Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/r0iNlWVybkZPXXX8CrK7kPQfO9w.roa
File: r0iNlWVybkZPXXX8CrK7kPQfO9w.roa (raw, json)
Hash identifier: GWx2ullzYNJcpT/3moVRB7/EJjtrJ5KZY1A9CN9OvSc=
Subject key identifier: AF:48:8D:95:65:72:6E:46:4F:5D:75:FC:0A:B2:BB:90:F4:1F:3B:DC
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 01941FFAA425F4FC04522F31D96B120BCB23
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/r0iNlWVybkZPXXX8CrK7kPQfO9w.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211775
IP address blocks: 5.150.8.0/21 maxlen: 21
194.59.0.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a4:25:f4:fc:04:52:2f:31:d9:6b:12:0b:cb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af488d9565726e464f5d75fc0ab2bb90f41f3bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bb:0e:6e:4f:4d:de:d2:f6:98:ce:cc:7b:7f:
4d:63:ba:0c:f9:19:26:b0:2f:e3:87:06:d3:05:7b:
11:c0:78:fd:86:ae:e8:4b:07:fe:9b:6c:6b:64:ab:
93:54:00:e1:8d:89:13:a1:34:38:28:0f:55:6d:92:
39:02:08:41:9e:2f:08:fe:35:26:65:cd:43:94:c7:
96:33:ab:27:df:82:18:c7:bd:43:0a:67:7e:43:0d:
e6:ab:77:6b:32:69:6c:8f:70:5e:d0:f5:d4:8c:02:
de:d9:a3:96:12:b9:f2:e9:be:af:65:a4:09:70:90:
2a:cc:f6:1f:dc:e0:d9:95:23:1d:aa:97:b0:e0:1c:
b0:05:55:87:61:77:26:00:a6:ec:83:14:31:a0:be:
cc:eb:a6:bd:f8:64:e8:cc:80:2d:d6:20:48:95:34:
1e:78:e5:8c:0e:72:d3:a7:06:4e:4f:89:11:2a:23:
a3:80:b7:85:c3:93:60:ba:72:59:aa:9a:f6:dc:c7:
9e:d8:c4:84:29:3b:9f:fc:f3:88:4d:77:24:a5:4b:
fd:0f:80:d9:02:84:fb:81:a0:8d:3a:04:c0:49:d0:
fd:23:bb:5b:ba:25:69:48:90:c3:95:46:2d:af:0f:
f1:94:2f:d2:ff:a6:a9:2a:d0:0a:ec:22:07:ff:3e:
15:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:48:8D:95:65:72:6E:46:4F:5D:75:FC:0A:B2:BB:90:F4:1F:3B:DC
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/r0iNlWVybkZPXXX8CrK7kPQfO9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.8.0/21
194.59.0.0/23
Signature Algorithm: sha256WithRSAEncryption
44:6c:3a:f2:bd:01:c0:b1:39:28:c3:d5:d4:5c:62:31:36:ec:
ec:4e:30:09:22:7f:88:8d:6c:ff:56:f1:90:1d:85:ad:12:bd:
7c:f9:2b:af:7f:6a:57:a5:ab:d3:e6:0e:9a:6d:a7:ab:e4:88:
71:4c:a3:c1:f5:cc:66:1e:52:14:89:8d:96:1c:b7:3b:3d:c2:
53:35:b9:32:bb:3b:78:e6:6e:96:78:73:4b:17:36:d1:69:37:
1c:bf:05:44:39:f3:4b:67:99:86:5b:06:f2:19:13:2d:86:4d:
62:7e:20:0c:23:1a:18:94:03:17:08:08:41:bd:15:48:58:6c:
b3:0f:d7:cb:1c:37:f0:f0:31:e5:7e:39:dc:1a:28:7e:b7:8f:
a1:6b:73:7f:55:9c:1d:a3:09:df:c7:f4:7a:6b:c4:90:99:9b:
35:55:63:1f:d5:d0:95:92:59:49:3a:bb:5e:4a:f1:1e:bb:31:
8c:a8:72:b9:c3:ab:b1:1b:e2:4a:8b:02:6e:92:fa:08:fe:f4:
3c:71:96:d6:21:17:f4:5d:5c:c1:c8:5d:6e:db:d5:cd:27:2b:
c3:8d:a3:60:32:88:90:62:ce:80:5d:ef:ef:bf:19:0e:81:ec:
24:4c:2f:89:22:9b:7a:ce:4a:7b:2c:d9:7b:25:8f:79:fb:37:
79:a0:10:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+qQl9PwEUi8x2WsSC8sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQ4OGQ5NTY1NzI2ZTQ2NGY1ZDc1ZmMwYWIyYmI5MGY0MWYzYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLsObk9N3tL2mM7Me39NY7oM+Rkm
sC/jhwbTBXsRwHj9hq7oSwf+m2xrZKuTVADhjYkToTQ4KA9VbZI5AghBni8I/jUm
Zc1DlMeWM6sn34IYx71DCmd+Qw3mq3drMmlsj3Be0PXUjALe2aOWErny6b6vZaQJ
cJAqzPYf3ODZlSMdqpew4BywBVWHYXcmAKbsgxQxoL7M66a9+GTozIAt1iBIlTQe
eOWMDnLTpwZOT4kRKiOjgLeFw5NgunJZqpr23Mee2MSEKTuf/POITXckpUv9D4DZ
AoT7gaCNOgTASdD9I7tbuiVpSJDDlUYtrw/xlC/S/6apKtAK7CIH/z4VxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9IjZVlcm5GT111/Aqyu5D0HzvcMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvcjBpTmxXVnlia1pQWFhYOENySzdrUFFmTzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBZYIAwQB
wjsAMA0GCSqGSIb3DQEBCwUAA4IBAQBEbDryvQHAsTkow9XUXGIxNuzsTjAJIn+I
jWz/VvGQHYWtEr18+Suvf2pXpavT5g6abaer5IhxTKPB9cxmHlIUiY2WHLc7PcJT
Nbkyuzt45m6WeHNLFzbRaTccvwVEOfNLZ5mGWwbyGRMthk1ifiAMIxoYlAMXCAhB
vRVIWGyzD9fLHDfw8DHlfjncGih+t4+ha3N/VZwdownfx/R6a8SQmZs1VWMf1dCV
kllJOrteSvEeuzGMqHK5w6uxG+JKiwJukvoI/vQ8cZbWIRf0XVzByF1u29XNJyvD
jaNgMoiQYs6AXe/vvxkOgewkTC+JIpt6zkp7LNl7JY95+zd5oBDL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:55 2025 by rpki-client