Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/3JchNSYAVY5pRDjhABNc9keKdIA.roa
File: 3JchNSYAVY5pRDjhABNc9keKdIA.roa (raw, json)
Hash identifier: /O/XnDaGSiL+sunwvGaqDa2Y6QF9YgJHJX+Z87eCQHE=
Subject key identifier: DC:97:21:35:26:00:55:8E:69:44:38:E1:00:13:5C:F6:47:8A:74:80
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019409355A8FD2E016A04E8510228AD5EA41
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/3JchNSYAVY5pRDjhABNc9keKdIA.roa
Signing time: Fri 27 Dec 2024 17:41:19 +0000
ROA not before: Fri 27 Dec 2024 17:41:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200193
IP address blocks: 5.133.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:35:5a:8f:d2:e0:16:a0:4e:85:10:22:8a:d5:ea:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 27 17:41:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc9721352600558e694438e100135cf6478a7480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f5:c4:57:4a:49:1b:e2:73:03:c3:74:8d:e6:
b6:ff:de:94:0d:45:15:be:ec:79:54:9e:75:44:26:
8e:87:92:85:a5:5a:47:eb:75:8a:27:1d:70:04:96:
99:a4:b9:8a:0e:c9:c8:94:6e:78:37:02:57:77:87:
8b:18:55:75:0b:71:22:f1:59:e2:95:1b:f5:62:42:
dd:0a:81:6b:d1:9d:b2:32:7c:71:44:ca:10:65:16:
c3:7c:fb:ee:80:d0:0e:30:df:0e:ab:f0:5f:c2:29:
0e:f4:09:4a:ec:4f:98:0a:85:7b:65:51:5b:b9:e0:
95:8c:1f:00:c4:bb:29:cb:a4:ca:52:d7:75:3c:b9:
0f:53:dc:64:3f:ad:20:1a:f7:63:13:95:78:05:c0:
8f:56:43:df:43:60:e9:fd:a5:35:b8:30:8b:a4:7a:
5a:22:14:cf:86:f7:82:fc:1d:22:c2:9d:07:4f:0c:
da:99:be:55:50:b8:83:64:7b:05:8f:e7:fb:33:a9:
5b:23:ee:0c:07:69:af:b2:ea:55:a6:55:33:2f:ca:
f8:36:32:cf:6d:9b:b2:8d:96:3a:1e:85:89:d8:8d:
bd:80:97:28:d8:c8:61:b7:fc:9b:84:a8:2c:60:8a:
7e:f2:97:de:8a:f9:ad:87:f1:97:23:b9:c1:b4:b2:
20:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:97:21:35:26:00:55:8E:69:44:38:E1:00:13:5C:F6:47:8A:74:80
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/3JchNSYAVY5pRDjhABNc9keKdIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fe:08:73:8d:b7:6c:7b:f5:a6:89:21:d4:11:76:de:a4:3f:
71:cb:b5:b2:5d:b6:1d:7f:69:e2:9e:53:07:06:b7:05:bd:ad:
bf:f6:c3:70:f9:a8:4f:5b:6c:a6:e6:c4:2c:24:4a:d6:af:65:
65:44:05:d3:c2:7d:d9:2f:17:e8:ca:1b:81:3d:13:e1:98:32:
d1:0c:a1:3a:a0:9e:a8:50:c1:9e:5d:e8:a3:77:5d:ba:fc:e5:
07:4f:99:48:9c:eb:4f:33:68:63:d2:0a:75:bf:fc:d7:79:9a:
b4:f5:4a:8a:2d:62:48:fa:dc:80:3e:61:98:f0:e9:d9:cc:e0:
af:0b:58:3f:94:fe:5c:87:b1:a7:72:d0:1a:81:35:7b:26:7c:
47:62:3a:d2:3b:3b:a4:53:50:19:3d:1e:4c:27:48:ea:ee:ae:
8b:cb:8f:21:f5:04:99:00:f9:a1:65:ea:64:ec:ac:11:6e:ff:
85:c7:23:60:ee:b2:4b:b4:9c:4f:f8:c0:12:8a:77:64:ec:2f:
28:37:e6:f9:ff:e0:c2:72:e4:bd:44:3e:f1:5d:3a:4d:d4:65:
5f:eb:21:79:46:dc:0d:2f:41:94:a3:a0:8a:bd:fc:bf:0b:d7:
87:20:73:93:55:08:5f:9d:8f:1e:6c:fc:89:f2:85:21:4e:00:
93:3b:eb:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQJNVqP0uAWoE6FECKK1epBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMjI3MTc0MTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk3MjEzNTI2MDA1NThlNjk0NDM4ZTEwMDEzNWNmNjQ3OGE3NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vXEV0pJG+JzA8N0jea2/96UDUUV
vux5VJ51RCaOh5KFpVpH63WKJx1wBJaZpLmKDsnIlG54NwJXd4eLGFV1C3Ei8Vni
lRv1YkLdCoFr0Z2yMnxxRMoQZRbDfPvugNAOMN8Oq/BfwikO9AlK7E+YCoV7ZVFb
ueCVjB8AxLspy6TKUtd1PLkPU9xkP60gGvdjE5V4BcCPVkPfQ2Dp/aU1uDCLpHpa
IhTPhveC/B0iwp0HTwzamb5VULiDZHsFj+f7M6lbI+4MB2mvsupVplUzL8r4NjLP
bZuyjZY6HoWJ2I29gJco2Mhht/ybhKgsYIp+8pfeivmth/GXI7nBtLIgiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyXITUmAFWOaUQ44QATXPZHinSAMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvM0pjaE5TWUFWWTVwUkRqaEFCTmM5a2VLZElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABYVkMA0G
CSqGSIb3DQEBCwUAA4IBAQAv/ghzjbdse/WmiSHUEXbepD9xy7WyXbYdf2ninlMH
BrcFva2/9sNw+ahPW2ym5sQsJErWr2VlRAXTwn3ZLxfoyhuBPRPhmDLRDKE6oJ6o
UMGeXeijd126/OUHT5lInOtPM2hj0gp1v/zXeZq09UqKLWJI+tyAPmGY8OnZzOCv
C1g/lP5ch7GnctAagTV7JnxHYjrSOzukU1AZPR5MJ0jq7q6Ly48h9QSZAPmhZepk
7KwRbv+FxyNg7rJLtJxP+MASindk7C8oN+b5/+DCcuS9RD7xXTpN1GVf6yF5RtwN
L0GUo6CKvfy/C9eHIHOTVQhfnY8ebPyJ8oUhTgCTO+uC
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:36:27 2025 by rpki-client