Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/fd596a-3f54-4e06-8620-6e0d213f484a/1/OpJtaaRthnAHRqc_NJR00NeuF3Q.roa
File: OpJtaaRthnAHRqc_NJR00NeuF3Q.roa (raw, json)
Hash identifier: 49KocR3vQ3vTcodQDTAHIpDNjLf34uBYESoYf7Qc6RA=
Subject key identifier: 3A:92:6D:69:A4:6D:86:70:07:46:A7:3F:34:94:74:D0:D7:AE:17:74
Certificate issuer: /CN=af88fde6fadbb6b2c1db6fe41f829d1f2015be0b
Certificate serial: 01851A0E7BB8241F91FDB9E2D158DDE8BF83
Authority key identifier: AF:88:FD:E6:FA:DB:B6:B2:C1:DB:6F:E4:1F:82:9D:1F:20:15:BE:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4j95vrbtrLB22_kH4KdHyAVvgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/fd596a-3f54-4e06-8620-6e0d213f484a/1/OpJtaaRthnAHRqc_NJR00NeuF3Q.roa
Signing time: Fri 16 Dec 2022 08:30:34 +0000
ROA not before: Fri 16 Dec 2022 08:30:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205282
IP address blocks: 5.181.161.0/24 maxlen: 24
213.130.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:0e:7b:b8:24:1f:91:fd:b9:e2:d1:58:dd:e8:bf:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af88fde6fadbb6b2c1db6fe41f829d1f2015be0b
Validity
Not Before: Dec 16 08:30:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a926d69a46d86700746a73f349474d0d7ae1774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:1d:a5:cd:5b:e6:21:4f:7e:12:75:c4:58:
ba:3e:d2:ef:4c:65:a4:7f:51:cd:71:f9:c3:4f:9f:
bf:8b:57:4e:90:0b:6c:e8:31:72:47:fe:57:5d:5b:
cd:3f:0b:51:ce:0f:01:1e:94:19:03:d9:8e:1f:43:
01:9d:d4:1d:e9:58:ce:91:62:7f:2e:6d:1a:ae:b8:
f6:e5:fd:c3:9c:dd:e6:fb:3f:a1:7d:16:83:0c:07:
9f:d2:b7:09:fc:9e:57:1f:ac:14:e5:78:85:35:b5:
44:ad:22:e3:11:da:da:88:9f:66:3a:e8:af:5a:29:
fb:79:3f:05:d1:6c:25:66:c6:3e:e1:68:8b:44:79:
dd:41:67:6b:8d:33:02:8d:b7:49:84:b0:72:43:6a:
03:7e:fc:22:64:3f:34:45:c6:27:5d:20:af:23:53:
e4:6d:fe:74:ff:6e:61:be:bc:e6:87:d3:75:a2:e2:
0c:2e:1a:9c:57:5a:30:a3:09:ba:8b:bb:c4:34:6c:
00:30:9d:1a:0b:57:26:69:06:ad:c7:66:65:da:ef:
3b:ba:13:1c:ef:61:83:cb:53:4e:2a:fe:aa:3c:f9:
0c:65:71:9a:ac:d2:97:47:85:e9:da:43:f0:12:0c:
69:ce:3b:5a:9d:10:16:97:de:75:df:ef:7b:3e:2c:
08:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:6D:69:A4:6D:86:70:07:46:A7:3F:34:94:74:D0:D7:AE:17:74
X509v3 Authority Key Identifier:
keyid:AF:88:FD:E6:FA:DB:B6:B2:C1:DB:6F:E4:1F:82:9D:1F:20:15:BE:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4j95vrbtrLB22_kH4KdHyAVvgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/fd596a-3f54-4e06-8620-6e0d213f484a/1/OpJtaaRthnAHRqc_NJR00NeuF3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/fd596a-3f54-4e06-8620-6e0d213f484a/1/r4j95vrbtrLB22_kH4KdHyAVvgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.161.0/24
