Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/pDkCQjQVPegQOP278WmolhHSrkw.roa
File: pDkCQjQVPegQOP278WmolhHSrkw.roa (raw, json)
Hash identifier: VPjogK0/dxD5LybI2fhbuslUMxpJB7AerXcZh/G3cj4=
Subject key identifier: A4:39:02:42:34:15:3D:E8:10:38:FD:BB:F1:69:A8:96:11:D2:AE:4C
Certificate issuer: /CN=bd252a75c961ad338fd91147d461dd8b3d20cf51
Certificate serial: 019421B1DA63BE749FCF763386F818949031
Authority key identifier: BD:25:2A:75:C9:61:AD:33:8F:D9:11:47:D4:61:DD:8B:3D:20:CF:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vSUqdclhrTOP2RFH1GHdiz0gz1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/pDkCQjQVPegQOP278WmolhHSrkw.roa
Signing time: Wed 01 Jan 2025 11:48:11 +0000
ROA not before: Wed 01 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 5.182.152.0/24 maxlen: 24
2a0e:900:d001::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:da:63:be:74:9f:cf:76:33:86:f8:18:94:90:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd252a75c961ad338fd91147d461dd8b3d20cf51
Validity
Not Before: Jan 1 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a439024234153de81038fdbbf169a89611d2ae4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:04:6b:7b:6b:12:36:70:78:41:47:bb:88:d3:
3d:e6:45:8e:eb:ce:d6:af:bb:2a:01:d6:0f:fc:69:
89:38:cd:df:fc:f9:ac:b9:c2:fa:7a:a9:bc:d8:ce:
20:76:8d:bf:4a:6f:bb:51:8e:d3:6f:6d:3e:06:12:
ac:fa:0e:d8:2e:19:1d:41:8f:7e:76:87:e1:c5:4e:
70:a6:66:9b:b9:e7:a6:7e:e3:13:17:a3:9b:69:34:
45:83:1c:ed:d2:46:af:03:f4:eb:d9:c2:60:17:47:
c0:c5:5f:7b:53:53:e9:bd:7e:b6:8f:9f:b4:7a:eb:
e0:1f:d0:c8:bf:68:b7:e4:41:c6:02:bb:1d:9f:7d:
41:e9:51:cb:38:72:9d:86:13:28:d5:3d:49:59:58:
a5:7d:84:39:27:e6:6f:39:fa:47:57:bc:b0:ba:b6:
96:b4:09:a1:a4:90:d4:14:b3:26:3e:6b:70:e0:9a:
17:5e:3c:70:71:19:25:d2:56:51:a0:2a:ec:d5:29:
95:f9:b1:3a:da:93:67:ff:c5:ae:a8:d3:6a:ac:f7:
09:bb:91:fa:f7:75:29:30:63:9b:fa:ed:92:37:2a:
cb:3f:f4:cf:83:b2:ea:1c:79:01:b4:75:f1:28:44:
57:cb:80:32:c6:73:fb:3a:5a:92:4e:e9:eb:82:12:
f2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:39:02:42:34:15:3D:E8:10:38:FD:BB:F1:69:A8:96:11:D2:AE:4C
X509v3 Authority Key Identifier:
keyid:BD:25:2A:75:C9:61:AD:33:8F:D9:11:47:D4:61:DD:8B:3D:20:CF:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vSUqdclhrTOP2RFH1GHdiz0gz1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/pDkCQjQVPegQOP278WmolhHSrkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1c70e-226a-4781-b662-741ab92997d0/1/vSUqdclhrTOP2RFH1GHdiz0gz1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.152.0/24
IPv6:
2a0e:900:d001::/48
