Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ul3uv5hec5ukIf7FCGeau4nCEHc.roa
File: ul3uv5hec5ukIf7FCGeau4nCEHc.roa (raw, json)
Hash identifier: pc0UTa1zNFc4D1XbCiXp6Zxm7lOslpwK+C/ygH0+nGg=
Subject key identifier: BA:5D:EE:BF:98:5E:73:9B:A4:21:FE:C5:08:67:9A:BB:89:C2:10:77
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019422202EF6B2C361EA231253A326A41355
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ul3uv5hec5ukIf7FCGeau4nCEHc.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56322
IP address blocks: 5.182.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2e:f6:b2:c3:61:ea:23:12:53:a3:26:a4:13:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba5deebf985e739ba421fec508679abb89c21077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:4b:cc:40:db:b0:a7:a0:68:53:e3:63:a0:
ee:16:9a:9d:2d:2a:85:a7:04:9c:4e:e3:af:99:4d:
1e:ef:2e:78:fb:d0:d6:5a:6e:5a:6f:20:db:77:67:
d2:07:9a:eb:e7:df:90:ad:f4:01:7f:59:ca:6e:f4:
e6:18:d5:fa:98:5b:b2:72:a2:d4:36:4f:23:aa:e2:
da:65:f9:cc:9d:34:42:87:2a:ca:d9:9f:8a:6e:49:
18:8b:3b:d6:85:78:a3:90:7b:84:3c:6e:09:73:25:
de:49:53:e5:b7:77:af:3d:09:a5:44:b8:24:05:3c:
af:97:5c:13:92:a4:7b:dc:b5:a4:49:86:a7:ea:b5:
9c:4d:39:8e:5c:b0:4f:7f:92:17:93:8a:cd:69:25:
66:c4:f3:bf:fc:ae:e7:7a:07:5b:0b:c0:5b:92:a9:
79:28:51:bb:e4:56:53:bc:15:7d:8b:11:bb:92:52:
ea:a1:09:0b:c1:ab:a1:9d:b9:97:33:0c:2f:1f:00:
b3:33:34:8a:0b:28:f2:73:4f:8f:fd:38:6e:32:3f:
aa:e3:2d:2b:d7:4c:04:f4:34:60:c5:b8:dd:9a:d3:
75:12:d9:07:a6:77:9b:55:9c:c7:bf:87:7c:3b:d6:
7f:80:41:4a:cd:37:35:f3:06:2c:40:fe:6b:94:dd:
62:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5D:EE:BF:98:5E:73:9B:A4:21:FE:C5:08:67:9A:BB:89:C2:10:77
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ul3uv5hec5ukIf7FCGeau4nCEHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.38.0/24
Signature Algorithm: sha256WithRSAEncryption
94:6c:aa:c3:ab:47:eb:8b:2b:3b:97:d5:b2:b4:99:02:f4:19:
8c:c7:75:69:b1:8e:60:26:e4:89:aa:36:93:12:6a:ba:3e:3b:
bf:bb:0f:22:d6:2c:ee:6f:95:89:84:54:48:cc:d3:d3:e2:8c:
c4:5c:80:6b:d9:77:3c:05:ca:31:42:cd:2d:41:8e:5b:88:e4:
19:01:53:82:0f:85:09:d0:e7:07:1d:a9:12:93:e6:5d:f9:3b:
34:11:ea:52:bf:ef:fb:6a:43:c4:3c:fe:de:b0:b9:c6:8a:80:
61:71:9a:4e:cc:9b:28:f4:3d:15:04:ef:da:a5:1c:78:8c:5f:
59:27:4f:00:4c:33:5a:f2:d1:c7:d9:d2:f9:ec:c2:b4:76:a9:
ef:03:fd:0f:fd:b1:cf:83:a2:1f:fe:76:0c:c7:41:c5:c0:74:
25:d3:5f:76:1c:3e:01:04:bd:4e:04:d9:ad:b4:13:cb:1f:22:
08:ad:8f:13:e5:70:91:8e:f8:1e:97:bf:e7:e3:99:2e:4e:cf:
cc:5a:f5:f0:cc:02:2d:c9:2b:73:74:b9:0b:2f:16:64:f3:a2:
c1:36:96:72:f5:66:55:52:3c:f4:d7:9e:65:38:f0:27:7a:aa:
bd:26:67:1c:cc:de:57:58:6b:12:e2:91:c9:cb:d4:8b:9a:02:
b0:4f:5c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIC72ssNh6iMSU6MmpBNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVkZWViZjk4NWU3MzliYTQyMWZlYzUwODY3OWFiYjg5YzIxMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZpLzEDbsKegaFPjY6DuFpqdLSqF
pwScTuOvmU0e7y54+9DWWm5abyDbd2fSB5rr59+QrfQBf1nKbvTmGNX6mFuycqLU
Nk8jquLaZfnMnTRChyrK2Z+KbkkYizvWhXijkHuEPG4JcyXeSVPlt3evPQmlRLgk
BTyvl1wTkqR73LWkSYan6rWcTTmOXLBPf5IXk4rNaSVmxPO//K7negdbC8Bbkql5
KFG75FZTvBV9ixG7klLqoQkLwauhnbmXMwwvHwCzMzSKCyjyc0+P/ThuMj+q4y0r
10wE9DRgxbjdmtN1EtkHpnebVZzHv4d8O9Z/gEFKzTc18wYsQP5rlN1i6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLpd7r+YXnObpCH+xQhnmruJwhB3MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvdWwzdXY1aGVjNXVrSWY3RkNHZWF1NG5DRUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbYmMA0G
CSqGSIb3DQEBCwUAA4IBAQCUbKrDq0friys7l9WytJkC9BmMx3VpsY5gJuSJqjaT
Emq6Pju/uw8i1izub5WJhFRIzNPT4ozEXIBr2Xc8BcoxQs0tQY5biOQZAVOCD4UJ
0OcHHakSk+Zd+Ts0EepSv+/7akPEPP7esLnGioBhcZpOzJso9D0VBO/apRx4jF9Z
J08ATDNa8tHH2dL57MK0dqnvA/0P/bHPg6If/nYMx0HFwHQl0192HD4BBL1OBNmt
tBPLHyIIrY8T5XCRjvgel7/n45kuTs/MWvXwzAItyStzdLkLLxZk86LBNpZy9WZV
Ujz0155lOPAneqq9JmcczN5XWGsS4pHJy9SLmgKwT1x4
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:14:44 2025 by rpki-client