Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/z5Ucz1kkGg56QZyAblN2WefSoGM.roa
File: z5Ucz1kkGg56QZyAblN2WefSoGM.roa (raw, json)
Hash identifier: 5hK/qHn0csimMvRktmqCqsq2To8mi7zen0Vo1KFJGyM=
Subject key identifier: CF:95:1C:CF:59:24:1A:0E:7A:41:9C:80:6E:53:76:59:E7:D2:A0:63
Certificate issuer: /CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Certificate serial: 019424B35F090A48C52C06435B6FFDBBAF41
Authority key identifier: 23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/z5Ucz1kkGg56QZyAblN2WefSoGM.roa
Signing time: Thu 02 Jan 2025 01:48:42 +0000
ROA not before: Thu 02 Jan 2025 01:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17802
IP address blocks: 87.236.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:5f:09:0a:48:c5:2c:06:43:5b:6f:fd:bb:af:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b1943087ce69623e76b2145b3479ac204ba1c9
Validity
Not Before: Jan 2 01:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf951ccf59241a0e7a419c806e537659e7d2a063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:57:4a:13:c3:cd:64:3e:fe:38:72:26:68:24:
e5:2c:0d:2a:c8:33:46:cd:54:46:03:e4:84:43:bb:
6f:82:34:9d:f9:c1:ac:6b:c8:49:6c:29:51:87:de:
1e:14:c2:4e:9e:41:81:6a:7a:95:4e:0c:68:5c:07:
ed:e5:b1:07:22:76:78:87:7c:5e:32:38:6e:cd:5e:
7b:2b:b8:d2:62:1d:e2:c0:cb:2e:0b:ad:23:53:19:
7b:40:a5:9b:59:97:58:14:57:9f:53:d8:a7:83:f9:
d5:79:0d:4f:1d:22:27:d0:a5:9b:c7:0c:e9:6e:5d:
a6:78:41:51:4e:bb:aa:6c:df:ec:16:e0:e4:5d:25:
ce:39:5b:0f:b1:00:b6:cf:df:ea:5e:db:dc:aa:0e:
d8:30:ba:81:2b:15:33:9a:d5:c1:a0:20:fb:88:78:
b8:59:f9:86:b7:ba:21:b1:d0:3d:d7:35:54:ec:78:
f6:09:7f:0c:5e:7a:60:79:ac:ca:e7:2f:1f:3a:dc:
0f:a9:b2:c8:21:29:3f:df:6a:6a:7c:50:22:e1:29:
34:e1:35:d5:33:da:4c:9a:f8:17:a1:e1:3e:50:e1:
70:5d:1b:23:b7:3f:61:68:b5:11:fd:66:74:7e:6e:
01:fa:7a:55:6f:d3:d2:12:fa:6b:16:53:b7:a8:ef:
f9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:95:1C:CF:59:24:1A:0E:7A:41:9C:80:6E:53:76:59:E7:D2:A0:63
X509v3 Authority Key Identifier:
keyid:23:B1:94:30:87:CE:69:62:3E:76:B2:14:5B:34:79:AC:20:4B:A1:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7GUMIfOaWI-drIUWzR5rCBLock.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/z5Ucz1kkGg56QZyAblN2WefSoGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/73f1c9-82b0-4ede-b899-f742f395aaf9/1/I7GUMIfOaWI-drIUWzR5rCBLock.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.67.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ab:d3:f7:62:b1:99:fb:09:27:bf:75:da:7b:32:26:ce:07:
8e:b6:be:73:c4:6c:7d:dd:34:73:ea:3f:b8:5e:76:48:52:2d:
52:52:2e:45:b9:1d:b2:bc:4a:bb:bd:cd:ad:aa:9d:b8:ad:08:
6f:3b:e0:27:0d:33:62:db:1d:3e:1f:17:df:c8:09:e5:a2:9b:
64:b9:f4:13:40:d9:a4:66:0f:45:a5:cc:d0:ae:a4:83:55:97:
ff:32:11:21:08:13:ef:ff:d1:87:79:16:ae:e4:b7:1b:73:9d:
71:8a:18:27:d9:54:98:b9:5c:f0:f5:d4:2b:e9:59:70:61:b5:
8e:42:89:14:3a:f3:ae:ed:6d:3c:e0:37:7e:68:b0:b2:e7:f6:
4e:83:60:a9:69:c2:d0:10:65:7d:6d:2b:2c:5d:f6:8c:cd:36:
7c:02:35:86:1c:eb:4b:f5:0d:c1:5e:81:53:ad:4f:24:27:64:
36:41:ef:0e:d8:53:8b:96:11:c2:0a:2f:d1:90:f5:aa:76:e3:
80:68:6e:1b:62:92:49:a8:89:93:e1:e4:62:19:39:4f:2e:07:
dd:05:bc:c1:9f:99:d5:80:0b:2f:be:9e:1d:b4:bc:66:21:22:
51:82:4d:fc:16:d7:86:14:7f:5b:d5:d7:b1:79:f6:c2:7b:40:
3a:d7:3a:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks18JCkjFLAZDW2/9u69BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjE5NDMwODdjZTY5NjIzZTc2YjIxNDViMzQ3OWFjMjA0
YmExYzkwHhcNMjUwMTAyMDE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjk1MWNjZjU5MjQxYTBlN2E0MTljODA2ZTUzNzY1OWU3ZDJhMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVdKE8PNZD7+OHImaCTlLA0qyDNG
zVRGA+SEQ7tvgjSd+cGsa8hJbClRh94eFMJOnkGBanqVTgxoXAft5bEHInZ4h3xe
MjhuzV57K7jSYh3iwMsuC60jUxl7QKWbWZdYFFefU9ing/nVeQ1PHSIn0KWbxwzp
bl2meEFRTruqbN/sFuDkXSXOOVsPsQC2z9/qXtvcqg7YMLqBKxUzmtXBoCD7iHi4
WfmGt7ohsdA91zVU7Hj2CX8MXnpgeazK5y8fOtwPqbLIISk/32pqfFAi4Sk04TXV
M9pMmvgXoeE+UOFwXRsjtz9haLUR/WZ0fm4B+npVb9PSEvprFlO3qO/5qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+VHM9ZJBoOekGcgG5Tdlnn0qBjMB8GA1UdIwQY
MBaAFCOxlDCHzmliPnayFFs0eawgS6HJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTkt
Zjc0MmYzOTVhYWY5LzEvejVVY3oxa2tHZzU2UVp5QWJsTjJXZWZTb0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83M2YxYzktODJiMC00ZWRlLWI4OTktZjc0MmYzOTVhYWY5
LzEvSTdHVU1JZk9hV0ktZHJJVVd6UjVyQ0JMb2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+xDMA0G
CSqGSIb3DQEBCwUAA4IBAQCGq9P3YrGZ+wknv3XaezImzgeOtr5zxGx93TRz6j+4
XnZIUi1SUi5FuR2yvEq7vc2tqp24rQhvO+AnDTNi2x0+HxffyAnloptkufQTQNmk
Zg9FpczQrqSDVZf/MhEhCBPv/9GHeRau5Lcbc51xihgn2VSYuVzw9dQr6VlwYbWO
QokUOvOu7W084Dd+aLCy5/ZOg2CpacLQEGV9bSssXfaMzTZ8AjWGHOtL9Q3BXoFT
rU8kJ2Q2Qe8O2FOLlhHCCi/RkPWqduOAaG4bYpJJqImT4eRiGTlPLgfdBbzBn5nV
gAsvvp4dtLxmISJRgk38FteGFH9b1dexefbCe0A61zoD
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:03:25 2025 by rpki-client