Signature Algorithm: sha256WithRSAEncryption
57:1f:6b:83:51:08:50:39:2d:bf:5f:d3:f6:a3:87:e7:94:f8:
6a:34:96:2e:26:e8:60:19:42:16:33:9b:8b:f6:72:13:f5:98:
c1:6c:82:9f:94:a7:b2:fd:5c:30:b1:fd:ce:a1:82:21:fc:da:
33:11:a7:b6:6c:85:a4:8e:c3:38:1d:c1:e9:af:d5:e5:42:b5:
89:89:79:98:5f:ac:64:7e:ce:3a:b3:a3:62:7c:74:3f:b2:07:
cd:6f:4b:19:7a:f5:41:23:ed:36:fb:d4:db:ed:53:d3:85:42:
4f:c5:f9:e5:7a:62:9b:a9:a5:9f:56:0e:00:a0:e1:ef:0b:f5:
02:3b:85:1f:da:2b:7d:22:7f:8e:90:99:2c:04:21:8b:5d:62:
08:75:bd:6a:29:52:75:ed:e9:5c:aa:78:5c:b2:99:e2:70:a0:
2e:ef:1f:b4:78:6b:0c:9b:90:26:a5:ca:c9:e9:b8:8e:8c:18:
b1:51:6c:98:65:76:99:64:f6:b5:a8:78:00:fc:32:c6:90:01:
bb:73:ef:27:eb:ff:a4:89:5d:60:3d:b4:c0:9f:73:eb:86:18:
61:60:df:c5:53:ef:c8:35:95:1c:fa:ce:21:9e:bb:6d:68:74:
31:fb:e5:72:ab:b3:69:3f:1e:e3:59:32:28:3a:ee:bf:9d:26:
b1:01:b7:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhsdpjvnSfz3YzhvgYlJAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMjUyYTc1Yzk2MWFkMzM4ZmQ5MTE0N2Q0NjFkZDhiM2Qy
MGNmNTEwHhcNMjUwMTAxMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDM5MDI0MjM0MTUzZGU4MTAzOGZkYmJmMTY5YTg5NjExZDJhZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuARre2sSNnB4QUe7iNM95kWO687W
r7sqAdYP/GmJOM3f/PmsucL6eqm82M4gdo2/Sm+7UY7Tb20+BhKs+g7YLhkdQY9+
dofhxU5wpmabueemfuMTF6ObaTRFgxzt0kavA/Tr2cJgF0fAxV97U1PpvX62j5+0
euvgH9DIv2i35EHGArsdn31B6VHLOHKdhhMo1T1JWVilfYQ5J+ZvOfpHV7ywuraW
tAmhpJDUFLMmPmtw4JoXXjxwcRkl0lZRoCrs1SmV+bE62pNn/8WuqNNqrPcJu5H6
93UpMGOb+u2SNyrLP/TPg7LqHHkBtHXxKERXy4AyxnP7OlqSTunrghLynwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKQ5AkI0FT3oEDj9u/FpqJYR0q5MMB8GA1UdIwQY
MBaAFL0lKnXJYa0zj9kRR9Rh3Ys9IM9RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlNVcWRjbGhyVE9QMlJGSDFHSGRpejBnejFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWM3MGUtMjI2YS00NzgxLWI2NjIt
NzQxYWI5Mjk5N2QwLzEvcERrQ1FqUVZQZWdRT1AyNzhXbW9saEhTcmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWM3MGUtMjI2YS00NzgxLWI2NjItNzQxYWI5Mjk5N2Qw
LzEvdlNVcWRjbGhyVE9QMlJGSDFHSGRpejBnejFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABbaYMA8E
AgACMAkDBwAqDgkA0AEwDQYJKoZIhvcNAQELBQADggEBAFcfa4NRCFA5Lb9f0/aj
h+eU+Go0li4m6GAZQhYzm4v2chP1mMFsgp+Up7L9XDCx/c6hgiH82jMRp7ZshaSO
wzgdwemv1eVCtYmJeZhfrGR+zjqzo2J8dD+yB81vSxl69UEj7Tb71NvtU9OFQk/F
+eV6YpuppZ9WDgCg4e8L9QI7hR/aK30if46QmSwEIYtdYgh1vWopUnXt6VyqeFyy
meJwoC7vH7R4awybkCalysnpuI6MGLFRbJhldplk9rWoeAD8MsaQAbtz7yfr/6SJ
XWA9tMCfc+uGGGFg38VT78g1lRz6ziGeu21odDH75XKrs2k/HuNZMig67r+dJrEB
t4w=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:34 2025 by rpki-client