Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/r3Xst4DXLn2BVqA4d6KiBUlzars.roa
File: r3Xst4DXLn2BVqA4d6KiBUlzars.roa (raw, json)
Hash identifier: 5N4LaviPPwnzqqoSpq0GEfNdAfb/41iSxJXydzYjDxs=
Subject key identifier: AF:75:EC:B7:80:D7:2E:7D:81:56:A0:38:77:A2:A2:05:49:73:6A:BB
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 0D907AF5
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/r3Xst4DXLn2BVqA4d6KiBUlzars.roa
Signing time: Sat 01 Jan 2022 15:01:09 +0000
ROA not before: Sat 01 Jan 2022 15:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211670
IP address blocks: 5.190.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227572469 (0xd907af5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 15:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af75ecb780d72e7d8156a03877a2a20549736abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:c7:d7:97:45:f1:03:1d:a5:60:b0:6e:49:
0c:5e:f2:80:fb:74:ca:84:88:9e:14:67:16:c7:2e:
69:03:ad:04:d1:03:e9:d8:32:98:f9:c1:ac:78:75:
02:d5:c8:42:fd:f9:4b:b8:8f:86:da:79:79:3e:f1:
a9:6c:8d:84:50:ca:ea:50:2f:b4:b5:e4:17:f5:80:
5e:b0:2c:b2:1b:5a:a4:71:5f:a8:70:d7:df:80:ee:
cc:e5:fb:5a:04:4f:44:4e:8b:16:db:4f:ed:2b:31:
e8:7f:79:3c:cf:8f:f9:9e:4d:30:4c:38:d5:85:8f:
03:44:2e:da:71:0c:de:88:f5:0f:39:d4:04:f5:af:
f1:b3:8b:53:42:cb:08:0e:88:69:a3:2b:94:01:d6:
a5:af:09:46:18:b7:f8:0c:18:ef:e4:8b:b5:9f:f5:
9b:b0:4f:94:7b:9a:52:43:f5:b9:ff:6e:cf:94:b4:
63:53:be:4a:b6:ba:e8:5d:93:01:8f:96:da:60:c1:
46:ff:2a:be:d2:70:d7:52:a9:95:d5:41:97:a7:d3:
67:2e:0a:8c:1f:66:bb:a7:4a:20:d6:53:34:d5:db:
49:76:fb:16:75:93:17:90:d0:af:f7:ea:69:86:99:
03:02:0b:d7:fb:4e:54:b4:e7:a3:32:5d:56:b6:36:
c4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:75:EC:B7:80:D7:2E:7D:81:56:A0:38:77:A2:A2:05:49:73:6A:BB
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/r3Xst4DXLn2BVqA4d6KiBUlzars.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.190.211.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e3:38:b4:2f:76:22:dc:d8:fd:2c:87:2f:8b:dc:cc:70:b9:
b5:39:55:d5:82:58:28:52:a5:65:6a:70:c1:c4:49:59:0e:b7:
b7:b8:96:2d:00:eb:e0:5e:96:f0:ba:88:2b:92:f7:17:59:fc:
04:91:83:9c:57:35:57:52:6f:98:0f:14:f5:8a:62:a3:63:dc:
c8:71:c0:3a:e8:72:d1:f0:e6:fe:55:1f:09:fd:3b:f1:bf:d6:
e2:27:a9:b9:bc:8f:f0:a7:7e:6e:e6:bc:3d:6f:2f:db:0b:be:
14:9b:46:96:bc:e7:ad:04:a8:d6:19:0b:b9:6d:8b:4c:1e:f7:
0c:a8:18:68:cf:31:56:01:cc:50:ce:1c:a9:bf:15:23:ce:a0:
c7:d3:b3:ff:7e:a3:4b:81:84:48:dd:f7:62:66:e9:91:52:fa:
62:cb:2d:7b:86:ef:f3:65:df:cf:43:38:96:fd:7c:ae:e6:66:
b9:67:19:d6:a9:58:d8:cc:f7:a9:49:7e:52:c3:bf:20:18:3f:
43:35:e1:21:f2:9b:64:ea:bd:03:b4:34:35:87:80:ea:5c:00:
01:81:99:30:ad:1c:ce:0e:2e:3c:16:04:ec:8a:ce:e6:8b:7d:
e6:d5:de:c9:dc:23:3b:b9:0a:4a:d0:2e:ae:3c:24:df:a6:5e:
03:a9:e8:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDZB69TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjMwMzBhNGI2N2Y5NWMyZmVkOTAyZDU2NjU3ZmFhMjQ5NGI1MTI5MB4XDTIyMDEw
MTE1MDEwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY3NWVjYjc4MGQ3
MmU3ZDgxNTZhMDM4NzdhMmEyMDU0OTczNmFiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+xx9eXRfEDHaVgsG5JDF7ygPt0yoSInhRnFscuaQOtBNED
6dgymPnBrHh1AtXIQv35S7iPhtp5eT7xqWyNhFDK6lAvtLXkF/WAXrAsshtapHFf
qHDX34DuzOX7WgRPRE6LFttP7Ssx6H95PM+P+Z5NMEw41YWPA0Qu2nEM3oj1DznU
BPWv8bOLU0LLCA6IaaMrlAHWpa8JRhi3+AwY7+SLtZ/1m7BPlHuaUkP1uf9uz5S0
Y1O+Sra66F2TAY+W2mDBRv8qvtJw11KpldVBl6fTZy4KjB9mu6dKINZTNNXbSXb7
FnWTF5DQr/fqaYaZAwIL1/tOVLTnozJdVrY2xDsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvdey3gNcufYFWoDh3oqIFSXNquzAfBgNVHSMEGDAWgBRvMDCktn+Vwv7Z
AtVmV/qiSUtRKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J6QXdwTFpfbGNMLTJRTFZabGY2b2tsTFVTay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvMmI5OWEzLWRkNWYtNGZmZS04MmVmLWJmM2IyMWEyNzBmMi8x
L3IzWHN0NERYTG4yQlZxQTRkNktpQlVsemFycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
MmI5OWEzLWRkNWYtNGZmZS04MmVmLWJmM2IyMWEyNzBmMi8xL2J6QXdwTFpfbGNM
LTJRTFZabGY2b2tsTFVTay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW+0zANBgkqhkiG9w0BAQsFAAOC
AQEASeM4tC92ItzY/SyHL4vczHC5tTlV1YJYKFKlZWpwwcRJWQ63t7iWLQDr4F6W
8LqIK5L3F1n8BJGDnFc1V1JvmA8U9Ypio2PcyHHAOuhy0fDm/lUfCf078b/W4iep
ubyP8Kd+bua8PW8v2wu+FJtGlrznrQSo1hkLuW2LTB73DKgYaM8xVgHMUM4cqb8V
I86gx9Oz/36jS4GESN33YmbpkVL6Ysste4bv82Xfz0M4lv18ruZmuWcZ1qlY2Mz3
qUl+UsO/IBg/QzXhIfKbZOq9A7Q0NYeA6lwAAYGZMK0czg4uPBYE7IrO5ot95tXe
ydwjO7kKStAurjwk36ZeA6nojQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:47:43 2025 by rpki-client