Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/R1dp-tun-PohHG7Lv3JRofvpDlQ.roa
File: R1dp-tun-PohHG7Lv3JRofvpDlQ.roa (raw, json)
Hash identifier: y+WlLIRKEIyHAx2ga8rLDDWF/xfOaOfVe4hFy70Rw+A=
Subject key identifier: 47:57:69:FA:DB:A7:F8:FA:21:1C:6E:CB:BF:72:51:A1:FB:E9:0E:54
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 0194271ED26188BF7F75D8BE7AD9DBDC55B5
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/R1dp-tun-PohHG7Lv3JRofvpDlQ.roa
Signing time: Thu 02 Jan 2025 13:05:18 +0000
ROA not before: Thu 02 Jan 2025 13:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 5.42.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:1e:d2:61:88:bf:7f:75:d8:be:7a:d9:db:dc:55:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 2 13:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=475769fadba7f8fa211c6ecbbf7251a1fbe90e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:47:19:61:d9:14:f9:d9:61:1c:f2:57:12:e9:
9f:a1:de:a0:c2:43:ac:d7:d8:99:7e:63:aa:bf:ce:
27:fb:ad:a8:b8:24:18:f1:a2:5b:54:f2:d4:be:9c:
1d:d6:a9:45:5c:24:79:25:73:fd:a4:a6:b3:15:7e:
48:b2:86:b2:bc:db:7d:91:74:e9:42:96:f2:93:b3:
af:1b:c6:3c:27:a4:50:95:6a:b0:1a:50:03:3a:a8:
2e:d8:72:18:dd:6c:1d:78:6e:87:82:db:a6:ec:9a:
4f:14:26:51:ca:fa:c2:d9:51:ea:b1:2a:58:85:6a:
94:6b:6f:c5:c8:f6:a6:52:06:26:6e:40:6e:8d:65:
c3:d6:4a:ee:69:a7:29:d4:05:a6:42:59:98:21:33:
67:cc:92:9f:92:48:93:e6:73:4a:08:79:04:39:e2:
91:ed:22:3c:b2:02:21:e0:a6:e0:9e:b7:4d:40:5d:
77:fd:84:cf:8f:59:fb:11:5d:2f:18:60:df:d6:db:
86:de:2b:b2:95:6b:ef:4a:8f:2e:0e:b6:da:37:87:
9f:76:41:59:8b:bd:6c:b7:31:59:90:01:d7:75:02:
6a:37:14:a5:04:ef:1c:17:8b:0f:a0:60:bf:4d:9f:
d9:14:ed:47:4d:0a:7a:b7:3e:6b:5a:57:d5:c8:eb:
ac:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:57:69:FA:DB:A7:F8:FA:21:1C:6E:CB:BF:72:51:A1:FB:E9:0E:54
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/R1dp-tun-PohHG7Lv3JRofvpDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.64.0/24
Signature Algorithm: sha256WithRSAEncryption
86:be:c9:48:60:45:60:e1:2d:c2:03:d7:69:e5:18:b4:3e:4c:
74:5c:c3:7c:a6:8b:4f:3e:db:19:6f:1f:25:87:6c:bc:c8:cf:
fa:cb:78:ef:09:7a:eb:19:a1:bc:c9:16:93:18:27:1e:d2:12:
55:ba:87:bf:35:53:f9:77:b2:9e:c2:14:52:fa:e0:45:a7:ab:
0c:5c:a9:28:95:cd:f2:31:fd:13:3f:86:ba:6c:65:ea:15:15:
34:a1:11:c7:bb:17:fe:49:7d:f2:05:5b:19:d3:23:47:b1:e1:
25:d7:f9:b1:a5:ad:d1:13:b4:b5:83:24:52:5e:15:6c:e5:0f:
53:23:ad:f1:ba:17:91:cb:e6:d3:c7:5f:8a:04:92:03:fa:1f:
09:ae:f1:c6:7f:fa:53:04:48:64:00:78:77:2b:c0:99:71:17:
9e:35:1c:95:02:8a:0b:38:66:33:b0:23:99:97:de:2a:a7:ac:
4f:62:0d:9d:b3:da:0d:ba:db:45:92:f5:36:0a:e8:66:df:c8:
d9:c0:9e:41:a4:2d:6e:60:2b:aa:14:64:35:0b:61:1b:bd:ea:
72:2c:7b:4e:c0:33:ad:a0:07:3f:86:2a:1f:14:bf:14:9a:a9:
95:4b:ef:e6:ec:08:83:ae:77:d4:05:f5:da:7f:3b:e1:e5:2c:
c4:16:fc:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnHtJhiL9/ddi+etnb3FW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjUwMTAyMTMwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzU3NjlmYWRiYTdmOGZhMjExYzZlY2JiZjcyNTFhMWZiZTkwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkcZYdkU+dlhHPJXEumfod6gwkOs
19iZfmOqv84n+62ouCQY8aJbVPLUvpwd1qlFXCR5JXP9pKazFX5IsoayvNt9kXTp
Qpbyk7OvG8Y8J6RQlWqwGlADOqgu2HIY3WwdeG6Hgtum7JpPFCZRyvrC2VHqsSpY
hWqUa2/FyPamUgYmbkBujWXD1kruaacp1AWmQlmYITNnzJKfkkiT5nNKCHkEOeKR
7SI8sgIh4KbgnrdNQF13/YTPj1n7EV0vGGDf1tuG3iuylWvvSo8uDrbaN4efdkFZ
i71stzFZkAHXdQJqNxSlBO8cF4sPoGC/TZ/ZFO1HTQp6tz5rWlfVyOusNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdXafrbp/j6IRxuy79yUaH76Q5UMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvUjFkcC10dW4tUG9oSEc3THYzSlJvZnZwRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSpAMA0G
CSqGSIb3DQEBCwUAA4IBAQCGvslIYEVg4S3CA9dp5Ri0Pkx0XMN8potPPtsZbx8l
h2y8yM/6y3jvCXrrGaG8yRaTGCce0hJVuoe/NVP5d7KewhRS+uBFp6sMXKkolc3y
Mf0TP4a6bGXqFRU0oRHHuxf+SX3yBVsZ0yNHseEl1/mxpa3RE7S1gyRSXhVs5Q9T
I63xuheRy+bTx1+KBJID+h8JrvHGf/pTBEhkAHh3K8CZcReeNRyVAooLOGYzsCOZ
l94qp6xPYg2ds9oNuttFkvU2Cuhm38jZwJ5BpC1uYCuqFGQ1C2EbvepyLHtOwDOt
oAc/hiofFL8UmqmVS+/m7AiDrnfUBfXafzvh5SzEFvxe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:03 2025 by rpki-client