Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8p0zgDMmEQKYFowGCRZ1WnJ1XG4.roa
File: 8p0zgDMmEQKYFowGCRZ1WnJ1XG4.roa (raw, json)
Hash identifier: lONzKxIEChrd+zgx338cn0PGbr1KmOsMrh7aAO+nOxw=
Subject key identifier: F2:9D:33:80:33:26:11:02:98:16:8C:06:09:16:75:5A:72:75:5C:6E
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 0193DDDDD83E2DEA58C001B1CF77F4C709C2
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8p0zgDMmEQKYFowGCRZ1WnJ1XG4.roa
Signing time: Thu 19 Dec 2024 07:42:03 +0000
ROA not before: Thu 19 Dec 2024 07:42:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.39.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:dd:d8:3e:2d:ea:58:c0:01:b1:cf:77:f4:c7:09:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Dec 19 07:42:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29d33803326110298168c060916755a72755c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:03:a1:b4:eb:10:18:96:47:a0:d1:d8:43:88:
d6:06:68:35:00:30:be:86:3a:1d:cc:af:71:e9:e8:
92:bb:d8:17:ce:26:67:a7:70:dc:aa:d1:68:fc:0e:
8d:1f:65:e0:d9:ca:15:89:31:6a:1d:f8:49:6f:06:
af:dd:79:ab:b3:ee:21:b8:1e:cd:00:b9:2a:ad:34:
4e:c4:e4:cc:75:da:b8:69:31:43:2c:37:5b:3d:ef:
5b:a2:75:97:6c:c3:87:5f:9d:f7:ce:da:09:c0:b7:
9b:92:8c:32:60:73:f1:a6:f6:f5:f2:5f:97:a1:a9:
3f:f4:a0:e7:46:2d:f6:74:46:4f:93:d0:c3:bb:e7:
03:c0:aa:d5:f6:8d:02:9c:dd:e2:c3:da:97:52:00:
2d:85:a4:b6:2c:87:9a:93:0b:53:db:b0:2f:d9:e5:
08:b4:e0:17:82:e8:f4:10:d1:01:b0:92:b2:94:8f:
58:2f:44:1d:d6:43:ba:c9:69:7f:87:ad:0e:b9:10:
af:ca:47:42:a4:9c:cf:7e:a9:6b:64:bd:7e:d6:33:
4c:23:36:3e:86:aa:b5:2f:43:5c:0f:af:16:24:80:
3e:3f:63:54:1c:f9:ff:f9:92:c2:f8:67:79:45:13:
41:84:f5:53:45:c5:f4:97:52:7e:9b:84:d6:5e:5e:
96:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9D:33:80:33:26:11:02:98:16:8C:06:09:16:75:5A:72:75:5C:6E
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8p0zgDMmEQKYFowGCRZ1WnJ1XG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.196.0/22
Signature Algorithm: sha256WithRSAEncryption
35:cc:12:b7:6a:ab:ac:0d:4a:6c:0d:38:86:3b:6e:fa:5e:88:
91:72:68:60:f0:b7:16:0a:d6:25:b2:6b:e2:86:c2:1a:c7:3e:
ca:4e:5c:53:da:1f:74:78:63:78:13:67:8a:0b:36:15:99:e3:
69:e7:b4:bc:2e:53:f0:61:a7:05:4b:2a:8f:ab:2f:1c:85:cd:
b6:30:82:50:3b:09:18:31:a9:d2:c2:35:e9:4c:2d:45:6f:ae:
d0:12:5b:78:d7:ea:b9:95:0f:23:fe:5a:ea:60:8c:f0:c0:e2:
ea:ae:03:54:e8:78:7d:7f:c7:06:f2:83:10:8c:22:45:12:0a:
95:0c:74:12:7c:f4:b1:33:2a:ef:64:da:f3:ee:c4:04:38:8f:
c3:8f:b9:85:e0:cc:fa:98:54:e7:ce:eb:1e:a7:76:d9:8d:cd:
f2:23:21:95:0d:43:23:aa:2a:82:67:8e:df:c2:97:e2:c4:84:
24:96:1e:e5:0b:68:51:d2:4f:e2:8a:59:f3:6e:42:82:bb:52:
3c:b9:5e:f5:05:0f:59:2d:97:8d:64:e7:13:68:b7:5f:8f:dd:
6a:95:ea:52:04:76:e6:23:e5:c4:da:72:a2:e2:58:12:63:53:
21:7e:a4:c4:5a:12:e6:77:85:ad:f2:ae:d0:d3:cd:da:c0:db:
a1:70:e3:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPd3dg+LepYwAGxz3f0xwnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMjE5MDc0MjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjlkMzM4MDMzMjYxMTAyOTgxNjhjMDYwOTE2NzU1YTcyNzU1YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wOhtOsQGJZHoNHYQ4jWBmg1ADC+
hjodzK9x6eiSu9gXziZnp3DcqtFo/A6NH2Xg2coViTFqHfhJbwav3Xmrs+4huB7N
ALkqrTROxOTMddq4aTFDLDdbPe9bonWXbMOHX533ztoJwLebkowyYHPxpvb18l+X
oak/9KDnRi32dEZPk9DDu+cDwKrV9o0CnN3iw9qXUgAthaS2LIeakwtT27Av2eUI
tOAXguj0ENEBsJKylI9YL0Qd1kO6yWl/h60OuRCvykdCpJzPfqlrZL1+1jNMIzY+
hqq1L0NcD68WJIA+P2NUHPn/+ZLC+Gd5RRNBhPVTRcX0l1J+m4TWXl6WvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKdM4AzJhECmBaMBgkWdVpydVxuMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvOHAwemdETW1FUUtZRm93R0NSWjFXbkoxWEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBSfEMA0G
CSqGSIb3DQEBCwUAA4IBAQA1zBK3aqusDUpsDTiGO276XoiRcmhg8LcWCtYlsmvi
hsIaxz7KTlxT2h90eGN4E2eKCzYVmeNp57S8LlPwYacFSyqPqy8chc22MIJQOwkY
ManSwjXpTC1Fb67QElt41+q5lQ8j/lrqYIzwwOLqrgNU6Hh9f8cG8oMQjCJFEgqV
DHQSfPSxMyrvZNrz7sQEOI/Dj7mF4Mz6mFTnzusep3bZjc3yIyGVDUMjqiqCZ47f
wpfixIQklh7lC2hR0k/iilnzbkKCu1I8uV71BQ9ZLZeNZOcTaLdfj91qlepSBHbm
I+XE2nKi4lgSY1MhfqTEWhLmd4Wt8q7Q083awNuhcOPn
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:56 2025 by rpki-client