Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5T2bu1MZznUR1RN9nzIhUN9ndjo.roa
File: 5T2bu1MZznUR1RN9nzIhUN9ndjo.roa (raw, json)
Hash identifier: 0dmLTT5O4LwcX1oD39PZYRT1M5ADWkC9hV3kx2Ypkhk=
Subject key identifier: E5:3D:9B:BB:53:19:CE:75:11:D5:13:7D:9F:32:21:50:DF:67:76:3A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240BD8A032B0AA7546C2FE3A09CE01
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5T2bu1MZznUR1RN9nzIhUN9ndjo.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1273
IP address blocks: 82.163.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0b:d8:a0:32:b0:aa:75:46:c2:fe:3a:09:ce:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e53d9bbb5319ce7511d5137d9f322150df67763a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:bf:7e:06:55:42:e5:09:34:54:a4:c6:f0:
bb:72:3a:93:48:bf:7d:d7:35:d3:2b:ac:af:fa:d7:
4e:bc:2e:b0:d2:93:07:f8:fc:4e:f5:ce:8a:07:10:
39:68:4e:ef:10:01:7f:73:5e:13:10:a4:c8:53:01:
b0:ab:97:bb:ad:1d:a3:6d:ab:d1:2f:de:40:6c:17:
44:1f:f8:1e:59:f0:fa:83:37:c9:61:9b:e8:93:16:
f1:35:82:82:25:31:10:72:19:c5:a8:f7:d9:1c:d4:
2a:78:12:9d:b0:3f:19:18:7f:83:1b:59:06:d2:17:
56:c8:f1:b7:bd:8e:f1:d7:a7:6b:35:70:72:7a:3f:
6b:3d:32:2f:cd:3a:9b:db:e5:d7:c6:7d:71:92:33:
9e:a8:d2:80:1b:03:5a:33:7f:2d:03:ac:52:9c:fa:
dd:bb:78:b0:31:81:f5:10:c2:42:0c:61:2f:4b:33:
d0:49:7d:3f:7e:48:99:a5:25:9e:26:a4:10:e7:73:
9f:6e:2f:0c:b8:9a:ba:a6:c2:9d:d4:c0:df:ed:c2:
27:1f:d2:c6:db:b4:8c:e7:78:4e:cd:47:00:8f:48:
36:ee:64:14:47:25:2a:3f:5a:bb:9e:dc:96:f7:65:
1a:2f:5e:4e:c0:0d:73:94:34:36:9c:dd:2e:a0:1a:
6d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3D:9B:BB:53:19:CE:75:11:D5:13:7D:9F:32:21:50:DF:67:76:3A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5T2bu1MZznUR1RN9nzIhUN9ndjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:bc:4c:f5:ba:d8:d3:9c:ef:94:ab:56:32:ac:fb:a4:76:99:
d5:9c:5b:64:71:6b:9d:21:e2:96:11:f4:47:21:eb:a4:08:e6:
cd:d3:60:2f:55:68:78:f6:50:04:3a:6b:a5:62:cf:c9:d3:e4:
ee:71:51:1e:8d:c0:e1:c4:27:7e:06:7c:20:37:67:c8:46:d0:
a9:a7:29:3c:ed:02:1f:73:c4:4e:b8:27:e9:9b:79:2c:81:4e:
c0:ce:74:ef:e8:44:23:16:43:14:e7:2f:1f:03:67:cc:ab:9c:
66:e9:e3:4d:e3:39:c2:d9:9e:39:a6:3b:43:f4:da:78:e0:19:
74:ac:e1:76:b2:56:6b:61:4d:40:b7:ae:18:c2:1f:c1:0a:7d:
68:c8:1d:29:21:70:43:b2:73:6a:4f:ea:0a:0a:67:77:2a:d2:
85:58:dd:3d:51:03:b8:bf:ed:e4:b5:17:40:56:b1:17:50:e5:
4e:37:f9:b1:92:af:f4:29:70:f6:0d:1f:9d:01:b0:c7:5c:30:
6e:b4:a6:e7:3e:ca:92:6a:22:04:cd:06:94:f8:67:1e:00:fd:
a5:8c:65:43:7c:e1:8f:6d:bd:0b:74:86:b0:d8:f0:d6:9b:3e:
ef:33:df:1f:54:33:31:c3:04:4e:75:3a:2a:9f:fd:13:b3:7a:
c0:20:68:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJAvYoDKwqnVGwv46Cc4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTNkOWJiYjUzMTljZTc1MTFkNTEzN2Q5ZjMyMjE1MGRmNjc3NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2i/fgZVQuUJNFSkxvC7cjqTSL99
1zXTK6yv+tdOvC6w0pMH+PxO9c6KBxA5aE7vEAF/c14TEKTIUwGwq5e7rR2jbavR
L95AbBdEH/geWfD6gzfJYZvokxbxNYKCJTEQchnFqPfZHNQqeBKdsD8ZGH+DG1kG
0hdWyPG3vY7x16drNXByej9rPTIvzTqb2+XXxn1xkjOeqNKAGwNaM38tA6xSnPrd
u3iwMYH1EMJCDGEvSzPQSX0/fkiZpSWeJqQQ53Ofbi8MuJq6psKd1MDf7cInH9LG
27SM53hOzUcAj0g27mQURyUqP1q7ntyW92UaL15OwA1zlDQ2nN0uoBptEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOU9m7tTGc51EdUTfZ8yIVDfZ3Y6MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNVQyYnUxTVp6blVSMVJOOW56SWhVTjluZGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUqNoMA0G
CSqGSIb3DQEBCwUAA4IBAQB6vEz1utjTnO+Uq1YyrPukdpnVnFtkcWudIeKWEfRH
IeukCObN02AvVWh49lAEOmulYs/J0+TucVEejcDhxCd+BnwgN2fIRtCppyk87QIf
c8ROuCfpm3ksgU7AznTv6EQjFkMU5y8fA2fMq5xm6eNN4znC2Z45pjtD9Np44Bl0
rOF2slZrYU1At64Ywh/BCn1oyB0pIXBDsnNqT+oKCmd3KtKFWN09UQO4v+3ktRdA
VrEXUOVON/mxkq/0KXD2DR+dAbDHXDButKbnPsqSaiIEzQaU+GceAP2ljGVDfOGP
bb0LdIaw2PDWmz7vM98fVDMxwwROdToqn/0Ts3rAIGhO
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:07 2025 by rpki-client