Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/hh5gFEvny7iJIP363sERSCjh-rs.roa
File: hh5gFEvny7iJIP363sERSCjh-rs.roa (raw, json)
Hash identifier: nHmDgAhsTOhkwPJGUNXsbu1PrrGNS0xivvoOwxQO9Og=
Subject key identifier: 86:1E:60:14:4B:E7:CB:B8:89:20:FD:FA:DE:C1:11:48:28:E1:FA:BB
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 0194221FC6A5F61C513952D7FC39F1AFD6A1
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/hh5gFEvny7iJIP363sERSCjh-rs.roa
Signing time: Wed 01 Jan 2025 13:48:15 +0000
ROA not before: Wed 01 Jan 2025 13:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32780
IP address blocks: 5.188.196.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c6:a5:f6:1c:51:39:52:d7:fc:39:f1:af:d6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 1 13:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=861e60144be7cbb88920fdfadec1114828e1fabb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:51:eb:90:58:28:38:d4:d1:5b:8e:47:6a:
84:7b:63:3f:04:f7:1d:5f:76:bb:e5:e3:ed:06:db:
95:85:78:09:e9:2f:9f:c0:08:78:b8:19:77:e7:e0:
15:89:9f:15:e9:06:be:f8:e4:b5:37:90:3d:13:90:
88:3e:00:83:16:47:22:f2:7b:9d:1c:4f:e5:bf:2b:
cc:8b:d8:78:1c:be:30:51:2f:79:09:06:f2:c4:a4:
1a:01:2e:c3:40:2c:2b:8f:76:63:4c:89:58:c5:69:
1a:54:47:19:bf:e6:ab:a8:c9:55:3f:83:3e:84:7f:
6b:e3:32:9c:4e:86:62:1a:86:e3:62:be:b6:49:24:
20:2a:d7:b3:1a:fb:5b:5b:58:5d:13:79:39:53:70:
cd:4e:87:da:16:bc:cf:c7:ab:f7:5c:e1:c0:bc:60:
3a:4c:0e:9d:4b:9f:38:81:3b:fa:ce:69:db:57:25:
37:40:bf:10:db:89:f1:9e:d8:01:db:0a:0e:4a:06:
cb:fb:9b:d6:dc:de:9c:c1:6f:98:13:9b:df:18:8b:
ae:f2:ce:82:23:56:4a:ca:c0:9f:aa:00:d3:5b:cc:
39:fb:33:61:2a:4f:f9:c8:54:c2:4c:e9:ef:a3:33:
c6:ac:16:f5:54:4a:e0:6e:53:6a:13:98:32:cd:c4:
c0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1E:60:14:4B:E7:CB:B8:89:20:FD:FA:DE:C1:11:48:28:E1:FA:BB
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/hh5gFEvny7iJIP363sERSCjh-rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.196.0/22
Signature Algorithm: sha256WithRSAEncryption
04:1c:ae:62:9b:fc:7e:bc:b7:05:47:05:f9:24:e7:88:b0:31:
9c:ce:50:c1:93:5f:f2:b6:bc:b6:8d:23:10:28:e8:98:62:fe:
e6:33:fe:27:db:c3:d7:4f:d5:b2:de:14:72:2a:0b:1f:94:18:
57:22:80:18:4d:f8:6b:e3:8d:94:d7:de:f7:ab:b3:68:07:c7:
f2:91:3d:1b:98:b1:d1:8f:83:f3:b9:7c:b1:fe:b7:41:f1:e3:
aa:7c:51:19:35:cb:bf:79:22:82:e7:7e:7e:ee:21:a9:d0:28:
b6:b1:4f:f6:be:d7:eb:81:48:52:87:ef:81:8a:c7:16:eb:61:
3f:90:62:38:48:78:61:48:bb:bc:bd:b0:74:86:77:c4:3a:44:
02:d2:69:45:72:69:e8:89:b2:aa:5b:6b:8f:b6:7b:1e:1f:d3:
da:b5:35:d2:6a:f2:30:db:9d:60:18:c7:6d:61:67:da:8d:b5:
54:31:32:44:a2:3b:85:3f:a3:50:65:fb:76:cd:6d:fc:00:ed:
3b:25:22:60:51:b0:fe:0f:32:66:bb:87:87:99:2e:29:2a:47:
5b:eb:0f:fd:00:fb:23:8d:93:10:3d:6f:ec:1a:00:d8:6a:13:
5e:af:35:6c:53:11:bc:84:a8:f9:64:e6:9c:04:05:eb:9c:e1:
e0:59:5a:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8al9hxROVLX/Dnxr9ahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjUwMTAxMTM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFlNjAxNDRiZTdjYmI4ODkyMGZkZmFkZWMxMTE0ODI4ZTFmYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmxR65BYKDjU0VuOR2qEe2M/BPcd
X3a75ePtBtuVhXgJ6S+fwAh4uBl35+AViZ8V6Qa++OS1N5A9E5CIPgCDFkci8nud
HE/lvyvMi9h4HL4wUS95CQbyxKQaAS7DQCwrj3ZjTIlYxWkaVEcZv+arqMlVP4M+
hH9r4zKcToZiGobjYr62SSQgKtezGvtbW1hdE3k5U3DNTofaFrzPx6v3XOHAvGA6
TA6dS584gTv6zmnbVyU3QL8Q24nxntgB2woOSgbL+5vW3N6cwW+YE5vfGIuu8s6C
I1ZKysCfqgDTW8w5+zNhKk/5yFTCTOnvozPGrBb1VErgblNqE5gyzcTA0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYeYBRL58u4iSD9+t7BEUgo4fq7MB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvaGg1Z0ZFdm55N2lKSVAzNjNzRVJTQ2poLXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbzEMA0G
CSqGSIb3DQEBCwUAA4IBAQAEHK5im/x+vLcFRwX5JOeIsDGczlDBk1/ytry2jSMQ
KOiYYv7mM/4n28PXT9Wy3hRyKgsflBhXIoAYTfhr442U1973q7NoB8fykT0bmLHR
j4PzuXyx/rdB8eOqfFEZNcu/eSKC535+7iGp0Ci2sU/2vtfrgUhSh++BiscW62E/
kGI4SHhhSLu8vbB0hnfEOkQC0mlFcmnoibKqW2uPtnseH9PatTXSavIw251gGMdt
YWfajbVUMTJEojuFP6NQZft2zW38AO07JSJgUbD+DzJmu4eHmS4pKkdb6w/9APsj
jZMQPW/sGgDYahNerzVsUxG8hKj5ZOacBAXrnOHgWVou
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:48:23 2025 by rpki-client