Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/3uOrqvmP8Ja1Ais3wLBFc-Yv8js.roa
File: 3uOrqvmP8Ja1Ais3wLBFc-Yv8js.roa (raw, json)
Hash identifier: exOhjbpn5m/SyHb+kmTmnk1GW2qg2u8lsLmmerL5o9w=
Subject key identifier: DE:E3:AB:AA:F9:8F:F0:96:B5:02:2B:37:C0:B0:45:73:E6:2F:F2:3B
Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Certificate serial: 01941FFA649FF90CFAF787BC2F914415C5AB
Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/3uOrqvmP8Ja1Ais3wLBFc-Yv8js.roa
Signing time: Wed 01 Jan 2025 03:48:11 +0000
ROA not before: Wed 01 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42010
IP address blocks: 5.175.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:64:9f:f9:0c:fa:f7:87:bc:2f:91:44:15:c5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066
Validity
Not Before: Jan 1 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dee3abaaf98ff096b5022b37c0b04573e62ff23b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:99:e4:95:6b:6c:ca:9d:c0:57:ba:51:62:
1d:fe:59:39:b8:1b:3c:4e:fd:bf:68:08:0d:8f:ff:
71:7d:06:ff:92:b4:13:ae:b3:88:9f:69:33:d5:67:
9d:e2:07:66:3d:69:62:7a:ba:44:a8:3c:ca:5a:d6:
9f:e4:f7:37:20:f9:b0:95:9b:cb:d5:41:1d:f8:da:
bb:a1:21:d7:7f:68:51:51:6d:5a:33:04:1e:ab:3a:
ac:f4:b4:d4:a9:00:56:e6:1e:95:82:fe:09:b2:89:
b9:a5:0a:c8:6a:46:ab:37:7b:18:08:74:8b:b7:2e:
c9:0b:76:86:b0:40:d7:ab:98:24:ec:9c:06:ad:27:
53:b2:02:48:ab:de:d3:bb:52:c5:95:17:13:c7:75:
c3:97:d7:09:59:7b:21:51:59:e3:f3:2c:37:42:c0:
f1:92:b6:e6:d1:2a:49:35:d1:49:b3:aa:79:87:58:
46:88:dc:3e:e3:66:ff:9c:08:f7:26:e8:42:2b:2f:
75:2a:6b:c0:25:ca:5b:ce:8e:49:7e:3a:d7:9b:f2:
78:10:a5:8c:66:96:d5:24:f3:9a:8f:d5:29:1d:91:
df:be:43:7b:0d:2e:9a:08:a2:f7:a4:18:a2:2a:80:
ed:46:42:4f:38:ca:e1:65:8d:4b:e5:21:33:41:fe:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:AB:AA:F9:8F:F0:96:B5:02:2B:37:C0:B0:45:73:E6:2F:F2:3B
X509v3 Authority Key Identifier:
keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/3uOrqvmP8Ja1Ais3wLBFc-Yv8js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.56.0/21
Signature Algorithm: sha256WithRSAEncryption
33:dd:ae:4a:96:28:a2:d4:ae:0c:07:ab:26:2e:28:c8:1a:a7:
af:7d:17:7b:39:ea:cc:25:16:44:97:5a:06:65:c2:18:52:8c:
94:0f:c4:b9:79:f9:b3:7f:c7:72:97:74:9d:9c:83:cd:93:ff:
24:b6:22:15:d7:86:94:9d:0c:0f:5b:54:b5:ca:f1:68:3f:a7:
54:db:02:4f:b1:57:76:95:a5:f7:97:54:c3:13:2a:35:14:fc:
56:bc:24:18:b3:d5:12:0d:a5:51:c8:8e:57:2e:42:43:79:b8:
f7:d2:a1:9e:c9:04:84:80:2b:4c:7f:88:b8:ed:42:eb:ff:ea:
04:ba:d1:30:a6:f8:56:f9:f8:e7:d4:9d:e8:fa:24:6c:a8:5e:
b4:fb:a2:dd:36:84:b9:b7:73:14:e8:96:55:8d:51:33:9b:b7:
c7:1d:1a:6e:25:1a:ff:b2:aa:ab:72:d6:83:9d:4a:ec:6f:e1:
ef:af:c0:6b:b8:0d:f4:a5:b3:c1:22:3f:e1:14:89:d3:a5:84:
47:ae:4e:55:cd:74:38:d8:41:85:e5:a5:d0:ff:c2:82:cb:b7:
77:27:70:17:0f:da:b5:58:80:c5:57:33:10:61:2e:31:d8:8f:
bc:8d:a4:d4:9d:56:0a:41:6d:29:ba:9d:28:a4:7e:37:a4:0d:
19:be:6d:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mSf+Qz694e8L5FEFcWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi
MWIwNjYwHhcNMjUwMTAxMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUzYWJhYWY5OGZmMDk2YjUwMjJiMzdjMGIwNDU3M2U2MmZmMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2WZ5JVrbMqdwFe6UWId/lk5uBs8
Tv2/aAgNj/9xfQb/krQTrrOIn2kz1Wed4gdmPWlierpEqDzKWtaf5Pc3IPmwlZvL
1UEd+Nq7oSHXf2hRUW1aMwQeqzqs9LTUqQBW5h6Vgv4Jsom5pQrIakarN3sYCHSL
ty7JC3aGsEDXq5gk7JwGrSdTsgJIq97Tu1LFlRcTx3XDl9cJWXshUVnj8yw3QsDx
krbm0SpJNdFJs6p5h1hGiNw+42b/nAj3JuhCKy91KmvAJcpbzo5JfjrXm/J4EKWM
ZpbVJPOaj9UpHZHfvkN7DS6aCKL3pBiiKoDtRkJPOMrhZY1L5SEzQf6N9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7jq6r5j/CWtQIrN8CwRXPmL/I7MB8GA1UdIwQY
MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt
ZGUzNzY3M2M0MDljLzEvM3VPcnF2bVA4SmExQWlzM3dMQkZjLVl2OGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj
LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBa84MA0G
CSqGSIb3DQEBCwUAA4IBAQAz3a5Kliii1K4MB6smLijIGqevfRd7OerMJRZEl1oG
ZcIYUoyUD8S5efmzf8dyl3SdnIPNk/8ktiIV14aUnQwPW1S1yvFoP6dU2wJPsVd2
laX3l1TDEyo1FPxWvCQYs9USDaVRyI5XLkJDebj30qGeyQSEgCtMf4i47ULr/+oE
utEwpvhW+fjn1J3o+iRsqF60+6LdNoS5t3MU6JZVjVEzm7fHHRpuJRr/sqqrctaD
nUrsb+Hvr8BruA30pbPBIj/hFInTpYRHrk5VzXQ42EGF5aXQ/8KCy7d3J3AXD9q1
WIDFVzMQYS4x2I+8jaTUnVYKQW0pup0opH43pA0Zvm1p
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:09 2025 by rpki-client