Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/izAf02ScjqDGiqBwFWL7OVC7KjU.roa
File: izAf02ScjqDGiqBwFWL7OVC7KjU.roa (raw, json)
Hash identifier: 9CD6BF9TD20tEDnNWQ5xY8iup3U+bMc4yZheuyeZi00=
Subject key identifier: 8B:30:1F:D3:64:9C:8E:A0:C6:8A:A0:70:15:62:FB:39:50:BB:2A:35
Certificate issuer: /CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Certificate serial: 01856D8AC14D309BEC8AA408F16947CE0FB4
Authority key identifier: B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/izAf02ScjqDGiqBwFWL7OVC7KjU.roa
Signing time: Sun 01 Jan 2023 13:34:47 +0000
ROA not before: Sun 01 Jan 2023 13:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 5.253.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c1:4d:30:9b:ec:8a:a4:08:f1:69:47:ce:0f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Validity
Not Before: Jan 1 13:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b301fd3649c8ea0c68aa0701562fb3950bb2a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:69:6b:02:2c:01:ce:d6:98:73:0e:77:2f:
17:aa:ae:fb:b1:c9:82:c4:ee:ce:04:3e:2d:2e:b5:
8f:4f:c0:e3:c3:46:9f:f4:40:bd:7a:38:81:6f:96:
21:c7:fb:2c:c9:13:04:61:85:e7:ba:79:78:21:cb:
e0:59:3c:ff:41:52:32:1d:fc:be:f9:9f:0f:a7:e1:
28:26:92:36:22:18:6b:db:d6:81:85:c4:1b:7e:aa:
79:86:a8:10:62:ae:d7:18:90:f7:4c:82:2e:3b:72:
b3:e8:5a:eb:fb:31:d2:33:93:96:5f:6d:f7:e6:01:
2a:19:be:b7:60:17:1f:b8:04:67:64:dc:d8:ff:81:
51:91:72:86:3b:7b:79:2c:1b:27:30:f9:96:3e:3f:
e5:35:98:4c:47:d5:a1:d3:f9:fd:9a:d1:91:34:01:
3e:f8:61:2f:7d:a1:3c:f8:c7:4b:fc:f2:58:ff:ad:
c5:8b:e7:09:99:3c:6c:b3:e1:33:88:5b:5e:14:97:
e1:a5:aa:95:d7:fc:a5:04:ae:16:10:3e:22:e2:63:
4c:81:15:d3:11:f7:fb:c3:35:e2:67:a5:6b:f8:a3:
6a:e8:2c:ef:37:12:0e:c7:7a:3d:b1:9b:22:6c:c3:
2f:33:92:ff:7e:b9:6f:30:3f:ab:57:dc:45:85:a3:
83:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:30:1F:D3:64:9C:8E:A0:C6:8A:A0:70:15:62:FB:39:50:BB:2A:35
X509v3 Authority Key Identifier:
keyid:B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/izAf02ScjqDGiqBwFWL7OVC7KjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/st3QfM2do60-gKKnrDSslmbX090.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
Signature Algorithm: sha256WithRSAEncryption
31:67:bc:4f:85:ce:c1:22:5a:9a:21:f6:be:01:af:70:49:9a:
97:13:b6:f7:0b:89:df:50:8d:da:16:ee:22:c6:33:44:54:f2:
ae:c8:fd:f8:7d:b9:ec:d9:0a:aa:ed:39:9f:9e:e6:83:44:98:
a8:fa:e1:a9:0a:48:df:97:44:42:39:ef:6f:48:b8:8d:1e:7e:
ca:d4:6c:ea:6b:d7:78:8f:19:fd:cb:3f:db:a6:d4:73:87:b0:
d8:3f:6b:44:75:40:7d:7d:0d:83:6e:51:aa:24:71:39:8b:92:
e5:55:0b:38:5a:5d:00:60:1f:37:67:05:de:67:09:2e:1e:b5:
b4:25:c9:ee:70:4c:4b:8c:5d:d1:6c:2d:10:77:c5:a9:2e:1d:
a9:37:60:d4:26:cf:08:67:ad:6c:7f:c5:ea:ff:59:1a:9e:ef:
f6:f3:5a:42:7e:9e:60:f6:a8:a4:23:75:7a:42:76:0a:35:34:
76:69:50:71:bc:b7:73:31:af:00:60:d6:b1:e1:55:2e:7c:35:
3f:1c:00:42:d3:09:2e:b7:22:eb:07:58:dc:8d:45:f5:fd:a8:
7f:8c:58:e5:78:a2:17:66:14:be:8b:30:12:43:d7:34:7b:17:
31:0e:84:89:56:af:0b:2a:6e:5a:77:b7:a3:12:78:51:9c:7e:
72:b7:28:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtisFNMJvsiqQI8WlHzg+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGRkMDdjY2Q5ZGEzYWQzZTgwYTJhN2FjMzRhYzk2NjZk
N2QzZGQwHhcNMjMwMTAxMTMzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMwMWZkMzY0OWM4ZWEwYzY4YWEwNzAxNTYyZmIzOTUwYmIyYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCtpawIsAc7WmHMOdy8Xqq77scmC
xO7OBD4tLrWPT8Djw0af9EC9ejiBb5Yhx/ssyRMEYYXnunl4IcvgWTz/QVIyHfy+
+Z8Pp+EoJpI2Ihhr29aBhcQbfqp5hqgQYq7XGJD3TIIuO3Kz6Frr+zHSM5OWX233
5gEqGb63YBcfuARnZNzY/4FRkXKGO3t5LBsnMPmWPj/lNZhMR9Wh0/n9mtGRNAE+
+GEvfaE8+MdL/PJY/63Fi+cJmTxss+EziFteFJfhpaqV1/ylBK4WED4i4mNMgRXT
Eff7wzXiZ6Vr+KNq6CzvNxIOx3o9sZsibMMvM5L/frlvMD+rV9xFhaODxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIswH9NknI6gxoqgcBVi+zlQuyo1MB8GA1UdIwQY
MBaAFLLd0HzNnaOtPoCip6w0rJZm19PdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3QzUWZNMmRvNjAtZ0tLbnJEU3NsbWJYMDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83ZGM5Y2UtOTg2Mi00Mjc3LTgyM2Yt
NWUwOTBhMzBmNGRjLzEvaXpBZjAyU2NqcURHaXFCd0ZXTDdPVkM3S2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83ZGM5Y2UtOTg2Mi00Mjc3LTgyM2YtNWUwOTBhMzBmNGRj
LzEvc3QzUWZNMmRvNjAtZ0tLbnJEU3NsbWJYMDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf2eMA0G
CSqGSIb3DQEBCwUAA4IBAQAxZ7xPhc7BIlqaIfa+Aa9wSZqXE7b3C4nfUI3aFu4i
xjNEVPKuyP34fbns2Qqq7TmfnuaDRJio+uGpCkjfl0RCOe9vSLiNHn7K1Gzqa9d4
jxn9yz/bptRzh7DYP2tEdUB9fQ2DblGqJHE5i5LlVQs4Wl0AYB83ZwXeZwkuHrW0
JcnucExLjF3RbC0Qd8WpLh2pN2DUJs8IZ61sf8Xq/1kanu/281pCfp5g9qikI3V6
QnYKNTR2aVBxvLdzMa8AYNax4VUufDU/HABC0wkutyLrB1jcjUX1/ah/jFjleKIX
ZhS+izASQ9c0excxDoSJVq8LKm5ad7ejEnhRnH5ytygw
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:07:34 2025 by rpki-client