Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/4HzcAwAp_NPUTKmqOpFk6fNukP8.roa
File: 4HzcAwAp_NPUTKmqOpFk6fNukP8.roa (raw, json)
Hash identifier: MU7p381OLfrUgZeXEX4ypzzCidzVAcWbQDWLKu/+t9s=
Subject key identifier: E0:7C:DC:03:00:29:FC:D3:D4:4C:A9:AA:3A:91:64:E9:F3:6E:90:FF
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 0194266AC4664C66A168E702832961B03AB6
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/4HzcAwAp_NPUTKmqOpFk6fNukP8.roa
Signing time: Thu 02 Jan 2025 09:48:38 +0000
ROA not before: Thu 02 Jan 2025 09:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207208
IP address blocks: 5.181.191.0/24 maxlen: 24
185.1.217.0/24 maxlen: 24
2001:67c:2498::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c4:66:4c:66:a1:68:e7:02:83:29:61:b0:3a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Jan 2 09:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e07cdc030029fcd3d44ca9aa3a9164e9f36e90ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:bf:f6:e5:d7:e1:c5:f8:9e:f3:8e:bb:fe:
4b:45:be:06:85:17:fa:f3:eb:b6:75:41:6a:9b:75:
2c:a6:62:ae:83:b1:d5:9f:2b:a4:31:e7:d9:00:24:
4e:7a:07:f8:9e:c5:0f:f7:5e:75:85:bc:d9:b2:5c:
fa:8a:a2:0c:a6:5e:df:20:98:f1:f3:b5:b1:69:9e:
cf:a2:ec:7a:87:e3:b0:02:7c:f5:3a:60:32:7f:0c:
08:80:ba:ff:ad:30:2f:be:18:b0:ad:e4:92:72:95:
1f:1e:02:24:fa:d3:53:60:5b:d8:90:3f:97:00:70:
5e:f0:f9:d9:48:44:63:62:0f:a3:cd:b9:f6:bb:32:
fb:47:09:b4:69:c7:33:61:e6:9f:35:97:8f:a5:c3:
90:8b:00:85:99:80:d9:5f:a9:d3:a2:51:42:4a:31:
c4:e4:e9:aa:8e:33:95:4e:a2:6c:9e:c4:cd:b3:5f:
d0:85:a4:1e:41:43:6a:dd:06:44:45:15:56:b0:17:
27:47:6f:2b:6d:71:07:44:e8:50:26:91:7e:9f:98:
f4:de:3f:ed:d9:80:8e:35:73:bc:9e:06:dc:d0:52:
55:9d:5e:f7:12:db:eb:00:a0:07:aa:f9:e1:7b:38:
0b:0d:e9:e3:19:ed:e7:ad:5a:b7:5a:d2:65:f4:6d:
8e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7C:DC:03:00:29:FC:D3:D4:4C:A9:AA:3A:91:64:E9:F3:6E:90:FF
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/4HzcAwAp_NPUTKmqOpFk6fNukP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.191.0/24
185.1.217.0/24
IPv6:
2001:67c:2498::/48
Signature Algorithm: sha256WithRSAEncryption
49:5a:6c:28:4d:8a:05:f8:99:69:ad:4a:06:2f:13:40:9e:c9:
da:c7:30:29:b9:84:43:8a:ee:51:4d:5e:48:3d:45:c4:82:f3:
f1:83:19:8c:0e:30:ad:e5:b6:ed:68:75:0e:47:33:01:b5:62:
92:15:c2:f3:4e:39:d5:5f:2b:b4:21:3e:62:79:d1:f5:d5:e8:
30:9f:06:da:0c:ce:90:ca:ec:ad:64:26:6e:2e:9f:7c:eb:74:
ab:a1:26:b9:21:41:16:ce:4d:5d:eb:32:6c:99:9b:84:2a:d5:
30:cc:dd:5d:a8:f7:d8:f8:02:10:bc:74:64:5b:9c:d6:63:f6:
76:e3:7c:72:bb:3c:0b:1e:6a:b2:35:37:3d:98:52:3a:4a:e3:
54:b2:a1:d6:df:0e:5d:a9:a3:21:07:98:d4:ac:ef:41:48:5b:
2d:c3:21:1f:82:a0:a1:66:e7:3e:d5:fc:e2:d2:d7:df:49:1d:
20:4f:49:42:30:20:47:5a:25:08:d0:f5:c3:43:06:c4:18:58:
f8:fd:b9:df:6e:1c:fc:18:12:3b:8f:2a:b4:93:8d:c8:0b:48:
ce:5f:c9:71:a6:c5:b5:5d:bc:dd:94:cb:3d:56:f5:fd:59:73:
e0:af:f3:ba:06:d2:58:35:84:6a:11:f1:ea:48:88:13:82:2c:
67:8f:71:0d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQmasRmTGahaOcCgylhsDq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjUwMTAyMDk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdjZGMwMzAwMjlmY2QzZDQ0Y2E5YWEzYTkxNjRlOWYzNmU5MGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwta/9uXX4cX4nvOOu/5LRb4GhRf6
8+u2dUFqm3UspmKug7HVnyukMefZACROegf4nsUP9151hbzZslz6iqIMpl7fIJjx
87WxaZ7Poux6h+OwAnz1OmAyfwwIgLr/rTAvvhiwreSScpUfHgIk+tNTYFvYkD+X
AHBe8PnZSERjYg+jzbn2uzL7Rwm0acczYeafNZePpcOQiwCFmYDZX6nTolFCSjHE
5OmqjjOVTqJsnsTNs1/QhaQeQUNq3QZERRVWsBcnR28rbXEHROhQJpF+n5j03j/t
2YCONXO8ngbc0FJVnV73EtvrAKAHqvnhezgLDenjGe3nrVq3WtJl9G2OFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOB83AMAKfzT1EypqjqRZOnzbpD/MB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvNEh6Y0F3QXBfTlBVVEttcU9wRms2Zk51a1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABbW/AwQA
uQHZMA8EAgACMAkDBwAgAQZ8JJgwDQYJKoZIhvcNAQELBQADggEBAElabChNigX4
mWmtSgYvE0CeydrHMCm5hEOK7lFNXkg9RcSC8/GDGYwOMK3ltu1odQ5HMwG1YpIV
wvNOOdVfK7QhPmJ50fXV6DCfBtoMzpDK7K1kJm4un3zrdKuhJrkhQRbOTV3rMmyZ
m4Qq1TDM3V2o99j4AhC8dGRbnNZj9nbjfHK7PAsearI1Nz2YUjpK41SyodbfDl2p
oyEHmNSs70FIWy3DIR+CoKFm5z7V/OLS199JHSBPSUIwIEdaJQjQ9cNDBsQYWPj9
ud9uHPwYEjuPKrSTjcgLSM5fyXGmxbVdvN2Uyz1W9f1Zc+Cv87oG0lg1hGoR8epI
iBOCLGePcQ0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:42 2025 by rpki-client