Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Gp66wYREOc1h9eDQ4Jl1zol0dGY.roa
File: Gp66wYREOc1h9eDQ4Jl1zol0dGY.roa (raw, json)
Hash identifier: cbxRjqYTk6aDdWomh1V0dsmExBRlWyKb4b8IjMaBUTM=
Subject key identifier: 1A:9E:BA:C1:84:44:39:CD:61:F5:E0:D0:E0:99:75:CE:89:74:74:66
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C2B947EDC47723632C5A7AF949DC3
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Gp66wYREOc1h9eDQ4Jl1zol0dGY.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198883
IP address blocks: 5.178.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:2b:94:7e:dc:47:72:36:32:c5:a7:af:94:9d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a9ebac1844439cd61f5e0d0e09975ce89747466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:95:cf:7e:42:9d:6a:cb:44:c1:1a:55:61:
5b:17:78:78:af:e2:57:d4:2b:bd:51:c8:36:f8:25:
d8:45:b3:2c:7e:37:6a:15:e8:ef:99:63:21:6f:50:
5d:9c:1f:d8:21:76:83:ee:9f:77:e8:1f:ce:3e:da:
90:cc:8e:80:42:36:55:4d:35:54:ad:73:b0:d9:6e:
33:b5:8c:8f:46:aa:61:f7:3c:ad:3d:cb:81:0f:6a:
c6:e0:4f:7b:38:ea:3a:e6:83:06:34:9e:23:f8:b6:
35:8b:c6:73:79:db:1a:b3:9c:ef:f8:d3:d9:9b:b5:
de:6b:5a:08:26:d8:1c:ca:91:1d:ba:48:2f:71:e7:
4f:3b:bc:41:14:9e:a6:1b:e8:2e:16:20:0f:9f:12:
15:f2:83:8a:a1:8e:e8:8e:10:25:48:5f:a6:ca:86:
bd:c7:9c:1e:ef:f2:1b:e0:4b:c8:91:7f:48:31:10:
41:9d:ba:86:24:79:0d:55:c5:48:fe:6e:56:6d:cc:
0f:e5:b5:cb:f0:c5:77:e9:a7:0f:8d:3e:26:bf:b3:
69:d6:92:73:5d:83:66:a6:fa:c0:cd:b3:87:b1:28:
4b:d7:37:e2:aa:f2:04:6b:a1:95:f5:36:47:64:55:
c8:f5:18:36:32:39:f2:97:fe:f3:41:94:1a:0a:70:
42:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9E:BA:C1:84:44:39:CD:61:F5:E0:D0:E0:99:75:CE:89:74:74:66
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Gp66wYREOc1h9eDQ4Jl1zol0dGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.101.0/24
Signature Algorithm: sha256WithRSAEncryption
59:78:66:5b:2e:4f:e5:7b:0f:68:c3:14:c8:e3:b2:05:55:c9:
1a:22:81:1f:3b:e5:f2:95:45:d6:21:fa:08:c0:33:eb:32:0f:
49:92:d8:42:9c:d4:39:fa:f5:26:9d:96:37:79:35:11:01:d3:
17:1a:f2:ff:9a:fa:53:02:42:cd:0d:55:a4:b3:ee:ac:99:1c:
82:fd:ff:e4:8e:bf:85:f4:22:0d:c9:13:00:d3:cf:21:09:ad:
27:dc:4f:4b:68:13:f1:68:a1:ea:19:77:ad:75:94:27:5d:e1:
92:b0:eb:1c:ec:e9:27:79:ee:7f:79:be:ea:c2:1e:36:b3:fb:
cf:ef:dd:26:ae:07:ea:3b:99:8e:3c:20:c4:4b:8e:4c:1f:c3:
15:7e:d8:23:10:e0:5e:6e:9e:0f:2a:d4:3b:23:a0:63:90:c9:
ac:d8:12:57:38:ee:77:0d:39:81:f6:2a:51:b6:2d:df:8e:11:
18:4b:05:d2:b6:a1:31:6d:37:98:56:26:d3:7e:09:5b:aa:5f:
f6:9b:8c:f9:d2:8c:55:fc:01:be:98:f3:53:d0:9d:04:09:27:
14:b7:33:f5:5e:0d:92:93:ef:f3:28:0d:ba:49:67:f9:ed:8e:
64:30:cd:f8:7e:7d:de:87:f6:cf:65:fd:4d:b2:72:e3:6b:bc:
d0:f2:af:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCuUftxHcjYyxaevlJ3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTllYmFjMTg0NDQzOWNkNjFmNWUwZDBlMDk5NzVjZTg5NzQ3NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhKVz35CnWrLRMEaVWFbF3h4r+JX
1Cu9Ucg2+CXYRbMsfjdqFejvmWMhb1BdnB/YIXaD7p936B/OPtqQzI6AQjZVTTVU
rXOw2W4ztYyPRqph9zytPcuBD2rG4E97OOo65oMGNJ4j+LY1i8Zzedsas5zv+NPZ
m7Xea1oIJtgcypEdukgvcedPO7xBFJ6mG+guFiAPnxIV8oOKoY7ojhAlSF+myoa9
x5we7/Ib4EvIkX9IMRBBnbqGJHkNVcVI/m5WbcwP5bXL8MV36acPjT4mv7Np1pJz
XYNmpvrAzbOHsShL1zfiqvIEa6GV9TZHZFXI9Rg2Mjnyl/7zQZQaCnBCKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqeusGERDnNYfXg0OCZdc6JdHRmMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvR3A2NndZUkVPYzFoOWVEUTRKbDF6b2wwZEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbJlMA0G
CSqGSIb3DQEBCwUAA4IBAQBZeGZbLk/lew9owxTI47IFVckaIoEfO+XylUXWIfoI
wDPrMg9JkthCnNQ5+vUmnZY3eTURAdMXGvL/mvpTAkLNDVWks+6smRyC/f/kjr+F
9CINyRMA088hCa0n3E9LaBPxaKHqGXetdZQnXeGSsOsc7Oknee5/eb7qwh42s/vP
790mrgfqO5mOPCDES45MH8MVftgjEOBebp4PKtQ7I6BjkMms2BJXOO53DTmB9ipR
ti3fjhEYSwXStqExbTeYVibTfglbql/2m4z50oxV/AG+mPNT0J0ECScUtzP1Xg2S
k+/zKA26SWf57Y5kMM34fn3eh/bPZf1NsnLja7zQ8q9H
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:03:48 2025 by rpki-client