Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/g35tTn32QbT-bAwoUi98fNimhp8.roa
File: g35tTn32QbT-bAwoUi98fNimhp8.roa (raw, json)
Hash identifier: 1Z+8GgnLMcbNoyJqOCvdplvh0vT0gEGnRnHP4B7CkZ0=
Subject key identifier: 83:7E:6D:4E:7D:F6:41:B4:FE:6C:0C:28:52:2F:7C:7C:D8:A6:86:9F
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0195897792A12B001D9882B0F078E22EFF9A
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/g35tTn32QbT-bAwoUi98fNimhp8.roa
Signing time: Wed 12 Mar 2025 08:27:49 +0000
ROA not before: Wed 12 Mar 2025 08:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.39.250.0/24 maxlen: 24
185.5.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:77:92:a1:2b:00:1d:98:82:b0:f0:78:e2:2e:ff:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Mar 12 08:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=837e6d4e7df641b4fe6c0c28522f7c7cd8a6869f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2c:d9:56:e6:86:d5:37:84:c4:c7:33:a2:e9:
4a:f3:ff:ae:83:fd:f0:2c:e0:56:8f:9d:2c:2f:6e:
9c:57:e1:88:ce:fa:00:a3:57:28:1b:0c:4f:be:fc:
89:82:f6:e6:3b:5f:6d:2d:24:13:dc:30:d9:4a:58:
5c:22:12:0f:5b:87:c9:38:49:a3:37:71:45:4b:04:
a7:c5:db:a4:e0:aa:df:e7:1f:b8:6a:61:e0:8a:d0:
91:9e:68:90:90:de:84:e2:48:31:6c:40:54:23:ef:
22:5c:f9:9d:3d:4e:33:10:2d:c5:1b:f3:4d:07:af:
72:28:b8:f8:f7:b3:6a:ca:75:5a:85:ff:e1:bf:c2:
c5:8a:73:7d:c0:75:aa:ff:fa:9e:fa:26:65:89:a3:
64:0f:1f:e4:b3:de:07:c2:b2:a8:3e:fa:6a:36:1c:
89:f8:a0:1a:3d:6c:46:a0:6c:33:9a:ab:d7:17:1c:
65:e7:2e:02:ad:46:1d:88:82:82:da:9e:d7:8a:f6:
4b:32:71:f1:5b:a6:f2:72:c9:f5:d4:af:c3:03:1f:
08:6f:f1:e1:83:d7:be:7f:f4:47:49:64:c4:f4:cb:
c9:39:d4:d7:e9:d1:20:d7:a8:ac:ab:e2:4e:cc:28:
67:f2:03:25:39:6d:9d:2c:c6:8a:ba:3c:7e:34:b2:
16:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:7E:6D:4E:7D:F6:41:B4:FE:6C:0C:28:52:2F:7C:7C:D8:A6:86:9F
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/g35tTn32QbT-bAwoUi98fNimhp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.250.0/24
185.5.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:0a:07:3d:da:f0:f8:44:07:3a:e0:df:3d:d3:f4:44:3d:bf:
2c:21:f5:c4:e1:bb:90:f3:de:7f:8a:6d:58:89:b6:b2:e3:6d:
15:88:47:b6:1a:53:ab:ce:72:d7:1e:37:28:9d:9a:67:8b:66:
91:ca:b7:14:be:b0:7b:12:32:dd:62:b3:f3:a9:2c:e3:27:2f:
a7:ab:a5:6a:4f:ec:7b:c2:e4:b4:c4:7a:48:9a:fc:9b:5f:22:
b7:13:70:97:e7:e9:b2:60:71:86:c0:ee:a8:82:93:88:0c:2c:
4c:44:c1:15:5c:d6:8c:21:04:61:24:61:3f:4f:55:2a:da:45:
e2:fb:4d:25:7a:8e:f2:8a:41:ac:dc:b1:0e:f3:ca:38:e8:60:
fd:e3:8b:51:b3:88:e8:af:2c:df:55:b8:75:bd:5d:fb:5c:98:
4c:a3:bb:23:13:38:82:d9:1a:3c:0c:df:db:bd:08:bf:f6:6d:
c1:6e:03:db:d1:07:0a:b2:94:c2:0b:e2:95:27:fd:f1:a4:a1:
9f:46:78:6a:b3:5d:7a:83:75:e4:a3:67:d0:47:c6:bf:d4:8f:
42:fe:51:42:02:0e:13:b1:bf:49:ba:fc:b7:f9:0e:f3:04:27:
64:0c:1a:a8:a5:c4:ad:3b:1d:e7:85:23:78:8b:19:10:01:98:
d7:01:f2:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWJd5KhKwAdmIKw8HjiLv+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMzEyMDgyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzdlNmQ0ZTdkZjY0MWI0ZmU2YzBjMjg1MjJmN2M3Y2Q4YTY4NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4izZVuaG1TeExMczoulK8/+ug/3w
LOBWj50sL26cV+GIzvoAo1coGwxPvvyJgvbmO19tLSQT3DDZSlhcIhIPW4fJOEmj
N3FFSwSnxduk4Krf5x+4amHgitCRnmiQkN6E4kgxbEBUI+8iXPmdPU4zEC3FG/NN
B69yKLj497NqynVahf/hv8LFinN9wHWq//qe+iZliaNkDx/ks94HwrKoPvpqNhyJ
+KAaPWxGoGwzmqvXFxxl5y4CrUYdiIKC2p7XivZLMnHxW6bycsn11K/DAx8Ib/Hh
g9e+f/RHSWTE9MvJOdTX6dEg16isq+JOzChn8gMlOW2dLMaKujx+NLIW3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIN+bU599kG0/mwMKFIvfHzYpoafMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvZzM1dFRuMzJRYlQtYkF3b1VpOThmTmltaHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSf6AwQA
uQUmMA0GCSqGSIb3DQEBCwUAA4IBAQA+Cgc92vD4RAc64N890/REPb8sIfXE4buQ
895/im1Yibay420ViEe2GlOrznLXHjconZpni2aRyrcUvrB7EjLdYrPzqSzjJy+n
q6VqT+x7wuS0xHpImvybXyK3E3CX5+myYHGGwO6ogpOIDCxMRMEVXNaMIQRhJGE/
T1Uq2kXi+00leo7yikGs3LEO88o46GD944tRs4joryzfVbh1vV37XJhMo7sjEziC
2Ro8DN/bvQi/9m3BbgPb0QcKspTCC+KVJ/3xpKGfRnhqs116g3Xko2fQR8a/1I9C
/lFCAg4Tsb9Juvy3+Q7zBCdkDBqopcStOx3nhSN4ixkQAZjXAfKy
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:59:32 2025 by rpki-client