Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/vajUNIJNLUT6Rn74vGY2fFqsVDo.roa
File: vajUNIJNLUT6Rn74vGY2fFqsVDo.roa (raw, json)
Hash identifier: xrJtjx9Z9s725NWCBrp/PyBr4eaYAUg4ttfGAgX6dCU=
Subject key identifier: BD:A8:D4:34:82:4D:2D:44:FA:46:7E:F8:BC:66:36:7C:5A:AC:54:3A
Certificate issuer: /CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Certificate serial: 01856D8AC1F5C16CA719D81C8109004BBF4A
Authority key identifier: B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/vajUNIJNLUT6Rn74vGY2fFqsVDo.roa
Signing time: Sun 01 Jan 2023 13:34:48 +0000
ROA not before: Sun 01 Jan 2023 13:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211261
IP address blocks: 5.253.157.0/24 maxlen: 24
5.253.156.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:c1:f5:c1:6c:a7:19:d8:1c:81:09:00:4b:bf:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Validity
Not Before: Jan 1 13:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bda8d434824d2d44fa467ef8bc66367c5aac543a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:63:23:1d:3a:a8:47:18:5f:25:ac:9e:af:
70:e9:77:bf:f9:06:db:a0:3b:ce:90:41:13:b9:4e:
83:b1:d1:be:c4:19:66:29:a3:22:9c:15:cc:e5:97:
fc:35:5f:39:f2:9c:8b:af:5d:66:cc:ed:df:52:df:
2f:4c:a7:20:4e:6a:52:71:d8:b2:df:27:0f:e8:c8:
87:3e:d2:5e:4f:47:dd:6d:f1:d9:11:2f:02:29:f6:
cc:c0:ef:ff:d5:f5:d6:81:0e:c6:b9:d6:19:66:36:
a7:15:ba:90:46:87:a6:3f:4b:c8:dd:6d:23:32:e2:
8f:ab:93:53:92:17:26:06:2d:81:cd:2d:5e:37:d3:
c7:ad:fe:c1:78:c8:40:b4:82:c2:db:dc:44:60:23:
a1:9f:80:be:72:64:d0:6c:3f:24:f3:5d:8a:2f:e3:
08:58:aa:bf:50:0f:a1:ee:ad:62:7f:72:da:f4:59:
17:69:22:44:ed:37:da:1d:69:1a:3c:9a:73:ec:94:
ac:e3:3f:d0:ab:49:89:f1:3e:cc:14:f3:f3:7d:1f:
ac:26:ce:92:bc:32:af:c6:eb:4b:d6:ad:a5:b4:a3:
32:41:23:2e:b4:5a:e6:ad:e9:40:98:6d:94:e2:be:
f7:76:38:b5:6f:40:3d:1a:be:98:c6:ef:9c:13:84:
21:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A8:D4:34:82:4D:2D:44:FA:46:7E:F8:BC:66:36:7C:5A:AC:54:3A
X509v3 Authority Key Identifier:
keyid:B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/vajUNIJNLUT6Rn74vGY2fFqsVDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/st3QfM2do60-gKKnrDSslmbX090.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/23
5.253.159.0/24
Signature Algorithm: sha256WithRSAEncryption
56:79:46:42:1a:b3:b6:9f:a8:2f:f7:69:c1:13:2b:6b:72:eb:
f2:55:bb:14:65:cc:bb:51:e6:00:b4:57:ac:2b:f6:a4:aa:cb:
