Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/TOO1C7Nfoo8I9jGT7tEPWovt-Dk.roa
File: TOO1C7Nfoo8I9jGT7tEPWovt-Dk.roa (raw, json)
Hash identifier: yJoNXkc40BQiMjXHd4+xV9gjbcua6Ni6TVwfda9wbCE=
Subject key identifier: 4C:E3:B5:0B:B3:5F:A2:8F:08:F6:31:93:EE:D1:0F:5A:8B:ED:F8:39
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C253680DF0B919FAC5FD1246C3A56
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/TOO1C7Nfoo8I9jGT7tEPWovt-Dk.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 5.39.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:25:36:80:df:0b:91:9f:ac:5f:d1:24:6c:3a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ce3b50bb35fa28f08f63193eed10f5a8bedf839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:62:bd:81:39:48:47:0e:b1:e4:74:f4:f8:
63:55:97:ab:29:08:0d:b5:07:27:5c:97:e9:8e:a9:
27:7a:5a:fe:88:c0:59:ea:bb:6b:c7:91:af:7a:0a:
52:a2:9c:f6:6c:b7:e2:d7:32:90:1c:85:91:37:d2:
58:a8:4c:c9:98:c9:23:79:c9:10:c9:40:e0:60:a6:
22:9b:22:ab:5e:82:83:0d:16:76:d3:32:2e:4c:1a:
06:3c:81:dc:ce:63:ea:3e:6f:52:1d:db:48:8f:b4:
4f:a9:f6:08:ec:27:89:01:2c:ee:52:8c:bc:02:c5:
6e:ff:35:bc:fa:87:12:8d:21:a5:83:05:2a:87:b5:
21:e1:6c:58:31:c0:85:e6:f7:8e:c9:4c:e8:66:ba:
d6:cf:e7:af:6b:2b:00:3b:03:23:26:e1:bf:13:25:
a3:3e:4e:87:e0:f6:7e:d9:78:7f:e4:26:c3:98:a5:
99:b8:70:61:af:d2:3e:7f:d9:22:20:40:fd:06:83:
f9:47:4d:b0:9e:6c:41:ee:b3:77:ec:3a:b3:ed:dc:
b2:48:18:b0:82:df:e3:dc:17:6e:08:87:89:bf:3d:
9a:03:c3:b0:f8:61:e7:72:4a:29:72:43:70:50:f4:
f0:9f:5b:0d:7f:b9:f3:63:6f:df:fe:fa:89:8b:97:
aa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E3:B5:0B:B3:5F:A2:8F:08:F6:31:93:EE:D1:0F:5A:8B:ED:F8:39
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/TOO1C7Nfoo8I9jGT7tEPWovt-Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.249.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:8c:03:8d:10:ea:f0:40:68:56:22:f8:f1:6a:22:d4:04:be:
bd:6f:ac:8c:4c:6f:50:c4:ff:9d:1f:90:ed:66:59:bb:9a:d7:
28:86:18:8d:82:2c:fe:47:04:89:48:61:8c:55:de:da:df:e4:
69:80:24:b9:ba:82:7f:a3:2a:76:23:40:26:e1:2a:a8:c2:b5:
ab:c0:cc:b6:90:5c:7e:26:f5:4c:ae:c2:9a:f1:41:10:ec:ed:
d5:b1:f6:f0:d5:17:b3:c5:70:b4:e8:8a:7c:43:67:54:1a:d1:
7f:95:b6:b5:b0:4f:e4:13:0b:d6:b2:00:a2:b7:3d:59:e8:8f:
86:9a:db:5a:c9:5c:03:02:5f:9c:1d:c7:1d:c5:59:71:9b:ae:
04:99:a7:f8:89:75:ca:0f:af:a5:44:0c:49:b1:56:87:76:e0:
2e:62:05:c7:65:9a:a7:bd:d5:b4:95:d2:d5:1c:65:da:52:fe:
ac:f9:07:35:8f:d5:1d:c5:9e:b7:cd:35:41:45:c6:dd:ca:4a:
c6:33:67:1f:66:73:b0:84:ca:56:9b:d9:16:09:16:bc:51:52:
ba:05:6a:9b:db:52:eb:c4:3b:f9:21:43:17:e6:05:ba:1f:59:
68:b4:45:f2:c4:3e:d2:61:31:9e:7d:a0:93:18:69:4e:c0:4f:
d6:bf:cf:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCU2gN8LkZ+sX9EkbDpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2UzYjUwYmIzNWZhMjhmMDhmNjMxOTNlZWQxMGY1YThiZWRmODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo1ivYE5SEcOseR09PhjVZerKQgN
tQcnXJfpjqknelr+iMBZ6rtrx5GvegpSopz2bLfi1zKQHIWRN9JYqEzJmMkjeckQ
yUDgYKYimyKrXoKDDRZ20zIuTBoGPIHczmPqPm9SHdtIj7RPqfYI7CeJASzuUoy8
AsVu/zW8+ocSjSGlgwUqh7Uh4WxYMcCF5veOyUzoZrrWz+evaysAOwMjJuG/EyWj
Pk6H4PZ+2Xh/5CbDmKWZuHBhr9I+f9kiIED9BoP5R02wnmxB7rN37Dqz7dyySBiw
gt/j3BduCIeJvz2aA8Ow+GHnckopckNwUPTwn1sNf7nzY2/f/vqJi5eq9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzjtQuzX6KPCPYxk+7RD1qL7fg5MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvVE9PMUM3TmZvbzhJOWpHVDd0RVBXb3Z0LURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSf5MA0G
CSqGSIb3DQEBCwUAA4IBAQDKjAONEOrwQGhWIvjxaiLUBL69b6yMTG9QxP+dH5Dt
Zlm7mtcohhiNgiz+RwSJSGGMVd7a3+RpgCS5uoJ/oyp2I0Am4SqowrWrwMy2kFx+
JvVMrsKa8UEQ7O3Vsfbw1RezxXC06Ip8Q2dUGtF/lba1sE/kEwvWsgCitz1Z6I+G
mttayVwDAl+cHccdxVlxm64Emaf4iXXKD6+lRAxJsVaHduAuYgXHZZqnvdW0ldLV
HGXaUv6s+Qc1j9UdxZ63zTVBRcbdykrGM2cfZnOwhMpWm9kWCRa8UVK6BWqb21Lr
xDv5IUMX5gW6H1lotEXyxD7SYTGefaCTGGlOwE/Wv88A
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:47:59 2025 by rpki-client