Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/5eyDqPyAo9Xd99AUR3yYU66V9rw.roa
File: 5eyDqPyAo9Xd99AUR3yYU66V9rw.roa (raw, json)
Hash identifier: MoYh7IaPPg0nfwmEO7sIyivg9TgZy97zyEzoB/AzKYk=
Subject key identifier: E5:EC:83:A8:FC:80:A3:D5:DD:F7:D0:14:47:7C:98:53:AE:95:F6:BC
Certificate issuer: /CN=a0251774d6d874976390a0561b766d4125efe6ec
Certificate serial: 019425222A491CF4B1981B75EB9D5622FB4C
Authority key identifier: A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/5eyDqPyAo9Xd99AUR3yYU66V9rw.roa
Signing time: Thu 02 Jan 2025 03:49:43 +0000
ROA not before: Thu 02 Jan 2025 03:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60363
IP address blocks: 185.225.152.0/24 maxlen: 24
185.225.153.0/24 maxlen: 24
2a0d:e400::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2a:49:1c:f4:b1:98:1b:75:eb:9d:56:22:fb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0251774d6d874976390a0561b766d4125efe6ec
Validity
Not Before: Jan 2 03:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5ec83a8fc80a3d5ddf7d014477c9853ae95f6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2c:0a:e5:e2:35:6b:6a:f2:68:ce:73:f7:49:
9c:7a:44:5e:1d:6b:e8:b0:d2:9c:3c:3a:0b:1c:12:
ff:9e:20:84:f2:df:b4:64:4b:bb:a4:e8:5a:fd:c6:
7e:d7:16:e9:00:38:02:0a:24:99:bf:c4:89:b8:55:
ff:6f:35:5b:2e:29:24:a0:8d:c7:ef:a3:ed:93:6b:
72:a6:66:f2:2e:d3:86:0a:29:23:c5:58:30:42:a3:
ab:a2:41:07:85:fc:6b:16:1e:da:a2:de:d3:58:89:
29:d7:62:bb:ba:5e:2d:98:a8:3f:03:cc:69:d2:40:
d7:9d:dc:fb:f0:a4:10:8e:68:a7:f1:5e:94:bb:75:
69:12:cb:a6:1e:11:ce:5b:3b:f5:5c:26:4a:b3:ad:
30:c0:a8:cb:43:a8:3c:c4:74:2b:9e:90:5b:ff:b4:
25:81:62:2f:27:78:40:1d:e4:f1:52:63:c0:95:ab:
b1:db:bc:64:e3:57:1d:fb:40:22:7c:dd:8d:4c:d1:
3b:3e:38:4a:bd:37:85:f2:8a:17:6a:fe:92:ce:18:
fa:60:8b:32:7a:aa:47:01:f0:b3:0c:cf:81:3c:43:
35:7d:7f:0a:95:13:e7:3f:37:5d:bc:4a:ff:2f:70:
15:c9:e4:c2:bf:69:48:89:e9:b1:96:83:ed:e8:cb:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EC:83:A8:FC:80:A3:D5:DD:F7:D0:14:47:7C:98:53:AE:95:F6:BC
X509v3 Authority Key Identifier:
keyid:A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/5eyDqPyAo9Xd99AUR3yYU66V9rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.152.0/23
IPv6:
2a0d:e400::/32
Signature Algorithm: sha256WithRSAEncryption
c6:63:c9:70:e1:4a:4b:9a:35:e9:cb:30:ca:3a:59:da:62:93:
62:42:90:f5:d2:21:be:ee:b9:a5:4c:d6:cc:59:73:70:16:8f:
