Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/57saHwwtMFtKDHtko2YaGKrGjJo.roa
File: 57saHwwtMFtKDHtko2YaGKrGjJo.roa (raw, json)
Hash identifier: tuKl3wIrDMzULngL+WH+D2haKacyphB+9VZ5+FTHHpM=
Subject key identifier: E7:BB:1A:1F:0C:2D:30:5B:4A:0C:7B:64:A3:66:1A:18:AA:C6:8C:9A
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 019428279E8B75F4680C300E1A818535F9C9
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/57saHwwtMFtKDHtko2YaGKrGjJo.roa
Signing time: Thu 02 Jan 2025 17:54:32 +0000
ROA not before: Thu 02 Jan 2025 17:54:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60731
IP address blocks: 5.149.158.0/24 maxlen: 24
193.32.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:9e:8b:75:f4:68:0c:30:0e:1a:81:85:35:f9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 17:54:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7bb1a1f0c2d305b4a0c7b64a3661a18aac68c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:dc:5f:16:15:65:61:43:68:64:2c:3d:4e:
cc:c4:16:75:7e:f6:57:ea:c0:07:33:18:16:72:5b:
42:7e:f3:d0:77:2d:cb:3a:9f:87:d9:5c:21:29:a1:
32:c2:14:95:c3:ee:6f:de:7f:a8:7a:0c:43:ea:25:
3c:25:8f:a7:8a:67:d1:73:0c:9a:f6:21:7e:96:1c:
6d:be:bd:62:fa:ec:27:c3:84:61:35:e2:e9:54:77:
99:95:b9:c1:05:14:bb:09:9e:dd:60:a7:75:73:cb:
f5:92:1b:12:ce:28:f7:ad:e6:07:b5:fe:d8:62:5b:
ef:88:71:30:ff:93:49:63:1b:5a:02:bd:1f:d6:df:
7f:ef:40:86:e0:60:7b:0e:7f:f5:b9:db:b9:e7:65:
60:d6:89:d9:4a:b3:7c:57:35:d7:15:a8:d0:fa:7d:
05:79:bc:cb:53:11:46:56:a9:8b:d0:42:14:0b:f4:
6e:81:e4:5f:c4:6b:9b:c6:58:24:50:41:b9:28:92:
4e:f5:3e:a7:ae:da:c6:18:35:91:d6:17:85:3a:9b:
32:bb:61:fd:a2:ee:9a:a7:85:63:9b:0d:3e:ed:60:
b9:fb:30:0f:e3:72:bd:67:8f:0b:73:d9:c7:03:7d:
52:68:a7:6e:a1:e7:99:a0:e2:99:0a:dd:32:e4:e6:
90:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:BB:1A:1F:0C:2D:30:5B:4A:0C:7B:64:A3:66:1A:18:AA:C6:8C:9A
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/57saHwwtMFtKDHtko2YaGKrGjJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.158.0/24
193.32.202.0/24
Signature Algorithm: sha256WithRSAEncryption
01:0e:72:59:2c:be:27:6a:5c:8a:19:1a:11:92:a4:f7:80:45:
3d:12:44:56:2f:cf:87:c2:e6:45:c0:56:55:22:a0:f6:e5:26:
43:5f:c4:30:25:af:2f:3d:56:75:77:43:c9:bb:53:96:e9:70:
ba:94:36:3f:cb:91:c3:e5:33:58:e6:09:6d:bc:91:8d:88:f1:
fd:e7:e9:75:38:7a:6d:41:d0:f9:07:88:21:5f:2d:fa:7d:90:
d9:76:89:a5:f7:ad:6b:8a:a5:ee:00:f2:61:db:0a:cc:24:44:
81:3b:a0:39:38:ca:45:47:16:15:5f:da:6b:6e:98:71:11:e4:
4e:dc:58:d2:cf:38:63:4a:d2:28:cd:1b:9b:42:06:47:6e:27:
99:ca:db:37:1b:ce:23:4f:f1:36:fc:a2:d2:f5:30:20:fc:3b:
aa:76:3f:18:e3:6b:9e:fb:d7:22:4e:74:0a:5f:65:c6:13:cf:
92:65:7f:33:5a:88:69:93:c5:12:a0:11:f5:32:70:dc:cc:32:
69:c0:42:9f:61:ff:86:44:de:42:c0:26:14:7a:15:24:0d:c4:
57:85:f5:6c:ac:ae:47:b2:f7:7f:3f:f1:4f:b2:f5:7b:4d:21:
9b:28:f7:a8:7c:42:37:76:3d:d8:2f:aa:88:ca:cd:9b:e0:77:
2a:b0:63:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ56LdfRoDDAOGoGFNfnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjUwMTAyMTc1NDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2JiMWExZjBjMmQzMDViNGEwYzdiNjRhMzY2MWExOGFhYzY4YzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+bcXxYVZWFDaGQsPU7MxBZ1fvZX
6sAHMxgWcltCfvPQdy3LOp+H2VwhKaEywhSVw+5v3n+oegxD6iU8JY+nimfRcwya
9iF+lhxtvr1i+uwnw4RhNeLpVHeZlbnBBRS7CZ7dYKd1c8v1khsSzij3reYHtf7Y
YlvviHEw/5NJYxtaAr0f1t9/70CG4GB7Dn/1udu552Vg1onZSrN8VzXXFajQ+n0F
ebzLUxFGVqmL0EIUC/RugeRfxGubxlgkUEG5KJJO9T6nrtrGGDWR1heFOpsyu2H9
ou6ap4Vjmw0+7WC5+zAP43K9Z48Lc9nHA31SaKduoeeZoOKZCt0y5OaQcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOe7Gh8MLTBbSgx7ZKNmGhiqxoyaMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvNTdzYUh3d3RNRnRLREh0a28yWWFHS3JHakpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABZWeAwQA
wSDKMA0GCSqGSIb3DQEBCwUAA4IBAQABDnJZLL4nalyKGRoRkqT3gEU9EkRWL8+H
wuZFwFZVIqD25SZDX8QwJa8vPVZ1d0PJu1OW6XC6lDY/y5HD5TNY5gltvJGNiPH9
5+l1OHptQdD5B4ghXy36fZDZdoml961riqXuAPJh2wrMJESBO6A5OMpFRxYVX9pr
bphxEeRO3FjSzzhjStIozRubQgZHbieZyts3G84jT/E2/KLS9TAg/Duqdj8Y42ue
+9ciTnQKX2XGE8+SZX8zWohpk8USoBH1MnDczDJpwEKfYf+GRN5CwCYUehUkDcRX
hfVsrK5Hsvd/P/FPsvV7TSGbKPeofEI3dj3YL6qIys2b4HcqsGNg
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:16:12 2025 by rpki-client