Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/R5EoUABcKiwLg06w_OxlkJfMqUk.roa
File: R5EoUABcKiwLg06w_OxlkJfMqUk.roa (raw, json)
Hash identifier: irt2J6S0P6bVoeLD1I6fHpK1oay2SiSe0bMOlV1dUxk=
Subject key identifier: 47:91:28:50:00:5C:2A:2C:0B:83:4E:B0:FC:EC:65:90:97:CC:A9:49
Certificate issuer: /CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Certificate serial: 019425FDACDF88567EFC7B5624C0087C22F5
Authority key identifier: 71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/R5EoUABcKiwLg06w_OxlkJfMqUk.roa
Signing time: Thu 02 Jan 2025 07:49:29 +0000
ROA not before: Thu 02 Jan 2025 07:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203511
IP address blocks: 84.54.13.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ac:df:88:56:7e:fc:7b:56:24:c0:08:7c:22:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Validity
Not Before: Jan 2 07:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47912850005c2a2c0b834eb0fcec659097cca949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a0:06:c9:43:d1:18:e9:93:73:e4:ee:b0:53:
1c:88:eb:54:21:ef:2d:b1:3f:23:6b:1e:44:d8:b1:
fe:b3:74:87:3b:11:93:88:2f:b8:14:89:07:07:da:
70:21:f4:85:c1:d9:98:58:71:09:a0:45:8a:18:46:
f6:44:0f:20:25:c1:8f:17:0d:51:89:3e:39:21:62:
34:5a:da:de:5c:a8:b7:6d:c9:3b:fb:4f:d2:c7:3c:
ce:c9:c0:9d:ca:51:31:2e:83:6b:a6:55:d6:e7:32:
22:01:51:bc:fc:6c:26:a5:7f:bf:4e:d1:bb:a5:a0:
26:76:3a:78:78:75:63:4f:b3:27:03:98:e3:a7:d8:
07:80:42:b1:31:77:e9:11:a9:4f:1d:b3:7f:1d:75:
95:63:6e:ec:4d:81:92:33:43:86:be:62:81:4f:53:
74:f1:ba:f8:00:3d:d7:b5:6f:fe:ed:e2:89:00:06:
e2:14:2c:0b:04:bc:7f:c2:49:3a:37:01:e2:67:8b:
5b:86:4e:7a:f0:e8:0a:94:e8:6c:8c:88:2d:17:6a:
ef:77:af:1a:8c:fd:65:8e:ed:ed:f2:53:6a:cf:d9:
a3:81:dc:24:03:15:10:4d:6b:14:37:07:05:82:5c:
66:84:bf:e3:fc:6a:58:c9:d9:5a:f6:b0:eb:fb:71:
5d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:91:28:50:00:5C:2A:2C:0B:83:4E:B0:FC:EC:65:90:97:CC:A9:49
X509v3 Authority Key Identifier:
keyid:71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/R5EoUABcKiwLg06w_OxlkJfMqUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
89:59:1e:99:54:60:0d:0d:f9:1f:a3:31:fb:94:b5:57:a1:c3:
00:a3:d5:e4:2a:b8:5a:9c:b9:62:5a:e5:3b:38:bf:e8:22:76:
e3:ee:ea:98:44:de:af:3e:86:bf:41:38:e7:49:a6:6f:ff:b2:
40:4a:c5:bc:17:81:52:b3:12:7e:2e:2c:87:11:db:51:1f:42:
64:53:dc:08:57:a7:af:11:4a:35:1d:28:93:46:84:18:99:bd:
ac:f3:58:ef:d2:f4:61:90:dc:cd:c7:f9:11:16:80:62:7b:eb:
95:3c:f5:e1:a5:8f:95:02:fa:b8:a6:13:45:72:99:cd:26:4e:
17:1c:94:00:f6:e4:97:06:b7:1a:ca:17:af:0b:93:57:f3:4f:
95:1c:90:0c:d6:36:4b:9e:56:25:39:d6:e3:f9:3e:51:c9:a2:
6c:6a:0f:0a:24:b1:8e:98:d7:cf:07:94:72:c1:c6:88:c4:90:
b3:7a:f3:b7:b7:ed:75:14:c4:f0:66:05:73:41:36:10:d0:32:
97:8e:f0:8d:a6:45:17:f8:d5:e3:6f:c9:1e:67:0a:a7:5f:54:
7f:ca:88:44:f1:b7:0e:bf:c3:e1:13:f7:a9:17:88:d6:ba:16:
6c:04:80:74:ea:19:a5:5b:d6:2f:18:f4:d5:bc:ef:c2:02:16:
dc:fc:c7:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/azfiFZ+/HtWJMAIfCL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTI3MzliMjBjMjU5YzVkMWIzODhkMTQ1M2Y2ZjE3OTlm
MjhmNmMwHhcNMjUwMTAyMDc0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzkxMjg1MDAwNWMyYTJjMGI4MzRlYjBmY2VjNjU5MDk3Y2NhOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aAGyUPRGOmTc+TusFMciOtUIe8t
sT8jax5E2LH+s3SHOxGTiC+4FIkHB9pwIfSFwdmYWHEJoEWKGEb2RA8gJcGPFw1R
iT45IWI0WtreXKi3bck7+0/SxzzOycCdylExLoNrplXW5zIiAVG8/GwmpX+/TtG7
paAmdjp4eHVjT7MnA5jjp9gHgEKxMXfpEalPHbN/HXWVY27sTYGSM0OGvmKBT1N0
8br4AD3XtW/+7eKJAAbiFCwLBLx/wkk6NwHiZ4tbhk568OgKlOhsjIgtF2rvd68a
jP1lju3t8lNqz9mjgdwkAxUQTWsUNwcFglxmhL/j/GpYydla9rDr+3FdnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEeRKFAAXCosC4NOsPzsZZCXzKlJMB8GA1UdIwQY
MBaAFHGic5sgwlnF0bOI0UU/bxeZ8o9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODIt
YTM4NTU1MDVlYTJlLzEvUjVFb1VBQmNLaXdMZzA2d19PeGxrSmZNcVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODItYTM4NTU1MDVlYTJl
LzEvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQCJWR6ZVGANDfkfozH7
lLVXocMAo9XkKrhanLliWuU7OL/oInbj7uqYRN6vPoa/QTjnSaZv/7JASsW8F4FS
sxJ+LiyHEdtRH0JkU9wIV6evEUo1HSiTRoQYmb2s81jv0vRhkNzNx/kRFoBie+uV
PPXhpY+VAvq4phNFcpnNJk4XHJQA9uSXBrcayhevC5NX80+VHJAM1jZLnlYlOdbj
+T5RyaJsag8KJLGOmNfPB5RywcaIxJCzevO3t+11FMTwZgVzQTYQ0DKXjvCNpkUX
+NXjb8keZwqnX1R/yohE8bcOv8PhE/epF4jWuhZsBIB06hmlW9YvGPTVvO/CAhbc
/Mdb
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:58:16 2025 by rpki-client