Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ojlwg9x75cm9yCRg1uRbtV9JzOQ.roa
File: Ojlwg9x75cm9yCRg1uRbtV9JzOQ.roa (raw, json)
Hash identifier: ogbfSoUm1OyL1fGJJ+4TLmGx+iphSaqafx5096ZmO90=
Subject key identifier: 3A:39:70:83:DC:7B:E5:C9:BD:C8:24:60:D6:E4:5B:B5:5F:49:CC:E4
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C2979C97739A9006295414378BE2C
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ojlwg9x75cm9yCRg1uRbtV9JzOQ.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59642
IP address blocks: 5.144.180.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:29:79:c9:77:39:a9:00:62:95:41:43:78:be:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a397083dc7be5c9bdc82460d6e45bb55f49cce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d9:5a:ab:27:37:37:50:3d:18:f1:39:e9:4e:
89:18:6d:4c:90:fb:26:68:fe:0c:5e:65:ff:a6:f2:
a4:a5:d2:fd:6b:68:f9:bc:e6:89:4d:55:85:fa:55:
23:01:88:8b:7f:70:16:71:d1:aa:82:cb:c8:d9:92:
5d:de:6a:58:21:2d:69:d7:be:0f:91:d8:17:17:d6:
21:2f:d2:50:be:40:1d:5f:9a:ec:72:6f:0e:03:55:
18:e3:a0:97:81:19:92:5b:78:57:28:21:42:ea:2a:
ae:35:fa:72:0d:ee:95:a2:e7:1a:f8:66:61:f7:e3:
37:04:0f:ce:28:53:48:0a:b9:d0:0c:0d:90:dc:5c:
6b:ff:f3:01:b9:03:5a:09:e4:5a:3d:89:c6:64:77:
06:63:76:c8:4d:31:26:9e:78:6f:61:39:cf:6a:8f:
fe:08:ec:58:9a:20:96:d8:ce:94:b5:cb:b1:e1:55:
de:48:ef:11:70:d3:29:fd:d9:c7:a4:ed:d0:5c:f0:
b4:7b:a7:8d:6f:16:0e:3b:01:ba:bd:f4:52:9f:ea:
8e:1e:5a:9e:b7:ba:17:9d:40:1d:79:dc:e8:02:9f:
26:0f:3c:69:c5:1c:c9:7b:cc:db:bb:25:e9:bb:3a:
01:0a:d8:c1:93:5e:cf:c3:55:97:c8:0a:44:08:66:
22:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:39:70:83:DC:7B:E5:C9:BD:C8:24:60:D6:E4:5B:B5:5F:49:CC:E4
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/Ojlwg9x75cm9yCRg1uRbtV9JzOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.180.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c7:20:7f:dd:99:59:65:31:a6:81:2a:5e:7f:4c:e2:ee:9b:
23:d9:92:8c:5b:94:89:d2:59:73:b9:85:a5:91:e9:d3:f8:99:
36:5d:32:f6:56:59:4d:ba:61:41:18:db:1d:cb:19:e3:6e:7f:
41:7f:72:42:7a:7c:78:42:96:fd:b0:76:32:3f:7d:24:61:5e:
a7:26:9e:e9:8d:d5:e3:e1:40:f0:e2:a0:84:02:83:e2:1b:ff:
14:58:14:34:f9:1f:33:2f:93:39:d7:4f:f4:8b:5a:bd:57:6d:
44:fd:0b:c3:be:72:01:d6:17:23:0f:ab:1a:d4:45:bd:cf:19:
c8:cc:97:36:3b:36:d8:a1:d5:42:22:c4:4e:28:47:64:ef:1c:
41:17:2a:8d:10:70:ce:1d:60:79:03:bf:9d:c2:6c:f4:9e:f8:
6a:c4:dd:d0:87:a2:97:0a:ba:58:17:ee:b2:f5:5c:2c:de:5a:
b6:96:79:2d:8e:69:a7:88:f9:37:61:5c:5f:a0:ae:53:30:3e:
6b:a0:c9:2c:8e:54:f3:4e:b1:99:e2:8f:81:67:6b:9b:e6:2c:
9c:4e:b7:84:07:08:c4:aa:be:f0:f9:79:f4:b5:57:84:79:c8:
ad:13:58:13:e6:eb:d6:31:41:67:86:3a:cc:d9:1b:da:f2:1a:
66:e6:85:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCl5yXc5qQBilUFDeL4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM5NzA4M2RjN2JlNWM5YmRjODI0NjBkNmU0NWJiNTVmNDljY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNlaqyc3N1A9GPE56U6JGG1MkPsm
aP4MXmX/pvKkpdL9a2j5vOaJTVWF+lUjAYiLf3AWcdGqgsvI2ZJd3mpYIS1p174P
kdgXF9YhL9JQvkAdX5rscm8OA1UY46CXgRmSW3hXKCFC6iquNfpyDe6Vouca+GZh
9+M3BA/OKFNICrnQDA2Q3Fxr//MBuQNaCeRaPYnGZHcGY3bITTEmnnhvYTnPao/+
COxYmiCW2M6Utcux4VXeSO8RcNMp/dnHpO3QXPC0e6eNbxYOOwG6vfRSn+qOHlqe
t7oXnUAdedzoAp8mDzxpxRzJe8zbuyXpuzoBCtjBk17Pw1WXyApECGYiywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDo5cIPce+XJvcgkYNbkW7VfSczkMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvT2psd2c5eDc1Y205eUNSZzF1UmJ0VjlKek9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZC0MA0G
CSqGSIb3DQEBCwUAA4IBAQA/xyB/3ZlZZTGmgSpef0zi7psj2ZKMW5SJ0llzuYWl
kenT+Jk2XTL2VllNumFBGNsdyxnjbn9Bf3JCenx4Qpb9sHYyP30kYV6nJp7pjdXj
4UDw4qCEAoPiG/8UWBQ0+R8zL5M510/0i1q9V21E/QvDvnIB1hcjD6sa1EW9zxnI
zJc2OzbYodVCIsROKEdk7xxBFyqNEHDOHWB5A7+dwmz0nvhqxN3Qh6KXCrpYF+6y
9Vws3lq2lnktjmmniPk3YVxfoK5TMD5roMksjlTzTrGZ4o+BZ2ub5iycTreEBwjE
qr7w+Xn0tVeEecitE1gT5uvWMUFnhjrM2Rva8hpm5oUP
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:05:50 2025 by rpki-client