Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f96da8-2c49-4279-8663-01c6708a8709/1/shHEE3ebtV6akWpBBD9SfdkRBY8.roa
File: shHEE3ebtV6akWpBBD9SfdkRBY8.roa (raw, json)
Hash identifier: 9IB/NLNCz2riRdYTke4KXLndFcOsSKkNdr4tuSrlhq4=
Subject key identifier: B2:11:C4:13:77:9B:B5:5E:9A:91:6A:41:04:3F:52:7D:D9:11:05:8F
Certificate issuer: /CN=bd8ab5805d77b8614efad2f9acb83e304d4cdfac
Certificate serial: 01856F54ABD2C5038AF4A27345BF4757D9C7
Authority key identifier: BD:8A:B5:80:5D:77:B8:61:4E:FA:D2:F9:AC:B8:3E:30:4D:4C:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vYq1gF13uGFO-tL5rLg-ME1M36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f96da8-2c49-4279-8663-01c6708a8709/1/shHEE3ebtV6akWpBBD9SfdkRBY8.roa
Signing time: Sun 01 Jan 2023 21:54:58 +0000
ROA not before: Sun 01 Jan 2023 21:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 5.180.112.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:ab:d2:c5:03:8a:f4:a2:73:45:bf:47:57:d9:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd8ab5805d77b8614efad2f9acb83e304d4cdfac
Validity
Not Before: Jan 1 21:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b211c413779bb55e9a916a41043f527dd911058f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f8:a7:88:cc:0f:20:0f:0e:f3:cb:aa:55:3d:
4d:ca:06:fd:02:55:4a:55:a6:67:8b:11:e7:16:75:
03:0f:ed:cf:09:48:d0:2d:2a:00:1f:18:6a:ab:da:
26:48:9e:44:1c:b0:57:d2:47:f1:a6:98:d4:07:14:
66:65:45:5f:f6:9f:21:f4:7e:3c:93:cc:8a:fa:1d:
35:b9:8c:18:61:ed:28:ec:e5:2c:50:2a:7e:ae:22:
61:c9:8e:08:24:c7:9e:0f:d9:52:dc:ee:81:5e:d0:
f0:a3:a4:68:01:3c:68:c7:99:41:71:09:07:eb:bb:
39:02:b3:6a:68:ca:8c:56:a9:ea:c5:35:3a:c8:c1:
53:6a:4c:35:cc:00:ba:4c:8c:83:df:e2:bc:0c:ec:
b8:c6:23:b2:3d:33:d4:67:eb:22:95:2d:b3:9b:bf:
a6:da:44:f5:4c:5a:39:6a:fc:0e:ac:24:17:da:7e:
e2:09:6f:21:77:11:3e:49:1c:76:ef:6a:2e:45:7d:
b0:32:9c:cc:c8:86:4e:17:24:86:f1:87:2a:3a:e0:
4d:65:b0:e3:9f:db:b1:43:f4:79:45:b3:1a:04:62:
c4:f8:f1:db:c4:e5:52:1c:58:05:72:04:d4:c6:9f:
6b:07:e2:18:d1:14:30:48:95:ab:c7:a1:d1:14:5b:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:11:C4:13:77:9B:B5:5E:9A:91:6A:41:04:3F:52:7D:D9:11:05:8F
X509v3 Authority Key Identifier:
keyid:BD:8A:B5:80:5D:77:B8:61:4E:FA:D2:F9:AC:B8:3E:30:4D:4C:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vYq1gF13uGFO-tL5rLg-ME1M36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f96da8-2c49-4279-8663-01c6708a8709/1/shHEE3ebtV6akWpBBD9SfdkRBY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f96da8-2c49-4279-8663-01c6708a8709/1/vYq1gF13uGFO-tL5rLg-ME1M36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.112.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a2:7a:95:d3:4a:65:8c:ae:8b:a9:39:c9:39:ed:50:25:30:
