Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/2cIKXah99bs326V7_K2_ATU1wCc.roa
File: 2cIKXah99bs326V7_K2_ATU1wCc.roa (raw, json)
Hash identifier: 8U7vy7F8tH1dtIEl5RJoquiwlVH7Dw2C2urkmS/8Z1s=
Subject key identifier: D9:C2:0A:5D:A8:7D:F5:BB:37:DB:A5:7B:FC:AD:BF:01:35:35:C0:27
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019428253031A501472D06FA852A62DD91D4
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/2cIKXah99bs326V7_K2_ATU1wCc.roa
Signing time: Thu 02 Jan 2025 17:51:53 +0000
ROA not before: Thu 02 Jan 2025 17:51:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 5.157.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:30:31:a5:01:47:2d:06:fa:85:2a:62:dd:91:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 2 17:51:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9c20a5da87df5bb37dba57bfcadbf013535c027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bb:52:a1:e0:16:20:16:d7:20:1f:db:d7:84:
25:32:fa:ef:95:1a:5d:66:8d:80:64:c7:40:c7:c2:
a8:aa:ca:a5:b9:e1:a1:a6:88:05:6b:b5:9f:86:3d:
9a:24:9e:ad:35:fc:71:85:f6:9f:23:25:04:83:b4:
d7:34:d2:06:99:48:07:eb:8d:5a:fa:be:58:02:b4:
bf:3a:f9:d8:03:47:e1:2d:52:b9:05:4f:c8:07:c8:
e5:dc:57:3e:ea:a3:95:2f:a5:cf:cd:5e:83:7c:de:
04:c6:d0:2a:65:a0:16:fb:be:30:4b:b0:56:96:31:
3e:ef:f4:44:77:8b:06:af:a7:57:61:40:bc:fa:b8:
ca:b4:96:7d:57:4f:85:6b:3f:8a:1a:42:e7:91:26:
bd:72:f7:45:8e:96:b5:19:59:99:3c:89:75:eb:4d:
05:91:31:9b:4d:2d:45:d7:15:e6:cd:a8:22:e7:04:
17:7e:8e:6e:35:a0:c6:2f:20:84:1f:57:ee:73:66:
53:c7:f5:2b:20:37:92:2f:da:af:1d:8c:80:82:1d:
a9:fc:38:4f:dd:d9:f9:7d:5f:d2:dc:87:6a:1d:54:
09:95:62:44:48:9e:b1:7e:21:74:77:b4:1e:9c:3d:
21:ff:3b:23:44:5c:40:3b:95:80:56:df:1a:04:32:
20:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C2:0A:5D:A8:7D:F5:BB:37:DB:A5:7B:FC:AD:BF:01:35:35:C0:27
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/2cIKXah99bs326V7_K2_ATU1wCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.128.0/24
Signature Algorithm: sha256WithRSAEncryption
04:0b:77:60:53:d8:8f:bc:f6:e4:c3:2d:ca:d0:1c:ef:49:2f:
2a:8d:7e:15:7e:da:4e:12:d0:8b:f8:3d:bb:04:5a:46:a1:bc:
e5:38:1b:9d:aa:27:99:1d:16:1c:81:a9:73:6e:95:fc:2e:7e:
70:c0:d0:a0:cf:e0:53:0a:c3:3d:64:b8:a9:4a:c4:b4:3e:11:
08:b4:84:21:7d:80:1d:10:75:92:48:0c:cb:df:8e:71:7e:53:
db:7d:88:b6:2a:c7:a4:92:57:4f:7a:96:3d:c7:d3:ee:92:f3:
f6:9b:f9:01:d3:4c:af:e2:88:fb:d7:f6:15:19:73:09:f3:c1:
da:1c:7a:de:2a:ab:10:cc:56:1b:5a:61:06:16:97:62:20:23:
16:fa:4b:13:45:dc:16:d5:c8:a6:63:53:bf:3f:3a:4b:7d:50:
9a:d2:48:1d:53:d9:0e:f5:0d:09:51:ad:e9:33:1f:0f:3f:67:
9c:6a:3f:69:28:08:6a:15:b8:9b:d1:67:66:33:e5:ab:71:6e:
d4:97:d1:d6:0e:8f:8f:51:35:5e:de:2c:73:6e:4b:b3:fc:eb:
cb:24:1c:18:a2:d0:12:31:05:da:3d:82:8e:fd:78:c9:b2:46:
3a:d4:a8:7a:54:3e:7f:d8:08:8b:ca:03:b6:6f:00:07:6f:0c:
1a:c7:3e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJTAxpQFHLQb6hSpi3ZHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTAyMTc1MTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMyMGE1ZGE4N2RmNWJiMzdkYmE1N2JmY2FkYmYwMTM1MzVjMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LtSoeAWIBbXIB/b14QlMvrvlRpd
Zo2AZMdAx8KoqsqlueGhpogFa7Wfhj2aJJ6tNfxxhfafIyUEg7TXNNIGmUgH641a
+r5YArS/OvnYA0fhLVK5BU/IB8jl3Fc+6qOVL6XPzV6DfN4ExtAqZaAW+74wS7BW
ljE+7/REd4sGr6dXYUC8+rjKtJZ9V0+Faz+KGkLnkSa9cvdFjpa1GVmZPIl1600F
kTGbTS1F1xXmzagi5wQXfo5uNaDGLyCEH1fuc2ZTx/UrIDeSL9qvHYyAgh2p/DhP
3dn5fV/S3IdqHVQJlWJESJ6xfiF0d7QenD0h/zsjRFxAO5WAVt8aBDIgqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnCCl2offW7N9ule/ytvwE1NcAnMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvMmNJS1hhaDk5YnMzMjZWN19LMl9BVFUxd0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZ2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAEC3dgU9iPvPbkwy3K0BzvSS8qjX4VftpOEtCL+D27
BFpGobzlOBudqieZHRYcgalzbpX8Ln5wwNCgz+BTCsM9ZLipSsS0PhEItIQhfYAd
EHWSSAzL345xflPbfYi2KsekkldPepY9x9PukvP2m/kB00yv4oj71/YVGXMJ88Ha
HHreKqsQzFYbWmEGFpdiICMW+ksTRdwW1cimY1O/PzpLfVCa0kgdU9kO9Q0JUa3p
Mx8PP2ecaj9pKAhqFbib0WdmM+WrcW7Ul9HWDo+PUTVe3ixzbkuz/OvLJBwYotAS
MQXaPYKO/XjJskY61Kh6VD5/2AiLygO2bwAHbwwaxz7s
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:24:32 2025 by rpki-client