Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d55ab0-b7ac-4a5e-bb33-330a737b5d5a/1/3ysgc7TWV1SafJAi6554y_azZpE.roa
File: 3ysgc7TWV1SafJAi6554y_azZpE.roa (raw, json)
Hash identifier: OUniHGkCY2YN3ayQCTdsiEFElkDSTRh9yki0Gb77W3g=
Subject key identifier: DF:2B:20:73:B4:D6:57:54:9A:7C:90:22:EB:9E:78:CB:F6:B3:66:91
Certificate issuer: /CN=31c1a1892372a75a34cbfe14530ace7195561d1a
Certificate serial: 018CC5002705B574C0749FA4EA75251B328E
Authority key identifier: 31:C1:A1:89:23:72:A7:5A:34:CB:FE:14:53:0A:CE:71:95:56:1D:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/McGhiSNyp1o0y_4UUwrOcZVWHRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d55ab0-b7ac-4a5e-bb33-330a737b5d5a/1/3ysgc7TWV1SafJAi6554y_azZpE.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:27:05:b5:74:c0:74:9f:a4:ea:75:25:1b:32:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31c1a1892372a75a34cbfe14530ace7195561d1a
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df2b2073b4d657549a7c9022eb9e78cbf6b36691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b3:5b:0f:1e:3e:55:4a:23:0f:94:7f:3d:5d:
8f:95:60:6b:e9:97:37:a3:21:bc:ec:04:8d:82:2c:
f7:e4:e1:52:12:c5:99:45:39:4c:9a:26:b5:f1:28:
88:7f:f8:66:53:af:d4:98:2a:2c:3f:0a:9e:73:7c:
3a:e2:2c:39:f2:c2:13:18:e5:36:4a:8a:ed:cf:0e:
f0:60:c5:5f:b4:b7:9d:7d:08:ea:63:d2:63:0d:9a:
07:03:05:14:b4:7d:d7:fd:4b:b2:25:2b:94:6e:e2:
2c:dd:ad:eb:b2:f7:09:52:f7:cf:78:68:c2:73:c0:
be:8e:94:1a:a9:d1:68:09:2d:8e:6f:73:06:b4:0f:
e2:cc:74:5e:8b:18:11:e8:9b:0f:38:56:6c:09:ad:
35:15:6c:80:38:7a:8c:9f:c8:75:f5:26:6a:5e:5c:
7b:1f:64:a9:17:b8:79:5e:0e:9b:99:89:76:d2:0f:
a8:e3:ec:9d:9f:f2:cb:eb:94:22:bc:de:bc:0b:3f:
37:8c:8f:77:fd:8f:81:35:87:a6:32:0b:29:9f:6b:
67:bf:a0:c6:c5:fd:48:ee:68:1e:24:63:bd:12:d0:
2e:53:b9:d9:9f:f6:d8:2a:a4:8e:26:dd:6a:2b:04:
63:43:09:6d:62:1c:f0:94:87:6b:c0:5f:1a:04:37:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:20:73:B4:D6:57:54:9A:7C:90:22:EB:9E:78:CB:F6:B3:66:91
X509v3 Authority Key Identifier:
keyid:31:C1:A1:89:23:72:A7:5A:34:CB:FE:14:53:0A:CE:71:95:56:1D:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/McGhiSNyp1o0y_4UUwrOcZVWHRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d55ab0-b7ac-4a5e-bb33-330a737b5d5a/1/3ysgc7TWV1SafJAi6554y_azZpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d55ab0-b7ac-4a5e-bb33-330a737b5d5a/1/McGhiSNyp1o0y_4UUwrOcZVWHRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.210.0/24
Signature Algorithm: sha256WithRSAEncryption
