Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gMlbXZ3StxSbtxFMQZvPD04st2k.roa
File: gMlbXZ3StxSbtxFMQZvPD04st2k.roa (raw, json)
Hash identifier: Wz6OifPu8aBGxBR5zbQx9QNv32MtSnAdrpJgOvb2120=
Subject key identifier: 80:C9:5B:5D:9D:D2:B7:14:9B:B7:11:4C:41:9B:CF:0F:4E:2C:B7:69
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 018892872F894E2B54965EA2D0ED7A76FC2E
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gMlbXZ3StxSbtxFMQZvPD04st2k.roa
Signing time: Tue 06 Jun 2023 21:05:13 +0000
ROA not before: Tue 06 Jun 2023 21:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43072
IP address blocks: 5.105.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:92:87:2f:89:4e:2b:54:96:5e:a2:d0:ed:7a:76:fc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 6 21:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80c95b5d9dd2b7149bb7114c419bcf0f4e2cb769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b4:42:c8:36:53:c1:ec:9b:04:94:96:4e:a7:
c5:a7:17:eb:8d:2e:10:fb:0e:37:35:6c:a3:19:2a:
6b:d7:f3:6e:a7:9e:19:2e:74:3d:b1:7b:1c:4f:90:
a7:d5:3a:17:1a:7a:e9:dd:ca:34:13:af:d9:ef:1f:
64:0b:52:b9:07:02:e9:cf:40:0e:e2:07:dc:d4:81:
98:ea:f9:bc:8a:fd:bf:c9:79:9d:71:84:1c:86:86:
8a:38:64:02:ac:48:e7:dd:a3:43:8a:9e:61:2f:02:
70:3a:18:ae:93:45:55:15:9f:68:1c:35:17:b3:b4:
d8:30:ba:bb:89:57:0d:76:7d:44:6a:ed:9b:9a:59:
98:75:5e:e3:7b:71:04:d2:95:1c:2f:eb:15:2f:38:
34:8e:ec:14:75:52:48:ac:a5:21:51:e6:42:fb:06:
81:05:a0:f4:c9:03:0b:20:28:1e:1f:13:e2:62:46:
b3:8c:36:76:1a:99:1e:92:f4:62:be:a6:e9:78:0e:
b9:f9:13:ae:00:d7:3c:ec:3d:68:45:34:9b:9b:ea:
b9:5c:bd:fc:d0:86:4b:fb:82:e6:48:87:9a:04:41:
6b:40:7a:06:51:be:93:0c:c4:b1:36:03:0b:a0:f8:
7b:6e:9e:80:a7:5b:c4:1e:43:4f:df:5b:b4:ca:e5:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:C9:5B:5D:9D:D2:B7:14:9B:B7:11:4C:41:9B:CF:0F:4E:2C:B7:69
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/gMlbXZ3StxSbtxFMQZvPD04st2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.165.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:fb:5b:48:1b:67:42:45:30:7b:4e:61:6a:9a:74:31:6b:ee:
b5:39:53:a7:7d:a3:91:55:d0:c8:df:00:40:e0:74:0e:6f:a8:
4e:66:d1:96:d5:ec:8f:5c:7f:4e:43:e3:9c:35:3c:d6:d2:a3:
03:4e:fa:30:a6:96:56:75:43:2e:80:47:9e:66:33:cd:d6:ff:
28:ad:5f:10:1b:4b:b2:97:a6:f0:0a:06:d6:af:37:38:a6:47:
49:fb:34:82:dd:79:d7:2b:cf:55:e0:ed:11:9b:f0:f4:20:08:
b0:e3:da:b7:7e:42:d5:76:50:fc:61:b3:ab:84:5b:45:50:a8:
72:34:b7:e4:86:47:c0:0b:f2:2b:57:62:f5:50:19:91:db:78:
13:6c:1e:59:3b:88:b9:6c:fe:f5:94:40:1d:0b:ca:c8:93:ea:
e8:ec:7c:57:53:f9:4c:bc:da:a8:d9:87:e5:f3:7e:ab:15:84:
90:28:b2:a0:c3:2f:45:fc:32:60:cb:e9:5d:d6:f0:e2:5a:48:
09:fc:6b:4c:b4:91:d2:7d:30:45:5a:87:19:5f:a7:9c:92:b0:
de:f4:1c:a9:07:11:dd:f4:fd:c0:68:e0:61:a4:52:7b:8d:11:
ce:b6:c4:c7:61:da:b4:17:06:01:41:28:f2:1b:72:24:9f:d6:
9a:48:ce:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiShy+JTitUll6i0O16dvwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjA2MjEwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGM5NWI1ZDlkZDJiNzE0OWJiNzExNGM0MTliY2YwZjRlMmNiNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7RCyDZTweybBJSWTqfFpxfrjS4Q
+w43NWyjGSpr1/Nup54ZLnQ9sXscT5Cn1ToXGnrp3co0E6/Z7x9kC1K5BwLpz0AO
4gfc1IGY6vm8iv2/yXmdcYQchoaKOGQCrEjn3aNDip5hLwJwOhiuk0VVFZ9oHDUX
s7TYMLq7iVcNdn1Eau2bmlmYdV7je3EE0pUcL+sVLzg0juwUdVJIrKUhUeZC+waB
BaD0yQMLICgeHxPiYkazjDZ2GpkekvRivqbpeA65+ROuANc87D1oRTSbm+q5XL38
0IZL+4LmSIeaBEFrQHoGUb6TDMSxNgMLoPh7bp6Ap1vEHkNP31u0yuXx2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDJW12d0rcUm7cRTEGbzw9OLLdpMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZ01sYlhaM1N0eFNidHhGTVFadlBEMDRzdDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWmlMA0G
CSqGSIb3DQEBCwUAA4IBAQDP+1tIG2dCRTB7TmFqmnQxa+61OVOnfaORVdDI3wBA
4HQOb6hOZtGW1eyPXH9OQ+OcNTzW0qMDTvowppZWdUMugEeeZjPN1v8orV8QG0uy
l6bwCgbWrzc4pkdJ+zSC3XnXK89V4O0Rm/D0IAiw49q3fkLVdlD8YbOrhFtFUKhy
NLfkhkfAC/IrV2L1UBmR23gTbB5ZO4i5bP71lEAdC8rIk+ro7HxXU/lMvNqo2Yfl
836rFYSQKLKgwy9F/DJgy+ld1vDiWkgJ/GtMtJHSfTBFWocZX6eckrDe9BypBxHd
9P3AaOBhpFJ7jRHOtsTHYdq0FwYBQSjyG3Ikn9aaSM5Z
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:51 2025 by rpki-client