213.130.74.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ee:b0:f6:8e:05:09:9a:00:fe:2b:71:83:4b:7c:0f:98:45:
c9:a3:b6:17:cf:74:f0:56:ed:2f:3b:b4:9d:50:a6:57:86:db:
39:3f:37:f1:97:c9:81:66:09:53:6a:3a:f3:d5:5d:0c:20:3b:
0f:e6:bb:38:40:e7:6d:5e:37:aa:21:28:dc:a2:e0:7a:af:4f:
cd:8a:0e:8e:f0:1f:85:ad:85:8f:97:c6:ee:a4:f7:37:54:d2:
a1:f2:d2:50:75:34:de:ab:16:9f:e5:dd:46:43:26:8a:3c:86:
ad:ff:8e:91:04:3e:2a:67:1d:23:21:ec:6d:4d:d3:c6:19:a1:
2a:bb:ba:66:36:34:85:5b:a1:29:ed:b8:f2:6e:fd:ba:27:2b:
60:2c:bd:46:26:c6:2e:a2:a2:84:06:17:58:71:af:b3:65:6d:
95:38:9c:34:a8:e7:cb:dd:ce:0a:b8:d1:f8:28:36:f4:22:96:
c3:fa:6a:1b:61:c6:8c:e5:15:cd:bf:e2:c1:23:ab:48:7d:67:
b5:bd:0e:d0:ec:36:af:b0:3a:81:f8:b0:e6:17:08:77:b0:86:
3d:66:21:01:e7:e1:68:a0:38:7c:b2:7f:17:b1:5b:dc:5d:7a:
ea:f3:98:a9:e0:6b:20:db:f7:19:a1:50:be:e7:01:77:d4:56:
26:74:ea:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUaDnu4JB+R/bni0Vjd6L+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODhmZGU2ZmFkYmI2YjJjMWRiNmZlNDFmODI5ZDFmMjAx
NWJlMGIwHhcNMjIxMjE2MDgzMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkyNmQ2OWE0NmQ4NjcwMDc0NmE3M2YzNDk0NzRkMGQ3YWUxNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthkdpc1b5iFPfhJ1xFi6PtLvTGWk
f1HNcfnDT5+/i1dOkAts6DFyR/5XXVvNPwtRzg8BHpQZA9mOH0MBndQd6VjOkWJ/
Lm0arrj25f3DnN3m+z+hfRaDDAef0rcJ/J5XH6wU5XiFNbVErSLjEdraiJ9mOuiv
Win7eT8F0WwlZsY+4WiLRHndQWdrjTMCjbdJhLByQ2oDfvwiZD80RcYnXSCvI1Pk
bf50/25hvrzmh9N1ouIMLhqcV1owowm6i7vENGwAMJ0aC1cmaQatx2Zl2u87uhMc
72GDy1NOKv6qPPkMZXGarNKXR4Xp2kPwEgxpzjtanRAWl9513+97PiwIIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDqSbWmkbYZwB0anPzSUdNDXrhd0MB8GA1UdIwQY
MBaAFK+I/eb627aywdtv5B+CnR8gFb4LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRqOTV2cmJ0ckxCMjJfa0g0S2RIeUFWdmdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mZDU5NmEtM2Y1NC00ZTA2LTg2MjAt
NmUwZDIxM2Y0ODRhLzEvT3BKdGFhUnRobkFIUnFjX05KUjAwTmV1RjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mZDU5NmEtM2Y1NC00ZTA2LTg2MjAtNmUwZDIxM2Y0ODRh
LzEvcjRqOTV2cmJ0ckxCMjJfa0g0S2RIeUFWdmdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbWhAwQA
1YJKMA0GCSqGSIb3DQEBCwUAA4IBAQAj7rD2jgUJmgD+K3GDS3wPmEXJo7YXz3Tw
Vu0vO7SdUKZXhts5Pzfxl8mBZglTajrz1V0MIDsP5rs4QOdtXjeqISjcouB6r0/N
ig6O8B+FrYWPl8bupPc3VNKh8tJQdTTeqxaf5d1GQyaKPIat/46RBD4qZx0jIext
TdPGGaEqu7pmNjSFW6Ep7bjybv26JytgLL1GJsYuoqKEBhdYca+zZW2VOJw0qOfL
3c4KuNH4KDb0IpbD+mobYcaM5RXNv+LBI6tIfWe1vQ7Q7DavsDqB+LDmFwh3sIY9
ZiEB5+FooDh8sn8XsVvcXXrq85ip4Gsg2/cZoVC+5wF31FYmdOp4
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:04:38 2025 by rpki-client