15:45:df:02:ca:06:2a:7a:ce:e4:fd:87:6b:ba:58:76:52:cc:
df:22:f8:f4:b8:f5:08:ee:22:c4:37:96:a1:50:8c:1f:2e:1c:
00:8a:32:03:63:4b:ca:71:eb:d6:79:b8:5a:ca:62:45:94:09:
12:e4:b4:98:7e:2f:de:89:12:d4:84:2a:63:25:a0:c4:ab:69:
fe:af:07:39:27:0d:01:20:84:4f:0a:08:e2:ef:bc:5f:f6:cc:
0d:66:44:0c:4a:f5:2f:99:15:3c:88:1f:fa:a0:32:45:dd:f2:
fa:9f:76:1c:07:1d:de:99:3e:b7:6a:2a:f2:77:ec:9b:59:f7:
91:f3:e0:78:43:67:2b:22:8a:49:ca:9c:b9:7e:31:6b:93:a9:
ea:7c:2c:ec:a3:a9:4f:d5:a8:fe:aa:e3:a2:6d:1c:28:08:35:
00:26:2e:ad:c9:27:bb:d8:9c:c9:15:25:71:b4:64:59:85:bf:
15:05:f4:3a:20:86:b8:55:26:cb:32:2c:94:56:2d:25:b5:c4:
0d:db:54:81:5b:15:c5:0d:53:0c:64:14:ad:e3:ae:ff:51:ae:
d1:33:76:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIipJHPSxmBt1651WIvtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUxNzc0ZDZkODc0OTc2MzkwYTA1NjFiNzY2ZDQxMjVl
ZmU2ZWMwHhcNMjUwMTAyMDM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVjODNhOGZjODBhM2Q1ZGRmN2QwMTQ0NzdjOTg1M2FlOTVmNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9iwK5eI1a2ryaM5z90mcekReHWvo
sNKcPDoLHBL/niCE8t+0ZEu7pOha/cZ+1xbpADgCCiSZv8SJuFX/bzVbLikkoI3H
76Ptk2typmbyLtOGCikjxVgwQqOrokEHhfxrFh7aot7TWIkp12K7ul4tmKg/A8xp
0kDXndz78KQQjmin8V6Uu3VpEsumHhHOWzv1XCZKs60wwKjLQ6g8xHQrnpBb/7Ql
gWIvJ3hAHeTxUmPAlaux27xk41cd+0AifN2NTNE7PjhKvTeF8ooXav6Szhj6YIsy
eqpHAfCzDM+BPEM1fX8KlRPnPzddvEr/L3AVyeTCv2lIiemxloPt6MtLvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOXsg6j8gKPV3ffQFEd8mFOulfa8MB8GA1UdIwQY
MBaAFKAlF3TW2HSXY5CgVht2bUEl7+bsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVWGROYllkSmRqa0tCV0czWnRRU1h2NXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iOGI3ZTQtZjRjZC00ZTA2LWI4MWMt
YzVjYWE3ZmFlZDdkLzEvNWV5RHFQeUFvOVhkOTlBVVIzeVlVNjZWOXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iOGI3ZTQtZjRjZC00ZTA2LWI4MWMtYzVjYWE3ZmFlZDdk
LzEvb0NVWGROYllkSmRqa0tCV0czWnRRU1h2NXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBueGYMA0E
AgACMAcDBQAqDeQAMA0GCSqGSIb3DQEBCwUAA4IBAQDGY8lw4UpLmjXpyzDKOlna
YpNiQpD10iG+7rmlTNbMWXNwFo8VRd8CygYqes7k/Ydrulh2UszfIvj0uPUI7iLE
N5ahUIwfLhwAijIDY0vKcevWebhaymJFlAkS5LSYfi/eiRLUhCpjJaDEq2n+rwc5
Jw0BIIRPCgji77xf9swNZkQMSvUvmRU8iB/6oDJF3fL6n3YcBx3emT63airyd+yb
WfeR8+B4Q2crIopJypy5fjFrk6nqfCzso6lP1aj+quOibRwoCDUAJi6tySe72JzJ
FSVxtGRZhb8VBfQ6IIa4VSbLMiyUVi0ltcQN21SBWxXFDVMMZBSt467/Ua7RM3aQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:52 2025 by rpki-client