Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/o33kvNGiVE5QwGbXRcS1WVlFPa4.roa
File: o33kvNGiVE5QwGbXRcS1WVlFPa4.roa (raw, json)
Hash identifier: tbXNsaKqMuIQJAxtvQCEh1A+tSp7ogPpQ+0PODtQq48=
Subject key identifier: A3:7D:E4:BC:D1:A2:54:4E:50:C0:66:D7:45:C4:B5:59:59:45:3D:AE
Certificate issuer: /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial: 019425FC0F1FF4735350B2746474B4DC58F6
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/o33kvNGiVE5QwGbXRcS1WVlFPa4.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 5.250.255.0/24 maxlen: 24
185.123.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0f:1f:f4:73:53:50:b2:74:64:74:b4:dc:58:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a37de4bcd1a2544e50c066d745c4b55959453dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:af:49:39:9f:7e:5e:81:4e:7c:8d:fc:e9:01:
a3:be:ac:0e:1e:78:98:11:7f:03:50:bf:ce:a1:cb:
86:b3:0b:53:6a:05:cd:20:3e:09:a7:f0:2f:37:bf:
7e:63:a7:43:47:3b:53:45:09:03:a0:43:80:9b:b0:
42:aa:0b:12:f4:1d:ad:52:46:29:2e:bd:4a:dc:7f:
b3:90:f7:0e:8d:c3:8d:e6:20:5d:a0:ef:62:65:85:
af:fc:bc:a9:ea:d8:48:3a:8b:3b:32:39:74:89:af:
f7:df:5f:9f:ef:b4:44:e8:31:78:a3:c2:54:f1:04:
a3:2b:db:66:b2:30:bb:62:80:4d:d6:70:bf:5c:f1:
69:bb:97:90:27:17:13:28:de:f3:6b:34:c4:30:c8:
a8:00:04:db:30:df:a5:8a:f0:d8:50:36:74:b2:91:
8b:66:1c:86:08:b0:c6:f2:9d:79:15:1d:a0:d2:50:
aa:44:a4:b5:e1:4c:6d:b4:1d:18:6f:eb:21:7c:ab:
94:6f:59:02:12:f6:e4:44:c8:94:af:58:f9:a6:b7:
9d:54:b3:1d:6f:d9:ad:29:9c:d0:70:96:a4:cf:e1:
ce:a7:33:7a:e2:db:44:c4:ff:12:86:bf:ba:34:3e:
44:6c:47:bd:88:67:1b:5c:5a:f3:1b:91:2a:72:ad:
53:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7D:E4:BC:D1:A2:54:4E:50:C0:66:D7:45:C4:B5:59:59:45:3D:AE
X509v3 Authority Key Identifier:
keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/o33kvNGiVE5QwGbXRcS1WVlFPa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.255.0/24
185.123.54.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b0:4d:36:34:cd:f6:15:67:51:6a:24:35:ef:27:c9:15:44:
81:6d:f4:ea:88:eb:93:94:30:ce:6f:e1:32:3e:bc:04:d0:aa:
c3:a7:14:3b:54:61:54:34:61:d1:80:77:86:fb:b7:eb:10:2b:
de:d7:5e:0b:ca:8a:1f:d0:37:76:68:04:c8:22:6a:52:ed:1b:
ae:ae:c1:d4:52:ed:fa:28:c1:fd:4b:cd:fa:b2:4c:d1:7f:fa:
db:9f:ec:74:97:4e:2a:a9:2a:fd:71:96:b1:73:d2:c6:56:05:
56:80:58:43:7c:ab:14:ff:b9:8a:ef:ba:4c:e0:6e:38:7a:92:
a8:9f:15:50:94:00:d6:b3:d4:a9:71:30:69:bb:47:5b:b1:43:
4d:8f:1f:33:8e:18:c1:48:fd:b3:52:96:d0:1e:4d:78:38:b2:
f7:98:c2:d2:d1:bb:dd:42:c1:ea:e4:2b:0f:eb:c1:3a:ee:01:
07:c8:e7:45:62:89:d5:99:ff:2d:26:93:81:44:91:cd:82:75:
b9:c1:6e:8a:25:4a:1c:9b:08:44:f5:75:89:7f:57:79:ad:b5:
62:cd:0e:fe:3c:7c:bc:39:2c:2d:44:47:9e:71:8e:97:aa:a7:
b4:46:59:79:51:47:7b:bc:3a:49:ba:37:f1:09:17:3e:2e:e2:
fd:12:ac:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/A8f9HNTULJ0ZHS03Fj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdkZTRiY2QxYTI1NDRlNTBjMDY2ZDc0NWM0YjU1OTU5NDUzZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7q9JOZ9+XoFOfI386QGjvqwOHniY
EX8DUL/OocuGswtTagXNID4Jp/AvN79+Y6dDRztTRQkDoEOAm7BCqgsS9B2tUkYp
Lr1K3H+zkPcOjcON5iBdoO9iZYWv/Lyp6thIOos7Mjl0ia/331+f77RE6DF4o8JU
8QSjK9tmsjC7YoBN1nC/XPFpu5eQJxcTKN7zazTEMMioAATbMN+livDYUDZ0spGL
ZhyGCLDG8p15FR2g0lCqRKS14UxttB0Yb+shfKuUb1kCEvbkRMiUr1j5predVLMd
b9mtKZzQcJakz+HOpzN64ttExP8Shr+6ND5EbEe9iGcbXFrzG5Eqcq1TgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKN95LzRolROUMBm10XEtVlZRT2uMB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvbzMza3ZOR2lWRTVRd0diWFJjUzFXVmxGUGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfr/AwQA
uXs2MA0GCSqGSIb3DQEBCwUAA4IBAQBOsE02NM32FWdRaiQ17yfJFUSBbfTqiOuT
lDDOb+EyPrwE0KrDpxQ7VGFUNGHRgHeG+7frECve114Lyoof0Dd2aATIImpS7Ruu
rsHUUu36KMH9S836skzRf/rbn+x0l04qqSr9cZaxc9LGVgVWgFhDfKsU/7mK77pM
4G44epKonxVQlADWs9SpcTBpu0dbsUNNjx8zjhjBSP2zUpbQHk14OLL3mMLS0bvd
QsHq5CsP68E67gEHyOdFYonVmf8tJpOBRJHNgnW5wW6KJUocmwhE9XWJf1d5rbVi
zQ7+PHy8OSwtREeecY6Xqqe0Rll5UUd7vDpJujfxCRc+LuL9EqzF
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:11 2025 by rpki-client