2b:ed:5d:50:63:fd:d0:70:a6:a3:45:d8:b9:20:00:2b:3b:4c:
92:74:f8:32:d2:a7:26:b2:a7:12:05:d0:65:39:ef:a6:9a:7e:
ff:af:d2:0f:47:0f:7b:2c:a6:d4:6a:39:30:78:4c:8b:2d:e4:
a7:0d:1d:c2:44:01:b6:93:1f:be:52:79:dc:d5:96:19:47:f5:
33:e1:72:15:fb:93:f6:a8:45:8e:c9:24:42:b1:99:49:d5:ac:
7b:e5:1b:63:de:64:69:04:58:b3:03:2c:9b:9f:6f:ce:c9:40:
e8:59:f5:36:17:b5:d7:03:a1:70:64:b7:ba:2a:61:e4:88:e0:
ba:76:ac:91:1f:9b:b3:03:f2:47:f9:da:1c:dc:2f:54:14:14:
41:28:0b:ff:f4:03:41:ce:2c:21:2b:b3:f6:0e:e7:f9:90:4f:
84:b2:75:93:42:fd:6e:74:bf:fb:b3:13:3f:f3:30:6e:2e:56:
66:21:87:b4:53:02:76:72:6c:59:39:76:0f:94:66:85:fc:cc:
0c:64:c9:64:7f:79:2b:64:1d:3b:41:86:6d:d6:a5:a5:d1:2c:
8a:8a:9f:fa:1c:82:d0:ba:3d:c4:90:79:45:57:28:78:4d:ff:
11:a3:86:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKvSxQOK9KJzRb9HV9nHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOGFiNTgwNWQ3N2I4NjE0ZWZhZDJmOWFjYjgzZTMwNGQ0
Y2RmYWMwHhcNMjMwMTAxMjE1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjExYzQxMzc3OWJiNTVlOWE5MTZhNDEwNDNmNTI3ZGQ5MTEwNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfiniMwPIA8O88uqVT1Nygb9AlVK
VaZnixHnFnUDD+3PCUjQLSoAHxhqq9omSJ5EHLBX0kfxppjUBxRmZUVf9p8h9H48
k8yK+h01uYwYYe0o7OUsUCp+riJhyY4IJMeeD9lS3O6BXtDwo6RoATxox5lBcQkH
67s5ArNqaMqMVqnqxTU6yMFTakw1zAC6TIyD3+K8DOy4xiOyPTPUZ+silS2zm7+m
2kT1TFo5avwOrCQX2n7iCW8hdxE+SRx272ouRX2wMpzMyIZOFySG8YcqOuBNZbDj
n9uxQ/R5RbMaBGLE+PHbxOVSHFgFcgTUxp9rB+IY0RQwSJWrx6HRFFuPTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIRxBN3m7VempFqQQQ/Un3ZEQWPMB8GA1UdIwQY
MBaAFL2KtYBdd7hhTvrS+ay4PjBNTN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdllxMWdGMTN1R0ZPLXRMNXJMZy1NRTFNMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mOTZkYTgtMmM0OS00Mjc5LTg2NjMt
MDFjNjcwOGE4NzA5LzEvc2hIRUUzZWJ0VjZha1dwQkJEOVNmZGtSQlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mOTZkYTgtMmM0OS00Mjc5LTg2NjMtMDFjNjcwOGE4NzA5
LzEvdllxMWdGMTN1R0ZPLXRMNXJMZy1NRTFNMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbRwMA0G
CSqGSIb3DQEBCwUAA4IBAQBwonqV00pljK6LqTnJOe1QJTAr7V1QY/3QcKajRdi5
IAArO0ySdPgy0qcmsqcSBdBlOe+mmn7/r9IPRw97LKbUajkweEyLLeSnDR3CRAG2
kx++Unnc1ZYZR/Uz4XIV+5P2qEWOySRCsZlJ1ax75Rtj3mRpBFizAyybn2/OyUDo
WfU2F7XXA6FwZLe6KmHkiOC6dqyRH5uzA/JH+doc3C9UFBRBKAv/9ANBziwhK7P2
Duf5kE+EsnWTQv1udL/7sxM/8zBuLlZmIYe0UwJ2cmxZOXYPlGaF/MwMZMlkf3kr
ZB07QYZt1qWl0SyKip/6HILQuj3EkHlFVyh4Tf8Ro4ah
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:27 2025 by rpki-client