Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0H0kjaNYSVD0_q5TZMa__R2tTy8.roa
File: 0H0kjaNYSVD0_q5TZMa__R2tTy8.roa (raw, json)
Hash identifier: 6lpPg7gmOVEaDf8J1w95/+MdrouNSwoj+9zQFXWgTos=
Subject key identifier: D0:7D:24:8D:A3:58:49:50:F4:FE:AE:53:64:C6:BF:FD:1D:AD:4F:2F
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0184CE43D068B1C8D7FC392D28DC2193F7E7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0H0kjaNYSVD0_q5TZMa__R2tTy8.roa
Signing time: Thu 01 Dec 2022 15:17:41 +0000
ROA not before: Thu 01 Dec 2022 15:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212815
IP address blocks: 5.105.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:43:d0:68:b1:c8:d7:fc:39:2d:28:dc:21:93:f7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Dec 1 15:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d07d248da3584950f4feae5364c6bffd1dad4f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a6:39:df:09:f1:9e:ff:a0:fb:2f:7f:d8:76:
ab:b9:4e:71:6e:22:09:62:3b:10:33:d6:a2:cb:10:
c2:01:31:e7:6b:b7:5c:35:d5:3d:73:1e:fc:b6:3f:
8f:6b:44:69:d8:a8:95:c4:01:52:f1:6d:73:36:a5:
79:ab:a5:62:d9:17:b1:83:ef:67:6a:d0:a6:90:61:
64:6c:7f:16:e8:ff:99:aa:40:9d:e8:54:dd:c8:d1:
ed:95:cf:7d:c7:6b:cd:c5:1e:03:28:62:0b:9b:a5:
34:1e:8f:ed:9e:3d:17:47:43:b1:f0:12:2c:2f:0f:
77:ec:60:59:3f:1c:13:73:6d:db:04:77:57:7c:71:
d9:44:fb:6a:54:ad:4a:76:53:b6:5b:6f:d5:3b:96:
87:39:65:30:a6:bf:e4:9d:d0:81:20:57:f9:5e:2a:
e4:da:ef:a8:bc:12:49:9c:2c:9e:60:b2:27:42:3e:
b7:2d:4a:03:3f:83:4c:a6:c0:e6:2c:f9:5f:56:bb:
76:f1:3d:c7:1e:3b:30:24:30:a7:18:63:58:ee:6f:
70:9e:62:57:49:2d:06:f6:83:24:ed:d6:4d:02:a3:
f9:d5:f8:c5:11:70:95:9b:6f:c7:f2:41:72:ea:14:
35:40:a6:a2:13:4d:64:16:fa:a2:00:a8:ec:a2:33:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7D:24:8D:A3:58:49:50:F4:FE:AE:53:64:C6:BF:FD:1D:AD:4F:2F
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/0H0kjaNYSVD0_q5TZMa__R2tTy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.24.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c4:80:7b:10:5e:cc:45:99:1b:77:ec:00:ba:7e:46:97:ee:
c2:07:5d:77:02:ce:0f:29:84:58:6d:bf:1a:04:f4:e3:c3:c4:
e3:30:96:da:e0:f6:79:4c:fd:db:29:56:a5:94:c6:ab:cd:fd:
ec:bf:cb:76:07:b3:a3:33:0a:b5:b1:cb:1d:14:84:80:2c:11:
a0:e5:9b:2a:bf:9d:b5:29:76:96:21:7c:74:45:43:cf:5a:34:
b1:6c:c7:a4:f6:67:9f:71:85:88:83:a5:0e:01:c3:ec:9c:00:
57:26:b8:e3:a0:fe:c5:12:c6:a2:4d:80:d0:8f:92:b9:eb:98:
9b:d7:95:91:70:e6:0f:05:83:0f:1b:9f:97:cf:97:69:fa:4f:
af:c7:64:2a:51:8f:75:05:ba:5a:8e:ca:d6:eb:d6:ce:ae:65:
59:87:1c:28:ef:9b:b9:2b:56:40:b7:e7:db:14:2b:36:31:c1:
c3:5a:37:99:08:3a:c7:38:18:f5:f2:a3:6b:99:17:a6:eb:ee:
1a:2e:d0:ce:d7:4f:08:9e:72:d5:ed:5c:d2:86:b8:8e:52:c0:
fe:7a:86:8a:59:ac:51:8c:b7:da:29:65:16:84:22:5d:12:ef:
80:2f:c1:7d:78:17:0a:c8:3a:eb:95:f1:2b:df:63:ef:18:a1:
7c:80:b2:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTOQ9BoscjX/DktKNwhk/fnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjIxMjAxMTUxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdkMjQ4ZGEzNTg0OTUwZjRmZWFlNTM2NGM2YmZmZDFkYWQ0ZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqY53wnxnv+g+y9/2HaruU5xbiIJ
YjsQM9aiyxDCATHna7dcNdU9cx78tj+Pa0Rp2KiVxAFS8W1zNqV5q6Vi2Rexg+9n
atCmkGFkbH8W6P+ZqkCd6FTdyNHtlc99x2vNxR4DKGILm6U0Ho/tnj0XR0Ox8BIs
Lw937GBZPxwTc23bBHdXfHHZRPtqVK1KdlO2W2/VO5aHOWUwpr/kndCBIFf5Xirk
2u+ovBJJnCyeYLInQj63LUoDP4NMpsDmLPlfVrt28T3HHjswJDCnGGNY7m9wnmJX
SS0G9oMk7dZNAqP51fjFEXCVm2/H8kFy6hQ1QKaiE01kFvqiAKjsojOkXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNB9JI2jWElQ9P6uU2TGv/0drU8vMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMEgwa2phTllTVkQwX3E1VFpNYV9fUjJ0VHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkYMA0G
CSqGSIb3DQEBCwUAA4IBAQBexIB7EF7MRZkbd+wAun5Gl+7CB113As4PKYRYbb8a
BPTjw8TjMJba4PZ5TP3bKVallMarzf3sv8t2B7OjMwq1scsdFISALBGg5Zsqv521
KXaWIXx0RUPPWjSxbMek9mefcYWIg6UOAcPsnABXJrjjoP7FEsaiTYDQj5K565ib
15WRcOYPBYMPG5+Xz5dp+k+vx2QqUY91BbpajsrW69bOrmVZhxwo75u5K1ZAt+fb
FCs2McHDWjeZCDrHOBj18qNrmRem6+4aLtDO108InnLV7VzShriOUsD+eoaKWaxR
jLfaKWUWhCJdEu+AL8F9eBcKyDrrlfEr32PvGKF8gLL2
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:03:27 2025 by rpki-client