:45:48:58:15:4d:99:fd:9b:47:
b0:e8:2a:01:19:75:dd:7f:b7:00:ea:c3:09:91:bf:
f2:7c:0b:36:80:99:4b:18:d8:f7:9b:d4:9a:1c:06:
71:93:e4:11:f6:15:81:41:73:af:0f:7c:16:4b:4a:
ed:1c:2d:d3:97:08:50:c6:f2:7b:17:db:81:85:23:
23:db:27:b3:1a:f5:79:f3:8a:d4:24:47:c3:c9:d0:
bd:be:05:f3:fb:f9:31:85:f4:60:ef:e7:8b:9d:5d:
d8:68:e9:be:f5:15:bc:1f:6e:f3:3a:52:c3:a6:7d:
de:bc:0b:3b:a7:ea:fa:2c:bf:e0:61:34:c4:06:ed:
09:a2:fb:35:3e:98:c8:2a:95:d5:32:ee:09:a4:5e:
98:2b:f7:04:7a:12:ce:62:38:84:85:bc:6f:89:39:
d3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:41:73:F3:B5:77:71:11:1D:75:D7:37:02:C6:99:22:67:AC:AD:CE
X509v3 Authority Key Identifier:
keyid:09:58:B5:4B:FE:E9:89:6C:4A:DA:7D:C1:8B:3B:7F:97:19:DA:04:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVi1S_7piWxK2n3Bizt_lxnaBGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/5kFz87V3cREdddc3AsaZImesrc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/CVi1S_7piWxK2n3Bizt_lxnaBGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.237.0/24
Signature Algorithm: sha256WithRSAEncryption
90:32:b6:9d:8b:ae:c3:ac:08:13:c8:55:92:42:29:c1:c9:22:
3d:36:02:6c:2f:6d:69:28:91:ec:e3:75:10:0a:fc:bb:fb:5d:
97:11:83:11:4e:1e:82:75:3d:7c:16:e3:23:5c:bf:4f:30:5a:
a4:99:99:24:ef:b9:e5:93:7a:8b:cf:90:6e:34:1d:91:99:18:
4f:e5:1a:46:bb:3f:5f:d7:e1:df:2b:f3:77:52:95:82:17:ad:
74:2a:64:e1:1c:aa:65:23:06:7d:fb:17:97:3c:00:af:f9:b0:
63:03:f2:6d:5d:8c:f5:e0:12:aa:90:33:55:2e:d8:04:6d:82:
71:57:72:56:43:a8:cc:38:5c:d2:7f:9d:8c:89:e4:9e:84:8f:
72:8f:38:06:0d:9a:47:90:f8:1a:ff:22:a8:8f:80:ee:80:14:
79:fb:03:5a:8d:0f:9d:4a:cf:75:56:de:5f:72:cd:66:d9:88:
64:9b:ab:34:b1:06:c1:0b:54:3d:a0:9e:3d:4a:e6:f8:ee:08:
fa:58:9a:6c:97:84:ad:26:fe:6d:2a:2c:05:e4:c9:d7:8a:5b:
56:33:40:d2:aa:38:9b:49:6c:df:7b:3c:01:75:d9:20:60:25:
8b:b9:2e:73:35:e0:e0:56:b8:de:7c:9c:1f:c8:ca:d5:b5:db:
47:d5:66:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ9c1LQu4avEPMX9FbVPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NThiNTRiZmVlOTg5NmM0YWRhN2RjMThiM2I3Zjk3MTlk
YTA0NmIwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQxNzNmM2I1Nzc3MTExMWQ3NWQ3MzcwMmM2OTkyMjY3YWNhZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G6Tj+0Hx7hsvtjeUU2ogccCivSg
9ePu9WfLAZbep/QCN7RuBnqAi0XkPb/4gRHGygyAIqLdJwe40D1E6M0278+pUMkc
MoLL36VhF+2rnysJxiraWNxKDT1bgOjFDW1FSFgVTZn9m0ew6CoBGXXdf7cA6sMJ
kb/yfAs2gJlLGNj3m9SaHAZxk+QR9hWBQXOvD3wWS0rtHC3TlwhQxvJ7F9uBhSMj
2yezGvV584rUJEfDydC9vgXz+/kxhfRg7+eLnV3YaOm+9RW8H27zOlLDpn3evAs7
p+r6LL/gYTTEBu0Jovs1PpjIKpXVMu4JpF6YK/cEehLOYjiEhbxviTnTBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZBc/O1d3ERHXXXNwLGmSJnrK3OMB8GA1UdIwQY
MBaAFAlYtUv+6YlsStp9wYs7f5cZ2gRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZpMVNfN3BpV3hLMm4zQml6dF9seG5hQkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hNjBmODYtOGI5NC00MTBhLWJmZDEt
ZmY0YzcxODMwMjRmLzEvNWtGejg3VjNjUkVkZGRjM0FzYVpJbWVzcmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hNjBmODYtOGI5NC00MTBhLWJmZDEtZmY0YzcxODMwMjRm
LzEvQ1ZpMVNfN3BpV3hLMm4zQml6dF9seG5hQkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQDtMA0G
CSqGSIb3DQEBCwUAA4IBAQCQMradi67DrAgTyFWSQinBySI9NgJsL21pKJHs43UQ
Cvy7+12XEYMRTh6CdT18FuMjXL9PMFqkmZkk77nlk3qLz5BuNB2RmRhP5RpGuz9f
1+HfK/N3UpWCF610KmThHKplIwZ9+xeXPACv+bBjA/JtXYz14BKqkDNVLtgEbYJx
V3JWQ6jMOFzSf52MieSehI9yjzgGDZpHkPga/yKoj4DugBR5+wNajQ+dSs91Vt5f
cs1m2Yhkm6s0sQbBC1Q9oJ49Sub47gj6WJpsl4StJv5tKiwF5MnXiltWM0DSqjib
SWzfezwBddkgYCWLuS5zNeDgVrjefJwfyMrVtdtH1Wb9
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:25 2025 by rpki-client