Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/DC8CWnfWr0kQCJUXXP37JYlG3bs.roa
File: DC8CWnfWr0kQCJUXXP37JYlG3bs.roa (raw, json)
Hash identifier: hIJ82Bht26+DJ40TdTwMmY9/6cclogWpDkPQZ7x1T3M=
Subject key identifier: 0C:2F:02:5A:77:D6:AF:49:10:08:95:17:5C:FD:FB:25:89:46:DD:BB
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0195CCA303985611BC9BD6AF6F7F39CF9614
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/DC8CWnfWr0kQCJUXXP37JYlG3bs.roa
Signing time: Tue 25 Mar 2025 09:29:49 +0000
ROA not before: Tue 25 Mar 2025 09:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 5.10.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:a3:03:98:56:11:bc:9b:d6:af:6f:7f:39:cf:96:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Mar 25 09:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c2f025a77d6af49100895175cfdfb258946ddbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9a:7b:17:a0:8f:63:03:1c:25:c6:9d:a1:97:
b1:5b:93:04:85:80:10:e6:95:16:e1:32:ed:93:ca:
91:96:9c:1a:66:9b:96:04:9e:22:0a:c1:42:8c:30:
0c:fd:62:27:44:6a:0b:31:f1:40:f5:ad:2e:05:88:
74:a7:13:b0:d2:bd:a3:dd:0b:cf:87:02:14:1a:9f:
c7:a6:22:fe:f3:8e:9e:20:59:01:2e:76:7f:48:81:
5a:95:fe:fa:f5:06:17:a4:86:93:4b:7e:49:53:86:
d9:ae:eb:a6:40:88:1f:67:c5:0a:0d:61:9e:61:f9:
58:e9:57:37:78:b3:ad:40:a0:da:1c:21:99:fa:bd:
50:04:12:43:c2:70:35:eb:fd:08:59:aa:8e:8a:65:
22:ff:81:ff:05:1a:7e:bf:10:ca:46:54:c3:cb:44:
75:ae:1c:3b:66:b0:74:89:81:16:ca:33:e6:d3:05:
f6:85:b0:63:9b:00:b3:ed:72:ea:c2:9e:00:63:2d:
3f:b4:72:af:c8:2f:27:99:49:4d:7b:3f:2b:d3:6a:
c2:d6:b0:ee:3e:c4:68:21:82:c7:de:2d:7e:4e:62:
db:51:2a:cd:5b:72:81:3c:4c:9e:29:eb:f6:2a:fd:
6f:38:fb:d6:db:bb:9f:13:14:b0:51:fc:1f:86:0d:
52:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2F:02:5A:77:D6:AF:49:10:08:95:17:5C:FD:FB:25:89:46:DD:BB
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/DC8CWnfWr0kQCJUXXP37JYlG3bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:d7:2d:d9:d7:24:85:80:0a:34:fc:e4:33:d8:e0:95:1e:91:
3c:88:88:9b:53:55:fa:68:e7:1b:ac:80:c7:52:7c:0d:57:bf:
3d:61:2b:9e:38:06:de:a0:37:b1:9b:d8:f5:9b:c4:9a:ff:85:
7e:21:20:f5:2a:3f:41:11:e8:20:59:1f:9d:15:e7:a6:a0:80:
17:7d:6d:84:95:95:c0:78:1e:0f:05:3f:12:8a:6a:ff:50:ae:
1e:8d:31:0d:12:96:e5:64:7e:07:f9:f3:67:2f:f9:15:fc:3f:
a6:66:f7:13:f7:c6:7d:0a:85:41:f2:05:ad:ec:4a:a9:ad:f0:
01:ec:33:1c:34:73:90:84:a3:c5:8c:14:32:4e:d4:ec:e9:f0:
7d:b8:ef:b7:e4:84:83:dc:37:bf:75:34:42:9f:9f:a4:0b:b8:
21:65:53:12:b2:ed:92:4b:c2:69:56:45:1d:ff:e1:19:29:ff:
ff:de:6b:7d:23:1e:c3:ff:d1:20:cc:89:ca:bd:86:ca:0c:83:
b7:b5:d5:d1:74:02:97:4f:69:53:d1:06:45:72:e3:dd:a0:6e:
71:e3:67:e6:01:91:a3:1a:b9:6f:93:33:bf:47:18:52:8c:d7:
0e:4b:39:dd:44:70:0b:28:43:07:5a:7f:f8:4c:62:03:00:1a:
99:41:94:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXMowOYVhG8m9avb385z5YUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjUwMzI1MDkyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJmMDI1YTc3ZDZhZjQ5MTAwODk1MTc1Y2ZkZmIyNTg5NDZkZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZp7F6CPYwMcJcadoZexW5MEhYAQ
5pUW4TLtk8qRlpwaZpuWBJ4iCsFCjDAM/WInRGoLMfFA9a0uBYh0pxOw0r2j3QvP
hwIUGp/HpiL+846eIFkBLnZ/SIFalf769QYXpIaTS35JU4bZruumQIgfZ8UKDWGe
YflY6Vc3eLOtQKDaHCGZ+r1QBBJDwnA16/0IWaqOimUi/4H/BRp+vxDKRlTDy0R1
rhw7ZrB0iYEWyjPm0wX2hbBjmwCz7XLqwp4AYy0/tHKvyC8nmUlNez8r02rC1rDu
PsRoIYLH3i1+TmLbUSrNW3KBPEyeKev2Kv1vOPvW27ufExSwUfwfhg1S9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwvAlp31q9JEAiVF1z9+yWJRt27MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvREM4Q1duZldyMGtRQ0pVWFhQMzdKWWxHM2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBQrQMA0G
CSqGSIb3DQEBCwUAA4IBAQAq1y3Z1ySFgAo0/OQz2OCVHpE8iIibU1X6aOcbrIDH
UnwNV789YSueOAbeoDexm9j1m8Sa/4V+ISD1Kj9BEeggWR+dFeemoIAXfW2ElZXA
eB4PBT8Simr/UK4ejTENEpblZH4H+fNnL/kV/D+mZvcT98Z9CoVB8gWt7EqprfAB
7DMcNHOQhKPFjBQyTtTs6fB9uO+35ISD3De/dTRCn5+kC7ghZVMSsu2SS8JpVkUd
/+EZKf//3mt9Ix7D/9EgzInKvYbKDIO3tdXRdAKXT2lT0QZFcuPdoG5x42fmAZGj
GrlvkzO/RxhSjNcOSzndRHALKEMHWn/4TGIDABqZQZRw
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:14 2025 by rpki-client