3e:d1:aa:45:e9:fb:10:ff:c2:12:f5:10:75:5b:53:13:52:a5:
4e:83:1d:b3:4a:68:e9:00:48:27:78:aa:18:f4:13:1f:fd:59:
fc:60:87:13:ce:07:a2:20:03:39:b9:b9:f0:03:f5:ae:b8:4c:
fb:f6:6c:0b:04:3e:e2:43:85:39:24:2b:f1:6a:1f:3e:14:0b:
09:ed:f7:6f:c9:5e:af:41:45:de:bc:a9:49:3c:92:f0:c2:75:
cf:9f:64:6a:37:01:9e:ef:20:17:38:00:2b:60:ff:29:68:65:
e9:07:27:24:41:0b:29:fc:6c:9f:09:35:b5:72:dd:62:03:54:
99:1c:4f:50:cb:a4:bd:a0:e9:f0:01:d3:1e:c9:f5:92:93:3c:
ea:94:c6:b4:3e:55:3a:df:04:5d:f4:93:95:f0:ba:5e:dc:ca:
30:cb:00:6f:24:7a:08:55:4e:7a:a7:47:98:8e:bf:15:f6:35:
2d:9d:1b:2d:5a:8e:36:3f:48:79:30:71:77:7f:b7:47:b1:37:
fe:9f:1c:32:b4:4c:84:98:90:2f:fe:37:4e:aa:72:52:2c:fa:
62:5e:2f:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtisH1wWynGdgcgQkAS79KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZGRkMDdjY2Q5ZGEzYWQzZTgwYTJhN2FjMzRhYzk2NjZk
N2QzZGQwHhcNMjMwMTAxMTMzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGE4ZDQzNDgyNGQyZDQ0ZmE0NjdlZjhiYzY2MzY3YzVhYWM1NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgFjIx06qEcYXyWsnq9w6Xe/+Qbb
oDvOkEETuU6DsdG+xBlmKaMinBXM5Zf8NV858pyLr11mzO3fUt8vTKcgTmpScdiy
3ycP6MiHPtJeT0fdbfHZES8CKfbMwO//1fXWgQ7GudYZZjanFbqQRoemP0vI3W0j
MuKPq5NTkhcmBi2BzS1eN9PHrf7BeMhAtILC29xEYCOhn4C+cmTQbD8k812KL+MI
WKq/UA+h7q1if3La9FkXaSJE7TfaHWkaPJpz7JSs4z/Qq0mJ8T7MFPPzfR+sJs6S
vDKvxutL1q2ltKMyQSMutFrmrelAmG2U4r73dji1b0A9Gr6Yxu+cE4QhMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL2o1DSCTS1E+kZ++LxmNnxarFQ6MB8GA1UdIwQY
MBaAFLLd0HzNnaOtPoCip6w0rJZm19PdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3QzUWZNMmRvNjAtZ0tLbnJEU3NsbWJYMDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83ZGM5Y2UtOTg2Mi00Mjc3LTgyM2Yt
NWUwOTBhMzBmNGRjLzEvdmFqVU5JSk5MVVQ2Um43NHZHWTJmRnFzVkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83ZGM5Y2UtOTg2Mi00Mjc3LTgyM2YtNWUwOTBhMzBmNGRj
LzEvc3QzUWZNMmRvNjAtZ0tLbnJEU3NsbWJYMDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBf2cAwQA
Bf2fMA0GCSqGSIb3DQEBCwUAA4IBAQBWeUZCGrO2n6gv92nBEytrcuvyVbsUZcy7
UeYAtFesK/akqss+0apF6fsQ/8IS9RB1W1MTUqVOgx2zSmjpAEgneKoY9BMf/Vn8
YIcTzgeiIAM5ubnwA/WuuEz79mwLBD7iQ4U5JCvxah8+FAsJ7fdvyV6vQUXevKlJ
PJLwwnXPn2RqNwGe7yAXOAArYP8paGXpByckQQsp/GyfCTW1ct1iA1SZHE9Qy6S9
oOnwAdMeyfWSkzzqlMa0PlU63wRd9JOV8Lpe3MowywBvJHoIVU56p0eYjr8V9jUt
nRstWo42P0h5MHF3f7dHsTf+nxwytEyEmJAv/jdOqnJSLPpiXi/S
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:05:07 2025 by rpki-client