Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/dwkhaAERSm6uhMOz5nNpmKDQ82E.roa
File: dwkhaAERSm6uhMOz5nNpmKDQ82E.roa (raw, json)
Hash identifier: LJZ+/v8dXlJSBiFG/37Ys6az1iYi7KSm0TcOpKjllW4=
Subject key identifier: 77:09:21:68:01:11:4A:6E:AE:84:C3:B3:E6:73:69:98:A0:D0:F3:61
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0194228DE291F9AC33DD34349FFE6D688D32
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/dwkhaAERSm6uhMOz5nNpmKDQ82E.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60222
IP address blocks: 5.255.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e2:91:f9:ac:33:dd:34:34:9f:fe:6d:68:8d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7709216801114a6eae84c3b3e6736998a0d0f361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:70:ea:d9:fb:f6:e2:08:fc:2b:32:8f:89:
19:67:36:02:3f:01:cf:fd:94:08:e9:6a:35:5b:d8:
fc:5c:9d:22:bc:d7:7e:5b:d4:db:80:be:07:86:c4:
be:a9:3e:37:75:d9:d5:22:5e:78:f7:03:13:47:a1:
1c:53:e8:57:a5:a6:e3:30:1e:38:1a:0b:25:05:c6:
0c:87:43:4b:28:32:e0:5a:b0:50:85:c9:51:87:0d:
ed:23:4c:21:53:54:3d:a6:f4:7b:24:8e:a1:37:95:
27:91:0b:a8:70:3e:1f:2d:a6:a1:09:a2:fb:8b:01:
9f:53:66:db:5e:41:61:b1:91:6f:88:96:80:79:c0:
65:b6:8c:53:3c:13:a4:7b:d9:ce:77:61:ba:bf:b8:
41:d2:49:fd:0c:92:ca:4e:aa:6d:ba:bb:81:61:ee:
02:11:19:ec:23:34:7c:c3:05:5b:79:24:79:97:90:
fc:ae:e1:a2:6d:72:0d:0b:a2:f2:8c:b7:40:e1:a9:
89:a0:62:cb:2f:b8:aa:b6:6e:21:d2:86:65:e4:42:
a7:36:29:1a:23:d8:e5:5a:3b:d3:c4:dd:46:d6:cd:
86:f8:4a:be:94:ed:08:c5:e2:07:88:18:a1:fc:e5:
f7:10:5f:f9:30:4d:25:70:4d:01:05:c6:1a:19:0e:
e6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:09:21:68:01:11:4A:6E:AE:84:C3:B3:E6:73:69:98:A0:D0:F3:61
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/dwkhaAERSm6uhMOz5nNpmKDQ82E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.76.0/24
Signature Algorithm: sha256WithRSAEncryption
15:28:35:ed:34:73:a3:6e:80:57:37:5a:dd:7a:59:a2:49:c4:
5b:ff:be:94:4f:d5:45:1a:a0:ef:0a:70:3e:92:cb:c7:67:46:
80:e3:58:fa:dd:30:6a:3a:84:e7:5c:66:e3:4f:8f:04:73:f6:
69:66:ca:3d:fa:9c:ff:bc:81:58:b5:ba:6d:a0:f4:10:9b:62:
3c:da:86:2d:40:54:ee:1b:f6:64:52:42:1a:95:a9:1e:05:ac:
ba:e5:f9:11:54:19:f0:26:78:94:ea:2a:ce:fe:f2:0b:29:42:
27:5f:84:25:77:04:0e:45:73:e7:39:f3:6e:c4:f1:e2:f6:2f:
9c:7f:50:18:6a:50:9b:27:41:ea:ce:13:b1:52:00:bb:ff:16:
ce:d0:a9:0d:e5:47:bb:7b:88:3f:7a:a4:a6:ed:7f:d4:92:9a:
09:4b:31:83:58:b7:40:79:c5:85:55:c1:f8:3a:39:64:24:ed:
fa:e4:51:b9:a1:01:b4:47:d0:ea:eb:b3:31:bb:37:2c:a7:cb:
7d:cf:3a:ad:4e:aa:59:05:49:18:10:00:b2:2b:22:f7:26:c2:
dd:58:cf:ad:bc:ac:ac:f3:4c:d7:23:8a:3e:63:30:a7:22:56:
03:34:5e:0c:c2:05:8f:47:3b:57:af:59:0d:c2:51:f2:88:b3:
17:cf:22:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijeKR+awz3TQ0n/5taI0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA5MjE2ODAxMTE0YTZlYWU4NGMzYjNlNjczNjk5OGEwZDBmMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQpw6tn79uII/Csyj4kZZzYCPwHP
/ZQI6Wo1W9j8XJ0ivNd+W9TbgL4HhsS+qT43ddnVIl549wMTR6EcU+hXpabjMB44
GgslBcYMh0NLKDLgWrBQhclRhw3tI0whU1Q9pvR7JI6hN5UnkQuocD4fLaahCaL7
iwGfU2bbXkFhsZFviJaAecBltoxTPBOke9nOd2G6v7hB0kn9DJLKTqpturuBYe4C
ERnsIzR8wwVbeSR5l5D8ruGibXINC6LyjLdA4amJoGLLL7iqtm4h0oZl5EKnNika
I9jlWjvTxN1G1s2G+Eq+lO0IxeIHiBih/OX3EF/5ME0lcE0BBcYaGQ7mEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcJIWgBEUpuroTDs+ZzaZig0PNhMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvZHdraGFBRVJTbTZ1aE1PejVuTnBtS0RRODJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf9MMA0G
CSqGSIb3DQEBCwUAA4IBAQAVKDXtNHOjboBXN1rdelmiScRb/76UT9VFGqDvCnA+
ksvHZ0aA41j63TBqOoTnXGbjT48Ec/ZpZso9+pz/vIFYtbptoPQQm2I82oYtQFTu
G/ZkUkIalakeBay65fkRVBnwJniU6irO/vILKUInX4QldwQORXPnOfNuxPHi9i+c
f1AYalCbJ0HqzhOxUgC7/xbO0KkN5Ue7e4g/eqSm7X/UkpoJSzGDWLdAecWFVcH4
OjlkJO365FG5oQG0R9Dq67Mxuzcsp8t9zzqtTqpZBUkYEACyKyL3JsLdWM+tvKys
80zXI4o+YzCnIlYDNF4MwgWPRztXr1kNwlHyiLMXzyKX
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:51:13 2025 by rpki-client