Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/uB1fsTN5xt9prk3FmqA_vfOk3V8.roa
File: uB1fsTN5xt9prk3FmqA_vfOk3V8.roa (raw, json)
Hash identifier: Xbk+Y99PsH3Ea8NbCtaJ5KS35ZMdZP+5pz4Y3JKvU0M=
Subject key identifier: B8:1D:5F:B1:33:79:C6:DF:69:AE:4D:C5:9A:A0:3F:BD:F3:A4:DD:5F
Certificate issuer: /CN=5bb1c57055c29d669f289a9f68f392823942132a
Certificate serial: 01941F8C420F3430D984CE17B9FAF66A6311
Authority key identifier: 5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/uB1fsTN5xt9prk3FmqA_vfOk3V8.roa
Signing time: Wed 01 Jan 2025 01:47:53 +0000
ROA not before: Wed 01 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202709
IP address blocks: 5.253.214.0/24 maxlen: 24
5.253.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:42:0f:34:30:d9:84:ce:17:b9:fa:f6:6a:63:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb1c57055c29d669f289a9f68f392823942132a
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b81d5fb13379c6df69ae4dc59aa03fbdf3a4dd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2e:ba:6b:35:69:6b:dc:87:81:85:a1:18:d2:
f5:b5:3a:be:9b:40:f1:b6:95:81:6e:eb:7f:5a:c9:
66:60:dc:18:6b:c2:ba:ea:91:5f:8d:b1:0b:e1:7b:
50:2e:26:6d:4d:fd:8c:19:a1:e8:5f:21:94:7e:e4:
12:b1:82:27:49:e5:94:43:d8:26:82:f0:f7:43:19:
d5:d2:98:aa:4c:35:1f:54:0a:41:d2:77:e6:a3:84:
2f:27:29:63:80:c3:75:b0:be:46:02:28:b5:7e:69:
ab:09:2c:b4:14:e7:92:84:3d:8c:7c:ea:07:b6:1a:
00:08:fa:2f:7d:be:9f:dc:f5:16:9c:c3:43:03:54:
6d:ec:2e:42:f2:be:6a:ad:ad:e2:63:da:6f:0d:f0:
75:b8:1d:a1:32:40:e7:b0:5f:ed:02:07:cb:1d:0b:
4f:3f:2a:75:69:a4:d1:ef:53:4f:02:a7:f7:52:61:
e1:92:cd:df:52:c4:76:72:ee:30:b5:4a:fc:c5:6d:
70:aa:6a:cc:b5:39:ec:0e:19:02:b4:9b:d3:42:6b:
6b:ce:f6:0c:3b:44:72:63:a8:ed:5c:eb:cf:e7:b3:
71:3c:96:34:89:e5:fa:bb:09:1a:3a:8e:f7:38:19:
bf:45:7e:fb:23:39:a4:ba:63:c8:7e:9c:6c:dc:8a:
2b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:1D:5F:B1:33:79:C6:DF:69:AE:4D:C5:9A:A0:3F:BD:F3:A4:DD:5F
X509v3 Authority Key Identifier:
keyid:5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/uB1fsTN5xt9prk3FmqA_vfOk3V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.214.0/23
Signature Algorithm: sha256WithRSAEncryption
01:1c:0f:37:6b:41:76:9e:dc:be:55:99:f1:1d:5b:44:2a:43:
c1:fb:d8:92:cf:69:e4:e1:88:f9:ce:c2:90:4d:4f:5e:57:32:
cb:00:f5:e5:a7:16:ea:72:42:8e:df:f8:ac:af:ba:b1:be:67:
70:db:5a:90:5a:46:51:75:c9:3e:20:a6:82:61:4c:d6:87:ee:
14:cb:0e:9b:1c:dd:2b:c2:61:87:e9:d8:b8:7d:e5:c7:ed:94:
78:4e:32:89:82:56:a2:81:71:e2:49:1a:ff:a1:53:68:b9:02:
20:e9:a0:96:c2:23:6d:c8:4f:b0:98:18:d8:5e:00:25:99:c7:
83:89:db:f6:2b:5e:3a:26:99:35:dc:fb:8b:31:6a:f6:44:20:
93:e0:4e:9b:0e:da:f7:6d:9b:32:79:9c:3f:b8:21:c9:c0:84:
ee:1b:a5:1f:a4:44:ad:bc:6d:f5:15:21:30:91:fb:6b:7c:0a:
06:6e:3a:59:81:64:b1:82:a2:a9:2f:c9:f4:9b:dc:78:77:d6:
65:6a:78:8b:de:07:6a:3b:ea:0b:d3:35:e9:c1:c2:88:88:93:
8a:50:d7:c9:47:d4:54:dd:d8:44:76:a9:b4:da:fc:88:52:ee:
af:cb:74:67:d2:a2:71:91:71:0a:74:6c:54:b2:85:1d:e7:2f:
65:34:67:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEIPNDDZhM4Xufr2amMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjFjNTcwNTVjMjlkNjY5ZjI4OWE5ZjY4ZjM5MjgyMzk0
MjEzMmEwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODFkNWZiMTMzNzljNmRmNjlhZTRkYzU5YWEwM2ZiZGYzYTRkZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi66azVpa9yHgYWhGNL1tTq+m0Dx
tpWBbut/WslmYNwYa8K66pFfjbEL4XtQLiZtTf2MGaHoXyGUfuQSsYInSeWUQ9gm
gvD3QxnV0piqTDUfVApB0nfmo4QvJyljgMN1sL5GAii1fmmrCSy0FOeShD2MfOoH
thoACPovfb6f3PUWnMNDA1Rt7C5C8r5qra3iY9pvDfB1uB2hMkDnsF/tAgfLHQtP
Pyp1aaTR71NPAqf3UmHhks3fUsR2cu4wtUr8xW1wqmrMtTnsDhkCtJvTQmtrzvYM
O0RyY6jtXOvP57NxPJY0ieX6uwkaOo73OBm/RX77IzmkumPIfpxs3IorqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgdX7Ezecbfaa5NxZqgP73zpN1fMB8GA1UdIwQY
MBaAFFuxxXBVwp1mnyian2jzkoI5QhMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2Yt
NWNlYWUxOWY5NGY5LzEvdUIxZnNUTjV4dDlwcmszRm1xQV92Zk9rM1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2YtNWNlYWUxOWY5NGY5
LzEvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBf3WMA0G
CSqGSIb3DQEBCwUAA4IBAQABHA83a0F2nty+VZnxHVtEKkPB+9iSz2nk4Yj5zsKQ
TU9eVzLLAPXlpxbqckKO3/isr7qxvmdw21qQWkZRdck+IKaCYUzWh+4Uyw6bHN0r
wmGH6di4feXH7ZR4TjKJglaigXHiSRr/oVNouQIg6aCWwiNtyE+wmBjYXgAlmceD
idv2K146Jpk13PuLMWr2RCCT4E6bDtr3bZsyeZw/uCHJwITuG6UfpEStvG31FSEw
kftrfAoGbjpZgWSxgqKpL8n0m9x4d9ZlaniL3gdqO+oL0zXpwcKIiJOKUNfJR9RU
3dhEdqm02vyIUu6vy3Rn0qJxkXEKdGxUsoUd5y9lNGcM
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:18:58 2025 by rpki-client