Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/r1MvtzFdjoY9o2lQ_v9NAsGc6dA.roa
File: r1MvtzFdjoY9o2lQ_v9NAsGc6dA.roa (raw, json)
Hash identifier: +Nbsboy+8QB54oP/JsGumDkn0f1hZ/lh34xgCjFaMhw=
Subject key identifier: AF:53:2F:B7:31:5D:8E:86:3D:A3:69:50:FE:FF:4D:02:C1:9C:E9:D0
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019425FD4D7C2DC8BB66081F5D3E60600764
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/r1MvtzFdjoY9o2lQ_v9NAsGc6dA.roa
Signing time: Thu 02 Jan 2025 07:49:04 +0000
ROA not before: Thu 02 Jan 2025 07:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198584
IP address blocks: 5.144.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4d:7c:2d:c8:bb:66:08:1f:5d:3e:60:60:07:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jan 2 07:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af532fb7315d8e863da36950feff4d02c19ce9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0f:66:8f:c7:5f:a9:34:c3:bb:90:46:a6:29:
2a:88:93:05:b1:a8:0f:4c:b3:eb:66:09:32:fd:4c:
6c:16:90:d5:0a:8a:80:e8:10:a8:1e:a9:f9:40:19:
5e:69:61:97:1d:2e:50:43:ee:62:98:7f:fb:64:5d:
bd:d8:90:77:5d:25:3b:9c:53:ad:db:50:dd:db:a6:
be:e3:d7:ac:14:7d:e8:7e:c3:08:c5:8d:9d:af:04:
c3:b8:f4:d9:5d:07:be:29:44:ed:9f:ff:ff:ee:fc:
a5:1a:56:19:f9:d8:b0:74:2c:42:2d:41:bc:5b:5f:
fe:ce:9e:f9:ce:c9:38:e2:37:4f:04:db:a5:ab:41:
99:ab:5c:f4:9c:24:57:51:3f:ba:a7:2b:05:52:aa:
3d:3a:31:5b:41:7d:85:a1:ed:d6:45:d4:cd:37:0a:
06:28:27:b6:1b:07:10:71:f5:dc:01:6f:11:c5:40:
80:59:8e:9c:46:d1:ff:aa:29:3a:38:b5:23:a9:b8:
ad:15:1d:22:2e:7e:3d:58:cd:d2:00:0c:fc:05:3d:
d2:ca:2d:b5:12:a2:fb:40:5c:a6:4a:43:40:48:c7:
26:de:e6:54:9e:fb:76:2d:ca:1b:2b:87:e8:5c:d6:
85:7a:ee:bd:38:0f:6b:2f:51:8b:de:88:cf:a1:a7:
bd:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:53:2F:B7:31:5D:8E:86:3D:A3:69:50:FE:FF:4D:02:C1:9C:E9:D0
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/r1MvtzFdjoY9o2lQ_v9NAsGc6dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
Signature Algorithm: sha256WithRSAEncryption
41:86:7f:70:96:af:16:08:e0:fb:c7:d2:dc:ff:bf:dc:f0:d0:
20:f5:50:f2:2f:ea:1c:5f:60:97:c3:36:24:2a:26:25:68:84:
b5:6a:14:e0:3b:ba:3e:14:8a:f2:69:01:83:12:57:8d:a9:f9:
52:b0:a0:94:1b:eb:ef:4c:45:35:5b:d0:35:81:7c:d1:c3:6b:
a1:e1:12:b0:1c:21:7b:4c:f7:a9:af:95:18:66:2b:4a:ef:ac:
97:d1:96:8f:c5:4c:87:f2:e5:db:3a:94:93:d4:2b:68:f6:27:
21:6c:6f:e5:9a:44:6c:1b:75:42:6b:68:80:2a:5f:fd:98:bb:
5b:62:ba:58:18:c7:90:e3:5a:35:de:aa:ce:95:a8:6f:3b:dd:
8d:78:12:b2:19:ae:46:32:a8:e0:89:04:52:b1:aa:86:09:ad:
5a:8b:a0:6b:c3:e5:3b:06:30:8d:33:fc:d2:f1:e2:96:8d:24:
3c:b0:ac:2e:83:7b:4e:fd:d4:d1:69:82:e2:b7:0e:cd:10:6d:
66:b3:52:6c:1b:b6:67:9d:6f:28:f5:b5:bc:bd:48:51:69:ea:
d6:50:9a:21:7b:3a:f6:82:ab:97:e7:4f:1c:1a:4b:1b:05:ac:
4a:ec:19:ef:8b:55:4f:f6:43:52:be:5c:92:dd:63:9a:26:b3:
77:0c:ea:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/U18Lci7ZggfXT5gYAdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMTAyMDc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUzMmZiNzMxNWQ4ZTg2M2RhMzY5NTBmZWZmNGQwMmMxOWNlOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g9mj8dfqTTDu5BGpikqiJMFsagP
TLPrZgky/UxsFpDVCoqA6BCoHqn5QBleaWGXHS5QQ+5imH/7ZF292JB3XSU7nFOt
21Dd26a+49esFH3ofsMIxY2drwTDuPTZXQe+KUTtn///7vylGlYZ+diwdCxCLUG8
W1/+zp75zsk44jdPBNulq0GZq1z0nCRXUT+6pysFUqo9OjFbQX2Foe3WRdTNNwoG
KCe2GwcQcfXcAW8RxUCAWY6cRtH/qik6OLUjqbitFR0iLn49WM3SAAz8BT3Syi21
EqL7QFymSkNASMcm3uZUnvt2LcobK4foXNaFeu69OA9rL1GL3ojPoae9/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9TL7cxXY6GPaNpUP7/TQLBnOnQMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvcjFNdnR6RmRqb1k5bzJsUV92OU5Bc0djNmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZCbMA0G
CSqGSIb3DQEBCwUAA4IBAQBBhn9wlq8WCOD7x9Lc/7/c8NAg9VDyL+ocX2CXwzYk
KiYlaIS1ahTgO7o+FIryaQGDEleNqflSsKCUG+vvTEU1W9A1gXzRw2uh4RKwHCF7
TPepr5UYZitK76yX0ZaPxUyH8uXbOpST1Cto9ichbG/lmkRsG3VCa2iAKl/9mLtb
YrpYGMeQ41o13qrOlahvO92NeBKyGa5GMqjgiQRSsaqGCa1ai6Brw+U7BjCNM/zS
8eKWjSQ8sKwug3tO/dTRaYLitw7NEG1ms1JsG7ZnnW8o9bW8vUhRaerWUJohezr2
gquX508cGksbBaxK7Bnvi1VP9kNSvlyS3WOaJrN3DOpM
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:52 2025 by rpki-client