52:01:54:73:f9:3a:f5:93:a0:02:94:3a:22:7d:3c:83:06:54:
22:08:0b:d1:1d:9b:91:17:c4:92:ff:22:f7:57:0c:37:85:15:
c7:60:b3:6f:51:1b:ff:17:fe:d3:d5:29:6c:b2:b2:fd:0c:d7:
d6:f6:43:83:e0:61:0e:05:44:b4:39:8f:63:b3:1a:d3:4a:fa:
14:c1:a3:67:e6:2f:e3:57:2f:da:f7:83:aa:60:77:f7:96:8e:
d1:34:a1:cf:0c:4f:2e:0a:a3:2b:d0:e5:71:3a:c6:a6:88:cf:
e8:31:a3:95:ae:02:83:54:be:10:b3:df:b0:48:44:09:0d:f0:
d3:e8:f8:4e:12:bb:9f:a1:de:7d:27:f1:b1:2a:7d:f5:61:32:
49:15:b4:2e:c9:96:44:14:31:a6:66:99:83:74:b7:51:05:1c:
7b:23:6e:62:14:9a:95:61:e4:3b:74:de:4e:3c:75:08:77:7e:
05:39:f6:19:59:a3:c8:c5:0d:18:ac:5c:e3:58:b1:a9:7e:81:
c0:5a:e4:a6:ff:0d:c0:ce:8e:d4:7d:38:8c:5e:cc:18:f0:da:
8d:5d:4c:e8:3a:c8:f1:4f:e9:2b:c2:5e:31:73:ea:c3:a7:57:
75:79:c8:8d:c4:91:70:04:7f:04:07:80:b8:cb:8f:03:ce:b0:
b5:97:13:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFACcFtXTAdJ+k6nUlGzKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYzFhMTg5MjM3MmE3NWEzNGNiZmUxNDUzMGFjZTcxOTU1
NjFkMWEwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJiMjA3M2I0ZDY1NzU0OWE3YzkwMjJlYjllNzhjYmY2YjM2NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbNbDx4+VUojD5R/PV2PlWBr6Zc3
oyG87ASNgiz35OFSEsWZRTlMmia18SiIf/hmU6/UmCosPwqec3w64iw58sITGOU2
Sortzw7wYMVftLedfQjqY9JjDZoHAwUUtH3X/UuyJSuUbuIs3a3rsvcJUvfPeGjC
c8C+jpQaqdFoCS2Ob3MGtA/izHReixgR6JsPOFZsCa01FWyAOHqMn8h19SZqXlx7
H2SpF7h5Xg6bmYl20g+o4+ydn/LL65QivN68Cz83jI93/Y+BNYemMgspn2tnv6DG
xf1I7mgeJGO9EtAuU7nZn/bYKqSOJt1qKwRjQwltYhzwlIdrwF8aBDcXFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8rIHO01ldUmnyQIuueeMv2s2aRMB8GA1UdIwQY
MBaAFDHBoYkjcqdaNMv+FFMKznGVVh0aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNHaGlTTnlwMW8weV80VVV3ck9jWlZXSFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kNTVhYjAtYjdhYy00YTVlLWJiMzMt
MzMwYTczN2I1ZDVhLzEvM3lzZ2M3VFdWMVNhZkpBaTY1NTR5X2F6WnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kNTVhYjAtYjdhYy00YTVlLWJiMzMtMzMwYTczN2I1ZDVh
LzEvTWNHaGlTTnlwMW8weV80VVV3ck9jWlZXSFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrSMA0G
CSqGSIb3DQEBCwUAA4IBAQBSAVRz+Tr1k6AClDoifTyDBlQiCAvRHZuRF8SS/yL3
Vww3hRXHYLNvURv/F/7T1SlssrL9DNfW9kOD4GEOBUS0OY9jsxrTSvoUwaNn5i/j
Vy/a94OqYHf3lo7RNKHPDE8uCqMr0OVxOsamiM/oMaOVrgKDVL4Qs9+wSEQJDfDT
6PhOErufod59J/GxKn31YTJJFbQuyZZEFDGmZpmDdLdRBRx7I25iFJqVYeQ7dN5O
PHUId34FOfYZWaPIxQ0YrFzjWLGpfoHAWuSm/w3Azo7UfTiMXswY8NqNXUzoOsjx
T+krwl4xc+rDp1d1eciNxJFwBH8EB4C4y48DzrC1lxNK
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:58 2025 by rpki-client