Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/f7lR2qdNzNhMHZctwhySnx52rh8.roa
File: f7lR2qdNzNhMHZctwhySnx52rh8.roa (raw, json)
Hash identifier: uc/3dtcmzwA7XSJMfP+6pPiS8XT6tGwBC3iJr2Zlmhg=
Subject key identifier: 7F:B9:51:DA:A7:4D:CC:D8:4C:1D:97:2D:C2:1C:92:9F:1E:76:AE:1F
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 0194236914DBBA885E57FEA758EC6C9EF690
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/f7lR2qdNzNhMHZctwhySnx52rh8.roa
Signing time: Wed 01 Jan 2025 19:47:56 +0000
ROA not before: Wed 01 Jan 2025 19:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8289
IP address blocks: 5.157.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:14:db:ba:88:5e:57:fe:a7:58:ec:6c:9e:f6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jan 1 19:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fb951daa74dccd84c1d972dc21c929f1e76ae1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:db:8d:04:57:89:66:0d:82:f0:53:91:3b:23:
83:65:a7:03:b2:5b:b2:9c:7c:c7:42:2d:5b:9c:6b:
12:05:9c:be:d9:34:8d:97:85:5f:ee:6c:c8:b9:20:
be:28:e8:2c:98:b5:26:16:9e:0b:cb:d4:a7:13:dd:
34:ec:a5:17:cc:b8:57:bc:24:e0:1c:e2:8c:b6:c0:
88:87:29:93:84:9f:97:02:4b:e3:35:e9:e5:4a:1b:
51:4c:62:03:97:d9:ca:bc:5c:67:20:b8:c8:62:e1:
c2:c9:05:8e:45:c9:56:d2:6d:86:9b:13:e4:dc:a0:
83:1e:ab:53:56:3e:ef:3d:a2:05:65:80:89:1c:1a:
4d:ba:f6:8a:94:5a:c2:85:97:bb:2f:4d:29:61:c0:
22:62:d6:a1:06:1c:a0:c8:26:87:0b:fd:d8:0f:67:
f1:2f:6b:ab:99:ab:dd:c6:80:ab:27:47:64:39:6d:
ce:1d:f5:19:7a:9f:a6:95:be:7d:3d:62:90:44:86:
9e:ed:e7:28:a7:2e:1e:23:9d:fb:d1:5e:76:9f:23:
e1:b4:9a:46:73:e0:67:ca:c5:d3:4e:41:14:83:3c:
98:eb:cd:1b:b8:ad:01:1b:51:5b:a1:d5:6e:b9:01:
18:98:2f:d7:41:3a:df:53:71:b4:15:fc:4f:d0:6b:
70:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B9:51:DA:A7:4D:CC:D8:4C:1D:97:2D:C2:1C:92:9F:1E:76:AE:1F
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/f7lR2qdNzNhMHZctwhySnx52rh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.4.0/24
Signature Algorithm: sha256WithRSAEncryption
05:9e:31:f0:7d:82:01:50:77:3e:dc:b0:6e:00:79:95:f6:f3:
54:87:96:b8:c0:25:59:3b:49:56:81:44:41:0d:00:f2:bb:e5:
a6:12:75:b8:4d:80:08:be:10:a8:40:5f:cb:79:83:b6:36:07:
4e:4b:52:67:ef:2e:52:d4:1d:8c:b0:b8:17:e3:63:85:42:e4:
fe:db:81:df:4a:c7:00:3a:a9:3e:c4:84:fe:02:a4:a5:d6:43:
35:55:34:c4:fc:9b:1d:8b:e3:a5:1e:3d:18:4a:bb:05:ac:00:
0f:4a:df:e7:10:a3:13:21:9e:2f:86:80:94:e0:1a:57:11:5d:
3c:db:73:b7:88:07:ca:73:83:33:d6:0d:24:af:ae:ee:98:4b:
00:b7:6d:57:6b:97:35:0b:e3:58:a6:70:0f:8e:47:b7:b8:d0:
dc:a2:c3:b9:1f:cc:55:42:f9:94:2b:ea:e9:57:a1:e1:1d:33:
50:6d:90:78:d5:2a:40:42:9e:1c:0e:87:8c:48:7c:b8:7a:dd:
a8:0b:7d:37:66:54:4a:47:f5:ab:5e:fb:69:1d:be:ec:6a:0a:
f6:d6:5e:e7:26:d1:5c:a6:cc:d1:60:07:73:79:41:b0:b7:7c:
14:a0:e7:a7:5c:6b:eb:a2:08:c2:fa:8d:ca:a5:66:c3:87:fa:
a6:75:69:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaRTbuoheV/6nWOxsnvaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMTAxMTk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmI5NTFkYWE3NGRjY2Q4NGMxZDk3MmRjMjFjOTI5ZjFlNzZhZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArduNBFeJZg2C8FOROyODZacDsluy
nHzHQi1bnGsSBZy+2TSNl4Vf7mzIuSC+KOgsmLUmFp4Ly9SnE9007KUXzLhXvCTg
HOKMtsCIhymThJ+XAkvjNenlShtRTGIDl9nKvFxnILjIYuHCyQWORclW0m2GmxPk
3KCDHqtTVj7vPaIFZYCJHBpNuvaKlFrChZe7L00pYcAiYtahBhygyCaHC/3YD2fx
L2urmavdxoCrJ0dkOW3OHfUZep+mlb59PWKQRIae7ecopy4eI5370V52nyPhtJpG
c+BnysXTTkEUgzyY680buK0BG1FbodVuuQEYmC/XQTrfU3G0FfxP0GtwBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH+5UdqnTczYTB2XLcIckp8edq4fMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvZjdsUjJxZE56TmhNSFpjdHdoeVNueDUycmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZ0EMA0G
CSqGSIb3DQEBCwUAA4IBAQAFnjHwfYIBUHc+3LBuAHmV9vNUh5a4wCVZO0lWgURB
DQDyu+WmEnW4TYAIvhCoQF/LeYO2NgdOS1Jn7y5S1B2MsLgX42OFQuT+24HfSscA
Oqk+xIT+AqSl1kM1VTTE/Jsdi+OlHj0YSrsFrAAPSt/nEKMTIZ4vhoCU4BpXEV08
23O3iAfKc4Mz1g0kr67umEsAt21Xa5c1C+NYpnAPjke3uNDcosO5H8xVQvmUK+rp
V6HhHTNQbZB41SpAQp4cDoeMSHy4et2oC303ZlRKR/WrXvtpHb7sagr21l7nJtFc
pszRYAdzeUGwt3wUoOenXGvrogjC+o3KpWbDh/qmdWnk
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:47 2025 by rpki-client