Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/99dd6e-0856-4a27-aecd-d8928f5e1b40/1/5lxdXXMFxYxoygmdkLHDVycf6Ls.roa
File: 5lxdXXMFxYxoygmdkLHDVycf6Ls.roa (raw, json)
Hash identifier: 8akqgrA1gBkLMeQEUc+FbsTSvkiKqDW9xlyu0c6xU6A=
Subject key identifier: E6:5C:5D:5D:73:05:C5:8C:68:CA:09:9D:90:B1:C3:57:27:1F:E8:BB
Certificate issuer: /CN=6a9d6d26e56c132ddbbc005ac424fb536acba020
Certificate serial: 019420687460BDBEF6A95A1CFE33B1B83EBA
Authority key identifier: 6A:9D:6D:26:E5:6C:13:2D:DB:BC:00:5A:C4:24:FB:53:6A:CB:A0:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ap1tJuVsEy3bvABaxCT7U2rLoCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/99dd6e-0856-4a27-aecd-d8928f5e1b40/1/5lxdXXMFxYxoygmdkLHDVycf6Ls.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 193.5.152.0/22 maxlen: 22
193.246.121.0/24 maxlen: 24
193.247.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:74:60:bd:be:f6:a9:5a:1c:fe:33:b1:b8:3e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a9d6d26e56c132ddbbc005ac424fb536acba020
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e65c5d5d7305c58c68ca099d90b1c357271fe8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:76:e0:aa:90:0b:b6:00:7f:8e:b6:76:36:03:
66:cb:ec:ec:31:06:b3:26:b9:a2:36:f1:f1:33:95:
42:85:af:f6:b9:6f:8a:ac:dc:fc:14:c9:a2:56:53:
cd:b6:0f:29:db:f9:85:19:c7:a9:f6:3c:d4:59:7f:
e2:17:99:ff:dc:25:bf:1e:61:eb:5e:88:57:43:c9:
24:d1:28:f6:06:08:bd:d1:b1:e7:d5:00:d4:0d:f9:
2b:6c:1c:99:53:e6:dd:45:66:75:37:fe:4d:c6:85:
9a:68:19:b6:bd:ba:e1:b1:40:f8:61:9b:c6:50:87:
08:1d:83:b1:77:ef:ea:59:8c:5e:61:aa:fb:a6:f9:
14:ab:d3:5c:51:8b:35:fa:f0:54:03:b3:68:ac:73:
ff:d7:da:78:43:07:27:1e:6e:03:70:b4:a9:0c:04:
61:d1:4f:db:84:e3:04:57:b4:57:df:68:8a:6a:fb:
36:35:96:5f:f1:b7:a8:ee:91:81:02:b0:cc:81:70:
6f:73:6b:be:91:6d:88:bc:b2:ef:e4:66:e9:eb:db:
89:5d:19:c4:a2:62:36:5f:10:be:26:f4:1c:d5:4c:
21:09:3c:e4:d0:fc:1a:f2:19:2d:31:07:ad:75:b3:
04:9c:01:fb:10:09:fe:1f:1f:89:ad:81:ae:10:05:
a6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:5C:5D:5D:73:05:C5:8C:68:CA:09:9D:90:B1:C3:57:27:1F:E8:BB
X509v3 Authority Key Identifier:
keyid:6A:9D:6D:26:E5:6C:13:2D:DB:BC:00:5A:C4:24:FB:53:6A:CB:A0:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ap1tJuVsEy3bvABaxCT7U2rLoCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99dd6e-0856-4a27-aecd-d8928f5e1b40/1/5lxdXXMFxYxoygmdkLHDVycf6Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99dd6e-0856-4a27-aecd-d8928f5e1b40/1/ap1tJuVsEy3bvABaxCT7U2rLoCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.152.0/22
193.246.121.0/24
