Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/5kzmDTi0KIXTn8Ss2d36rIX1bZA.roa
File: 5kzmDTi0KIXTn8Ss2d36rIX1bZA.roa (raw, json)
Hash identifier: VgZeJy91lZpXmzMfyFbTui1JSN8xoQwBbcwBQ01/D0A=
Subject key identifier: E6:4C:E6:0D:38:B4:28:85:D3:9F:C4:AC:D9:DD:FA:AC:85:F5:6D:90
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 019425FDC90D3EFC926861F468654A6B5C16
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/5kzmDTi0KIXTn8Ss2d36rIX1bZA.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51487
IP address blocks: 185.160.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c9:0d:3e:fc:92:68:61:f4:68:65:4a:6b:5c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e64ce60d38b42885d39fc4acd9ddfaac85f56d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d5:c3:75:e9:1a:4d:09:d8:37:57:e7:87:e6:
22:75:c4:a7:ae:23:6b:cb:95:2d:4d:d2:15:50:5f:
78:6f:a8:0f:ba:73:41:58:d4:50:92:fa:63:00:5b:
2b:c0:4a:55:cc:d5:b5:e4:a0:f3:74:15:ca:36:f7:
0b:8a:1a:ef:40:42:88:aa:3a:23:52:47:a5:62:4a:
46:a0:6f:15:d7:39:08:c6:7a:8e:6d:35:6d:96:db:
e8:4d:3c:82:68:dd:90:64:58:c8:27:d3:41:4e:71:
6b:4f:09:70:02:31:2c:bb:db:76:d9:5e:9a:f1:04:
15:39:29:50:04:84:7c:0e:1a:3c:7d:44:39:9f:af:
3c:90:cc:49:7d:ce:68:14:93:6c:24:5d:10:79:cf:
54:08:f8:e4:d0:fb:52:7a:a6:bc:ee:12:de:ed:d2:
67:b6:8f:31:8d:8a:b2:12:ac:38:d0:48:23:0f:73:
a3:3b:b6:92:d2:33:60:e3:e1:02:68:7c:c1:5a:8b:
c6:c0:f2:40:7c:04:aa:49:54:db:1e:5b:2f:ee:e1:
cd:88:46:25:bf:8b:0d:77:cb:5c:1e:d1:7f:ff:3a:
ef:c6:a1:3f:7f:d1:ed:32:95:91:b8:c0:ce:c3:5b:
cb:48:43:fd:f0:88:d5:08:04:9a:95:b4:53:ec:eb:
f2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4C:E6:0D:38:B4:28:85:D3:9F:C4:AC:D9:DD:FA:AC:85:F5:6D:90
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/5kzmDTi0KIXTn8Ss2d36rIX1bZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.154.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0a:a3:81:9a:88:b5:c7:b4:e0:93:0b:12:0f:c3:1c:77:c4:
be:fa:cb:11:b1:da:66:16:9a:6c:a2:b9:96:57:bd:82:4d:a8:
a7:06:2a:6a:14:f9:ba:b1:3e:6c:69:6f:a5:f5:16:10:e8:b8:
7a:7d:20:72:c9:4c:b2:59:6d:71:cb:d6:72:8f:5a:66:75:a9:
a8:84:11:79:c1:a1:bc:03:fd:b9:2c:e0:31:f7:fb:3a:58:a0:
f6:df:c8:47:1f:ff:33:8d:57:fe:4a:57:40:eb:05:50:10:43:
29:03:43:34:29:b3:64:2a:1f:fd:d6:38:1a:76:25:53:93:90:
8d:1e:97:88:6a:12:5a:9d:5d:e2:ee:18:65:1f:98:f6:6d:03:
c8:39:81:93:62:9c:c5:ed:76:36:de:d0:5d:df:61:2a:3a:a0:
97:14:3a:a3:38:00:fd:09:44:9a:dc:12:6c:67:3f:4a:80:93:
cf:1c:80:c4:0c:e0:3c:66:82:7d:09:95:c4:88:d1:47:8e:bb:
58:ad:c5:1c:ec:57:d7:f8:3b:ac:21:ba:f5:fe:58:6b:a4:5b:
16:81:ba:5c:35:97:16:e4:ed:b3:b9:e1:a4:3f:4a:30:9d:a2:
aa:a7:bf:98:2f:db:b6:d5:5c:5a:34:ee:1a:13:73:a0:6e:b4:
fe:de:2d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/ckNPvySaGH0aGVKa1wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRjZTYwZDM4YjQyODg1ZDM5ZmM0YWNkOWRkZmFhYzg1ZjU2ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9XDdekaTQnYN1fnh+YidcSnriNr
y5UtTdIVUF94b6gPunNBWNRQkvpjAFsrwEpVzNW15KDzdBXKNvcLihrvQEKIqjoj
UkelYkpGoG8V1zkIxnqObTVtltvoTTyCaN2QZFjIJ9NBTnFrTwlwAjEsu9t22V6a
8QQVOSlQBIR8Dho8fUQ5n688kMxJfc5oFJNsJF0Qec9UCPjk0PtSeqa87hLe7dJn
to8xjYqyEqw40EgjD3OjO7aS0jNg4+ECaHzBWovGwPJAfASqSVTbHlsv7uHNiEYl
v4sNd8tcHtF//zrvxqE/f9HtMpWRuMDOw1vLSEP98IjVCASalbRT7OvyYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZM5g04tCiF05/ErNnd+qyF9W2QMB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvNWt6bURUaTBLSVhUbjhTczJkMzZySVgxYlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaCaMA0G
CSqGSIb3DQEBCwUAA4IBAQBACqOBmoi1x7TgkwsSD8Mcd8S++ssRsdpmFppsormW
V72CTainBipqFPm6sT5saW+l9RYQ6Lh6fSByyUyyWW1xy9Zyj1pmdamohBF5waG8
A/25LOAx9/s6WKD238hHH/8zjVf+SldA6wVQEEMpA0M0KbNkKh/91jgadiVTk5CN
HpeIahJanV3i7hhlH5j2bQPIOYGTYpzF7XY23tBd32EqOqCXFDqjOAD9CUSa3BJs
Zz9KgJPPHIDEDOA8ZoJ9CZXEiNFHjrtYrcUc7FfX+DusIbr1/lhrpFsWgbpcNZcW
5O2zueGkP0ownaKqp7+YL9u21VxaNO4aE3OgbrT+3i0m
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:50 2025 by rpki-client