Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/pkGGNBdhq4ZpQRqIZMsggNSolf0.roa
File: pkGGNBdhq4ZpQRqIZMsggNSolf0.roa (raw, json)
Hash identifier: y34zQyNQE6Dt9rgo+TKZCABmiXucQM6cXI6cZVCrI5E=
Subject key identifier: A6:41:86:34:17:61:AB:86:69:41:1A:88:64:CB:20:80:D4:A8:95:FD
Certificate issuer: /CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Certificate serial: 019426D9A9802ED8D74EFC1836D137B3FD18
Authority key identifier: D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/pkGGNBdhq4ZpQRqIZMsggNSolf0.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60358
IP address blocks: 5.44.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a9:80:2e:d8:d7:4e:fc:18:36:d1:37:b3:fd:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dc35ebcd88dd0e2a8db3a5a08654bc3be0262
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a64186341761ab8669411a8864cb2080d4a895fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ad:6f:d6:45:ff:a4:b9:da:d2:3f:1b:a9:1f:
33:ec:6f:1d:cc:6e:71:13:98:27:f7:3f:2d:51:43:
f0:dd:37:3a:d8:7e:a6:54:1d:cb:d9:a2:8e:b8:23:
78:82:a4:b3:e5:30:82:42:a7:a9:96:07:db:5f:ff:
bf:d5:2e:ff:6e:f1:e9:61:eb:fd:ba:06:f8:38:7d:
eb:42:f3:00:ac:16:c4:c3:f0:fa:ca:b7:73:77:73:
93:56:62:d2:cb:81:fc:87:df:fb:47:61:19:1e:db:
40:fa:d7:81:24:1d:b6:97:27:b9:72:c9:74:d1:d8:
70:3f:fe:ac:0e:5d:b5:5b:54:78:ea:be:8c:df:3b:
3c:95:ae:80:b0:a4:94:65:c7:ff:c7:54:7f:33:5c:
8d:15:76:dd:6d:f4:9b:02:6c:50:65:d7:b7:1d:d6:
54:46:5c:9f:67:ac:0f:0f:16:99:31:f6:17:ce:df:
1b:68:22:58:59:72:cf:33:87:b4:3c:fb:7e:8d:dc:
37:c6:4e:5c:73:6d:63:a4:4b:87:33:30:46:ee:c7:
62:ae:55:38:73:41:2d:7b:aa:21:4a:51:50:cc:a1:
ef:33:57:a2:05:a2:4d:00:1b:50:f8:79:cf:40:29:
71:ba:4a:d0:46:1f:65:93:5f:ce:74:3d:ce:4e:ba:
f1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:41:86:34:17:61:AB:86:69:41:1A:88:64:CB:20:80:D4:A8:95:FD
X509v3 Authority Key Identifier:
keyid:D0:7D:C3:5E:BC:D8:8D:D0:E2:A8:DB:3A:5A:08:65:4B:C3:BE:02:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3DXrzYjdDiqNs6WghlS8O-AmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/pkGGNBdhq4ZpQRqIZMsggNSolf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/1c718d-e7a0-40ac-a181-cbaa42a62727/1/0H3DXrzYjdDiqNs6WghlS8O-AmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.79.0/24
Signature Algorithm: sha256WithRSAEncryption
26:83:32:38:ea:93:8b:51:a4:ff:64:49:3e:d0:d0:b5:ad:fb:
73:88:b3:d2:bf:e4:d5:84:58:eb:17:f5:28:a8:f5:05:14:c2:
6d:bb:43:8f:8d:84:f2:58:c7:d7:15:81:8f:5f:31:0f:56:8d:
fb:fd:d2:44:eb:21:53:ac:00:9a:ac:a1:8a:d5:1c:04:1e:68:
61:a7:da:43:de:f8:87:ae:54:9a:37:f7:b8:33:b1:fa:0a:a6:
fb:3c:23:8a:62:c0:8b:19:d9:5e:7c:04:4f:06:e0:58:32:b0:
9f:d3:e4:9f:32:e5:c1:d4:26:5b:8a:19:d0:3a:20:fe:d4:40:
22:56:14:8c:d0:fa:af:b1:a0:3f:51:0b:22:fc:47:fb:b9:84:
b5:30:c7:05:9b:48:2d:07:67:38:13:8d:f3:01:58:e2:c6:07:
66:8b:58:8a:d4:cd:c5:b4:5d:5e:b6:92:50:07:fb:cc:af:69:
12:27:30:8b:29:8a:ff:52:52:7a:4e:6d:f9:a4:0a:fe:f4:2c:
3a:f6:d0:4e:91:af:b1:1f:4f:08:0f:fd:4d:eb:e2:04:58:7f:
dc:c7:49:a1:76:34:d4:80:28:97:45:4e:23:18:49:ca:f9:63:
28:f2:22:ae:20:67:24:13:3c:2c:7b:d0:d8:49:1a:fb:b2:67:
67:20:1b:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2amALtjXTvwYNtE3s/0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RjMzVlYmNkODhkZDBlMmE4ZGIzYTVhMDg2NTRiYzNi
ZTAyNjIwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQxODYzNDE3NjFhYjg2Njk0MTFhODg2NGNiMjA4MGQ0YTg5NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK1v1kX/pLna0j8bqR8z7G8dzG5x
E5gn9z8tUUPw3Tc62H6mVB3L2aKOuCN4gqSz5TCCQqeplgfbX/+/1S7/bvHpYev9
ugb4OH3rQvMArBbEw/D6yrdzd3OTVmLSy4H8h9/7R2EZHttA+teBJB22lye5csl0
0dhwP/6sDl21W1R46r6M3zs8la6AsKSUZcf/x1R/M1yNFXbdbfSbAmxQZde3HdZU
RlyfZ6wPDxaZMfYXzt8baCJYWXLPM4e0PPt+jdw3xk5cc21jpEuHMzBG7sdirlU4
c0Ete6ohSlFQzKHvM1eiBaJNABtQ+HnPQClxukrQRh9lk1/OdD3OTrrxmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZBhjQXYauGaUEaiGTLIIDUqJX9MB8GA1UdIwQY
MBaAFNB9w1682I3Q4qjbOloIZUvDvgJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEt
Y2JhYTQyYTYyNzI3LzEvcGtHR05CZGhxNFpwUVJxSVpNc2dnTlNvbGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xYzcxOGQtZTdhMC00MGFjLWExODEtY2JhYTQyYTYyNzI3
LzEvMEgzRFhyellqZERpcU5zNldnaGxTOE8tQW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSxPMA0G
CSqGSIb3DQEBCwUAA4IBAQAmgzI46pOLUaT/ZEk+0NC1rftziLPSv+TVhFjrF/Uo
qPUFFMJtu0OPjYTyWMfXFYGPXzEPVo37/dJE6yFTrACarKGK1RwEHmhhp9pD3viH
rlSaN/e4M7H6Cqb7PCOKYsCLGdlefARPBuBYMrCf0+SfMuXB1CZbihnQOiD+1EAi
VhSM0PqvsaA/UQsi/Ef7uYS1MMcFm0gtB2c4E43zAVjixgdmi1iK1M3FtF1etpJQ
B/vMr2kSJzCLKYr/UlJ6Tm35pAr+9Cw69tBOka+xH08ID/1N6+IEWH/cx0mhdjTU
gCiXRU4jGEnK+WMo8iKuIGckEzwse9DYSRr7smdnIBs9
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:11 2025 by rpki-client