Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/5Nm3wiyCxaKBqvwGGl6nHPXZ4yk.roa
File: 5Nm3wiyCxaKBqvwGGl6nHPXZ4yk.roa (raw, json)
Hash identifier: +kCGBZuwjsViPaGUZVrQ4rPhmlluHqrai+lK9/G0VRo=
Subject key identifier: E4:D9:B7:C2:2C:82:C5:A2:81:AA:FC:06:1A:5E:A7:1C:F5:D9:E3:29
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042A6F4A2F548E45C475400B436F03F
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/5Nm3wiyCxaKBqvwGGl6nHPXZ4yk.roa
Signing time: Mon 02 Jan 2023 02:14:54 +0000
ROA not before: Mon 02 Jan 2023 02:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 194.32.144.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a6:f4:a2:f5:48:e4:5c:47:54:00:b4:36:f0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4d9b7c22c82c5a281aafc061a5ea71cf5d9e329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1f:98:75:09:cc:91:16:38:6d:fe:fa:75:72:
52:c0:7f:72:f8:80:63:9e:d2:ae:f3:09:b0:e7:43:
87:26:96:74:59:24:00:be:2e:88:a1:fe:f2:81:6d:
d5:69:cc:71:95:2a:07:56:6f:fc:a5:01:88:2f:14:
f1:6d:9a:1f:a3:f7:2d:bb:3f:6f:e8:21:f9:fc:64:
a7:a4:0b:eb:7a:d7:b3:4a:52:dd:6c:31:97:84:56:
bd:6c:14:98:14:20:10:74:62:11:6b:ca:fd:1f:f8:
29:42:85:8d:f0:ab:00:09:92:b9:d7:5e:42:3f:4d:
fe:74:b0:1e:c6:5a:df:5b:df:c8:1c:4d:37:1c:3b:
1c:d2:68:07:ca:fa:aa:2e:9b:60:03:12:b1:a2:b4:
e5:9e:98:56:1b:bf:31:82:fc:3c:98:55:c7:44:52:
5f:ff:f8:68:97:56:d7:e3:65:1f:43:0c:56:22:59:
b5:bf:8d:f6:7d:12:40:b4:29:3e:84:82:12:70:3e:
eb:f8:9a:38:97:ab:47:f9:49:35:10:d6:2b:f5:33:
86:9c:80:c2:45:ef:91:9f:bc:dd:83:82:b5:90:fa:
f3:83:19:67:70:00:83:35:d8:19:ed:16:0e:52:b0:
31:67:1e:da:0b:66:ae:a3:f6:70:b8:6a:2a:2d:7b:
98:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D9:B7:C2:2C:82:C5:A2:81:AA:FC:06:1A:5E:A7:1C:F5:D9:E3:29
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/5Nm3wiyCxaKBqvwGGl6nHPXZ4yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.144.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:76:68:88:24:e7:58:8f:a7:b6:5f:e4:ee:41:58:89:d4:d2:
e7:e6:fc:33:4f:80:cf:32:57:28:f9:52:75:aa:f9:dd:fd:33:
4a:96:71:91:72:fe:12:e5:9e:6d:fb:2b:f6:b7:f9:20:59:1d:
f2:1d:96:71:8f:91:d1:e0:8e:f6:28:a3:9d:6d:f4:32:7a:32:
21:c7:d5:96:09:18:43:11:92:64:cd:34:b2:e2:ff:56:56:7b:
e8:38:d4:9a:d9:23:ef:12:1d:e1:48:02:fa:90:ce:dc:f3:00:
c8:2a:7d:2a:1c:cd:5f:02:92:82:30:58:1d:51:06:82:ab:9d:
a6:c4:7c:66:cb:e3:d7:7f:e9:99:52:32:26:49:10:c8:52:d9:
02:c8:3b:39:86:23:72:a0:87:3f:f1:e7:3e:24:c9:fa:3f:6e:
97:67:a1:bc:dc:c8:53:3f:99:f2:2c:e2:0c:df:9f:31:8d:bd:
78:98:88:bd:a4:59:7f:3e:0d:11:79:31:9b:12:a0:ab:3a:da:
38:41:1e:33:82:d3:05:8c:17:8b:83:b2:f7:fd:2e:c9:c5:7c:
2f:f9:89:8d:f2:b1:5e:ef:a8:53:1d:d2:64:4c:9d:b1:c2:ba:
14:21:ef:4d:fc:83:02:13:f3:e8:13:33:77:8b:a6:d1:78:f1:
2c:92:93:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqb0ovVI5FxHVAC0NvA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ5YjdjMjJjODJjNWEyODFhYWZjMDYxYTVlYTcxY2Y1ZDllMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR+YdQnMkRY4bf76dXJSwH9y+IBj
ntKu8wmw50OHJpZ0WSQAvi6Iof7ygW3VacxxlSoHVm/8pQGILxTxbZofo/ctuz9v
6CH5/GSnpAvretezSlLdbDGXhFa9bBSYFCAQdGIRa8r9H/gpQoWN8KsACZK5115C
P03+dLAexlrfW9/IHE03HDsc0mgHyvqqLptgAxKxorTlnphWG78xgvw8mFXHRFJf
//hol1bX42UfQwxWIlm1v432fRJAtCk+hIIScD7r+Jo4l6tH+Uk1ENYr9TOGnIDC
Re+Rn7zdg4K1kPrzgxlncACDNdgZ7RYOUrAxZx7aC2auo/ZwuGoqLXuYcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTZt8IsgsWigar8Bhpepxz12eMpMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvNU5tM3dpeUN4YUtCcXZ3R0dsNm5IUFhaNHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQA6dmiIJOdYj6e2X+TuQViJ1NLn5vwzT4DPMlco+VJ1
qvnd/TNKlnGRcv4S5Z5t+yv2t/kgWR3yHZZxj5HR4I72KKOdbfQyejIhx9WWCRhD
EZJkzTSy4v9WVnvoONSa2SPvEh3hSAL6kM7c8wDIKn0qHM1fApKCMFgdUQaCq52m
xHxmy+PXf+mZUjImSRDIUtkCyDs5hiNyoIc/8ec+JMn6P26XZ6G83MhTP5nyLOIM
358xjb14mIi9pFl/Pg0ReTGbEqCrOto4QR4zgtMFjBeLg7L3/S7JxXwv+YmN8rFe
76hTHdJkTJ2xwroUIe9N/IMCE/PoEzN3i6bRePEskpPS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:14 2025 by rpki-client