Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/sH0K1Fxpy-fmq9p6dwnXHxxn2rk.roa
File: sH0K1Fxpy-fmq9p6dwnXHxxn2rk.roa (raw, json)
Hash identifier: d4EABgbrdpcsPkAIgT79YcGhq0rhiykhKxTpLgOyASY=
Subject key identifier: B0:7D:0A:D4:5C:69:CB:E7:E6:AB:DA:7A:77:09:D7:1F:1C:67:DA:B9
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBCA613C4E33DFB770E5FEC46CB709
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/sH0K1Fxpy-fmq9p6dwnXHxxn2rk.roa
Signing time: Wed 01 Jan 2025 17:48:34 +0000
ROA not before: Wed 01 Jan 2025 17:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200193
IP address blocks: 5.133.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ca:61:3c:4e:33:df:b7:70:e5:fe:c4:6c:b7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b07d0ad45c69cbe7e6abda7a7709d71f1c67dab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:fd:f9:8c:15:16:0d:93:a6:e4:37:60:b3:
43:6d:6f:a5:3a:8c:ed:1b:be:d7:8b:6b:0f:31:a0:
f5:ee:45:13:c7:bf:34:2f:83:4c:ad:38:6a:11:92:
73:db:f7:65:98:08:8f:65:63:de:ac:93:eb:44:95:
41:6a:ec:2a:53:0d:7a:af:7b:64:8d:5d:6d:ac:74:
94:4d:6e:b7:1b:f8:01:a2:6a:2c:21:ef:29:24:c2:
94:2d:9a:58:da:59:0b:b5:37:8f:dd:01:63:09:10:
46:ed:cb:b6:37:87:63:24:c3:67:16:fb:6e:cf:d2:
76:d2:f2:1a:76:21:fb:b6:89:16:4b:36:1e:4c:a9:
82:dc:0a:22:2f:44:13:7e:5d:b1:de:ec:6c:0c:71:
bc:5e:46:0e:5a:dc:32:5e:1b:10:b8:ce:3d:b6:96:
9d:b2:2d:99:59:7c:fa:f6:bc:5a:28:8b:dc:ff:b2:
0a:b0:a8:12:81:df:5d:36:70:20:ab:db:b6:e5:90:
4f:f2:8d:4d:e6:50:f8:7f:f2:2d:0e:cd:c9:91:d1:
fa:93:d3:25:23:23:59:9f:0d:3e:5f:dd:c0:59:e7:
55:f1:8f:c9:a9:f5:b6:51:0d:17:22:0b:c0:33:38:
92:5a:4d:b4:90:18:ce:99:9d:77:15:58:b7:03:5b:
86:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7D:0A:D4:5C:69:CB:E7:E6:AB:DA:7A:77:09:D7:1F:1C:67:DA:B9
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/sH0K1Fxpy-fmq9p6dwnXHxxn2rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6f:00:51:af:fd:ec:f1:cd:66:f7:10:17:d8:7f:ff:8e:01:
ad:d5:15:11:21:55:4e:7b:1e:2c:f8:3d:57:18:38:74:bf:f2:
c2:39:ca:e1:7a:4c:7e:c4:ee:1a:ad:ec:73:cd:40:07:92:c9:
a1:8a:df:ad:7b:49:93:5f:2e:a6:3c:f6:9f:f6:5c:06:d2:9a:
d2:59:81:98:77:74:22:84:57:28:c8:bf:92:4d:0e:4c:54:62:
6f:f7:c6:7d:40:ed:2e:e7:12:d3:5a:8e:4a:a1:47:7b:49:a4:
30:ac:e4:14:a6:4f:dd:ba:9d:af:43:46:18:bc:8d:f1:f0:0b:
da:99:45:4b:ec:55:cb:16:c2:98:6b:e3:19:bb:1e:45:06:0e:
56:1c:1f:7b:3d:6f:f1:66:ea:4f:05:ca:52:70:92:32:13:53:
a0:5c:2b:40:ac:91:bd:1a:4a:ea:7b:69:e9:43:19:34:58:76:
04:8e:23:fd:47:42:d2:08:4d:32:9a:53:0e:bf:4f:b0:ca:85:
6c:d5:24:4e:45:6c:4a:8d:3a:a2:0a:5f:86:45:b1:0f:50:bc:
ff:54:f1:b7:11:6b:cb:fc:04:a2:aa:a8:ea:94:c3:91:ea:ba:
aa:27:18:c2:cb:4a:4b:62:a8:44:01:b2:e2:a6:30:bb:23:dd:
a6:75:5e:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+8phPE4z37dw5f7EbLcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDdkMGFkNDVjNjljYmU3ZTZhYmRhN2E3NzA5ZDcxZjFjNjdkYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWf9+YwVFg2TpuQ3YLNDbW+lOozt
G77Xi2sPMaD17kUTx780L4NMrThqEZJz2/dlmAiPZWPerJPrRJVBauwqUw16r3tk
jV1trHSUTW63G/gBomosIe8pJMKULZpY2lkLtTeP3QFjCRBG7cu2N4djJMNnFvtu
z9J20vIadiH7tokWSzYeTKmC3AoiL0QTfl2x3uxsDHG8XkYOWtwyXhsQuM49tpad
si2ZWXz69rxaKIvc/7IKsKgSgd9dNnAgq9u25ZBP8o1N5lD4f/ItDs3JkdH6k9Ml
IyNZnw0+X93AWedV8Y/JqfW2UQ0XIgvAMziSWk20kBjOmZ13FVi3A1uGHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLB9CtRcacvn5qvaencJ1x8cZ9q5MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvc0gwSzFGeHB5LWZtcTlwNmR3blhIeHhuMnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABYVkMA0G
CSqGSIb3DQEBCwUAA4IBAQAubwBRr/3s8c1m9xAX2H//jgGt1RURIVVOex4s+D1X
GDh0v/LCOcrhekx+xO4arexzzUAHksmhit+te0mTXy6mPPaf9lwG0prSWYGYd3Qi
hFcoyL+STQ5MVGJv98Z9QO0u5xLTWo5KoUd7SaQwrOQUpk/dup2vQ0YYvI3x8Ava
mUVL7FXLFsKYa+MZux5FBg5WHB97PW/xZupPBcpScJIyE1OgXCtArJG9Gkrqe2np
Qxk0WHYEjiP9R0LSCE0ymlMOv0+wyoVs1SRORWxKjTqiCl+GRbEPULz/VPG3EWvL
/ASiqqjqlMOR6rqqJxjCy0pLYqhEAbLipjC7I92mdV6y
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:34:07 2025 by rpki-client