193.247.182.0/24
Signature Algorithm: sha256WithRSAEncryption
18:08:6a:6e:ff:41:a6:a5:d1:40:44:c0:2c:73:dd:9c:05:82:
39:14:1e:52:7f:6d:85:58:0e:12:ed:00:51:e9:1b:39:2f:44:
6b:48:c6:ad:a7:d3:06:b6:3c:aa:7c:96:0b:72:40:46:d0:75:
bb:a0:6b:36:15:66:ed:8e:f6:89:db:08:49:0f:f1:0d:9b:b9:
fa:ec:31:b9:b4:f0:94:6d:8c:1e:55:a5:41:54:75:bc:50:54:
f1:bc:fd:4a:54:4a:11:1e:8d:74:75:39:8c:04:2b:0d:aa:f8:
62:13:1c:e1:b3:4f:2b:74:a0:05:01:6f:68:fb:9c:c4:a3:36:
99:28:59:07:6b:27:66:a1:7a:23:83:cd:56:30:e7:9d:43:af:
53:84:13:58:84:e6:d8:62:57:ee:dd:a5:1a:a0:f7:8d:43:b5:
00:b7:c3:f9:03:d3:04:57:a7:e3:9b:f7:75:40:2a:62:da:95:
d1:11:86:29:ec:ed:46:16:dd:b1:2a:66:f0:90:3f:3d:27:2b:
09:2a:05:7a:fc:af:32:5f:d6:3b:92:e6:e2:be:f2:41:27:d5:
59:d7:9c:5c:5c:f0:24:5b:66:ac:f2:f9:e2:c8:d7:87:bd:8a:
98:9a:23:db:58:fd:83:6b:28:8c:7e:60:95:ff:40:c5:e7:67:
44:46:12:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaHRgvb72qVoc/jOxuD66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWQ2ZDI2ZTU2YzEzMmRkYmJjMDA1YWM0MjRmYjUzNmFj
YmEwMjAwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjVjNWQ1ZDczMDVjNThjNjhjYTA5OWQ5MGIxYzM1NzI3MWZlOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHbgqpALtgB/jrZ2NgNmy+zsMQaz
JrmiNvHxM5VCha/2uW+KrNz8FMmiVlPNtg8p2/mFGcep9jzUWX/iF5n/3CW/HmHr
XohXQ8kk0Sj2Bgi90bHn1QDUDfkrbByZU+bdRWZ1N/5NxoWaaBm2vbrhsUD4YZvG
UIcIHYOxd+/qWYxeYar7pvkUq9NcUYs1+vBUA7NorHP/19p4QwcnHm4DcLSpDARh
0U/bhOMEV7RX32iKavs2NZZf8beo7pGBArDMgXBvc2u+kW2IvLLv5Gbp69uJXRnE
omI2XxC+JvQc1UwhCTzk0Pwa8hktMQetdbMEnAH7EAn+Hx+JrYGuEAWmbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOZcXV1zBcWMaMoJnZCxw1cnH+i7MB8GA1UdIwQY
MBaAFGqdbSblbBMt27wAWsQk+1Nqy6AgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXAxdEp1VnNFeTNidkFCYXhDVDdVMnJMb0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85OWRkNmUtMDg1Ni00YTI3LWFlY2Qt
ZDg5MjhmNWUxYjQwLzEvNWx4ZFhYTUZ4WXhveWdtZGtMSERWeWNmNkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85OWRkNmUtMDg1Ni00YTI3LWFlY2QtZDg5MjhmNWUxYjQw
LzEvYXAxdEp1VnNFeTNidkFCYXhDVDdVMnJMb0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCwQWYAwQA
wfZ5AwQAwfe2MA0GCSqGSIb3DQEBCwUAA4IBAQAYCGpu/0GmpdFARMAsc92cBYI5
FB5Sf22FWA4S7QBR6Rs5L0RrSMatp9MGtjyqfJYLckBG0HW7oGs2FWbtjvaJ2whJ
D/ENm7n67DG5tPCUbYweVaVBVHW8UFTxvP1KVEoRHo10dTmMBCsNqvhiExzhs08r
dKAFAW9o+5zEozaZKFkHaydmoXojg81WMOedQ69ThBNYhObYYlfu3aUaoPeNQ7UA
t8P5A9MEV6fjm/d1QCpi2pXREYYp7O1GFt2xKmbwkD89JysJKgV6/K8yX9Y7kubi
vvJBJ9VZ15xcXPAkW2as8vniyNeHvYqYmiPbWP2DayiMfmCV/0DF52dERhKu
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:12:38 2025 by rpki-client