Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/5Mei7HUDLEXbe1TYaS7QjkI13gQ.roa
File: 5Mei7HUDLEXbe1TYaS7QjkI13gQ.roa (raw, json)
Hash identifier: 31lRnFm/x8I210JoZIudaFoeX6OfC5RkRQaebXeL8BU=
Subject key identifier: E4:C7:A2:EC:75:03:2C:45:DB:7B:54:D8:69:2E:D0:8E:42:35:DE:04
Certificate issuer: /CN=19ca39890f97f728152bcd85c236d8e5ff460429
Certificate serial: 0194236959477109C55E43275F801EA37A5B
Authority key identifier: 19:CA:39:89:0F:97:F7:28:15:2B:CD:85:C2:36:D8:E5:FF:46:04:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gco5iQ-X9ygVK82FwjbY5f9GBCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/5Mei7HUDLEXbe1TYaS7QjkI13gQ.roa
Signing time: Wed 01 Jan 2025 19:48:14 +0000
ROA not before: Wed 01 Jan 2025 19:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 141.249.0.0/16 maxlen: 24
2001:67c:13c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:59:47:71:09:c5:5e:43:27:5f:80:1e:a3:7a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ca39890f97f728152bcd85c236d8e5ff460429
Validity
Not Before: Jan 1 19:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4c7a2ec75032c45db7b54d8692ed08e4235de04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:17:b1:78:fb:79:b8:d3:48:4e:df:9a:1d:fe:
27:3d:09:fd:49:57:b4:51:a8:2b:ed:09:30:7a:5c:
21:46:d0:cf:df:a5:2f:d7:0c:18:63:5b:8e:71:1e:
70:03:e0:3d:6d:79:0f:64:30:63:9f:bf:02:1b:ee:
79:27:d0:e5:50:98:31:97:30:b0:f3:a3:8f:75:1e:
ce:42:ba:96:12:a5:c8:e9:0c:8a:5b:f6:45:f0:ee:
55:29:d4:56:df:89:5f:c3:20:41:cc:59:19:bd:23:
63:9a:08:8f:ef:21:2b:ee:7f:b2:e3:ef:2f:ee:78:
29:47:7e:34:fa:12:38:13:34:f0:27:e1:61:2d:ac:
6d:5d:b6:63:83:e7:2f:0d:49:9f:11:0c:52:10:43:
c0:74:08:d0:11:a7:ba:75:b2:da:dc:bf:43:4f:1b:
f2:66:44:b0:40:b0:6b:2e:88:d6:c0:82:fd:55:fb:
94:74:02:de:b0:7b:f1:31:b8:11:e4:14:3e:77:5f:
0c:81:08:40:bc:e9:66:72:7e:d6:56:25:96:c6:c7:
47:a7:e4:f3:ff:26:c7:7c:ce:74:a5:83:c5:dc:87:
95:12:3c:06:4e:32:bb:59:48:dd:6d:6d:e6:10:fd:
3f:04:a0:ef:41:3c:96:0d:e8:73:90:e2:ca:72:c9:
89:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C7:A2:EC:75:03:2C:45:DB:7B:54:D8:69:2E:D0:8E:42:35:DE:04
X509v3 Authority Key Identifier:
keyid:19:CA:39:89:0F:97:F7:28:15:2B:CD:85:C2:36:D8:E5:FF:46:04:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gco5iQ-X9ygVK82FwjbY5f9GBCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/5Mei7HUDLEXbe1TYaS7QjkI13gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/161daf-248f-4e3a-8beb-77efbc362503/1/Gco5iQ-X9ygVK82FwjbY5f9GBCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.249.0.0/16
IPv6:
2001:67c:13c0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:2b:5e:ed:28:3e:e1:17:ba:80:b4:1f:e2:45:d3:4e:89:8b:
b9:48:09:23:e8:46:36:e1:55:87:1a:28:6a:56:8a:f7:67:c9:
78:85:f5:66:83:d8:42:4e:bd:67:9b:d7:5e:ab:a6:37:89:97:
06:03:72:08:2a:25:a1:a2:0f:ee:1f:f1:32:7d:a2:90:ca:b4:
88:77:65:a0:b4:9e:c1:d7:1c:59:0d:e1:5f:8b:7d:c7:2f:4e:
af:ca:78:3d:f2:a8:b0:da:c0:15:2d:4c:a2:98:ef:21:6d:2d:
e1:c9:e3:15:6c:d8:ea:d2:bb:e0:6a:e7:35:8b:73:36:e0:eb:
60:b0:3d:c6:3c:e2:bf:c8:41:83:56:01:51:3a:48:80:a6:91:
70:cd:ac:86:70:7f:fd:6b:56:06:60:2f:b5:8a:b4:62:84:a3:
fe:63:37:af:32:55:85:4f:86:70:dc:77:22:41:25:dd:cc:22:
de:a6:59:8d:cc:9d:13:2c:59:b6:0c:ec:e2:2a:9e:49:a2:21:
b6:01:c0:b7:b7:5e:f9:01:92:58:94:05:37:40:9d:cc:e0:7f:
4d:45:cf:a8:b5:ef:9f:d3:5c:03:62:37:2d:c9:d0:52:0a:f6:
83:fd:59:21:bc:23:bb:28:71:99:95:a6:03:fe:c0:ac:b4:d1:
4e:2d:82:94
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQjaVlHcQnFXkMnX4Aeo3pbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2EzOTg5MGY5N2Y3MjgxNTJiY2Q4NWMyMzZkOGU1ZmY0
NjA0MjkwHhcNMjUwMTAxMTk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM3YTJlYzc1MDMyYzQ1ZGI3YjU0ZDg2OTJlZDA4ZTQyMzVkZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xexePt5uNNITt+aHf4nPQn9SVe0
Uagr7QkwelwhRtDP36Uv1wwYY1uOcR5wA+A9bXkPZDBjn78CG+55J9DlUJgxlzCw
86OPdR7OQrqWEqXI6QyKW/ZF8O5VKdRW34lfwyBBzFkZvSNjmgiP7yEr7n+y4+8v
7ngpR340+hI4EzTwJ+FhLaxtXbZjg+cvDUmfEQxSEEPAdAjQEae6dbLa3L9DTxvy
ZkSwQLBrLojWwIL9VfuUdALesHvxMbgR5BQ+d18MgQhAvOlmcn7WViWWxsdHp+Tz
/ybHfM50pYPF3IeVEjwGTjK7WUjdbW3mEP0/BKDvQTyWDehzkOLKcsmJGwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOTHoux1AyxF23tU2Gku0I5CNd4EMB8GA1UdIwQY
MBaAFBnKOYkPl/coFSvNhcI22OX/RgQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2NvNWlRLVg5eWdWSzgyRndqYlk1ZjlHQkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xNjFkYWYtMjQ4Zi00ZTNhLThiZWIt
NzdlZmJjMzYyNTAzLzEvNU1laTdIVURMRVhiZTFUWWFTN1Fqa0kxM2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xNjFkYWYtMjQ4Zi00ZTNhLThiZWItNzdlZmJjMzYyNTAz
LzEvR2NvNWlRLVg5eWdWSzgyRndqYlk1ZjlHQkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAjfkwDwQC
AAIwCQMHACABBnwTwDANBgkqhkiG9w0BAQsFAAOCAQEALite7Sg+4Re6gLQf4kXT
TomLuUgJI+hGNuFVhxooalaK92fJeIX1ZoPYQk69Z5vXXqumN4mXBgNyCColoaIP
7h/xMn2ikMq0iHdloLSewdccWQ3hX4t9xy9Or8p4PfKosNrAFS1MopjvIW0t4cnj
FWzY6tK74GrnNYtzNuDrYLA9xjziv8hBg1YBUTpIgKaRcM2shnB//WtWBmAvtYq0
YoSj/mM3rzJVhU+GcNx3IkEl3cwi3qZZjcydEyxZtgzs4iqeSaIhtgHAt7de+QGS
WJQFN0CdzOB/TUXPqLXvn9NcA2I3LcnQUgr2g/1ZIbwjuyhxmZWmA/7ArLTRTi2C
lA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:50 2025 by rpki-client