Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/mn5KuHEi9Dhpt7QOhKKsxg-UwhQ.roa
File: mn5KuHEi9Dhpt7QOhKKsxg-UwhQ.roa (raw, json)
Hash identifier: 2+wvFa0iofplhQgq3NEnWiX7CXX3rkSGR9Gkk73+MHE=
Subject key identifier: 9A:7E:4A:B8:71:22:F4:38:69:B7:B4:0E:84:A2:AC:C6:0F:94:C2:14
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0194206867552D8F84F9BD30F95618BACDBA
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/mn5KuHEi9Dhpt7QOhKKsxg-UwhQ.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:67:55:2d:8f:84:f9:bd:30:f9:56:18:ba:cd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a7e4ab87122f43869b7b40e84a2acc60f94c214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:a2:a8:e2:50:6c:9b:64:e2:e7:ed:6f:f7:
ee:67:46:b8:94:51:37:3a:41:66:ad:f4:bb:5f:ff:
e8:fd:86:5b:7f:3a:6c:d7:89:56:29:95:e9:66:df:
e8:f1:f9:36:2b:f6:33:e5:d4:f1:66:2b:91:1a:11:
7d:28:78:7e:9a:0e:cb:7a:ca:d2:0f:63:70:8b:40:
c7:34:06:4e:3c:1d:e6:5f:57:83:61:0a:74:3d:d4:
da:a6:b3:87:47:7e:e6:95:78:06:1d:1e:02:94:e8:
8a:52:4b:f5:b5:86:f6:e9:32:ee:7b:03:34:4c:5a:
f8:62:d2:7d:32:5d:51:01:96:d2:d0:07:f6:29:dd:
85:a3:5d:5a:17:9f:c9:27:29:1a:86:d3:c3:3c:d6:
27:ed:bd:17:28:f7:2d:57:dc:1b:4d:a1:26:d5:ae:
4f:c8:78:2a:a3:60:60:72:dd:77:be:7d:9e:e3:6d:
1c:2b:6b:68:c2:c3:44:db:89:0a:9d:a5:9e:2a:9e:
3f:fb:d4:b3:fe:d2:d2:3f:93:df:1d:50:f5:0b:6d:
d2:c6:15:e1:d9:3a:e7:61:d5:a8:b1:2d:8d:c0:76:
22:ab:bd:b3:0d:41:8a:25:de:44:58:3f:aa:e4:4f:
8b:48:97:c4:15:54:35:67:cd:21:96:86:5c:9c:a1:
a0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7E:4A:B8:71:22:F4:38:69:B7:B4:0E:84:A2:AC:C6:0F:94:C2:14
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/mn5KuHEi9Dhpt7QOhKKsxg-UwhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.85.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
29:0b:95:19:e8:86:86:57:6b:8e:3c:f3:62:3c:d3:dd:76:d7:
5b:a4:8c:6a:9f:d4:b1:12:e6:81:a1:e9:a0:ab:49:54:ef:9c:
40:5d:5f:c4:50:5a:2a:f3:73:53:5f:fc:99:15:b9:19:85:98:
96:c7:2f:b4:41:8d:1c:c6:4d:42:c4:7b:ff:88:41:84:24:f1:
28:5f:a1:70:0e:d6:ce:60:dd:8b:5f:cd:5c:1a:e9:43:67:9b:
87:df:f8:99:1e:bd:4e:56:82:62:88:16:f7:52:a6:69:19:96:
fc:45:7f:7d:7e:5d:02:23:4a:2f:82:b7:0e:30:ec:7b:99:f5:
7d:7c:d2:7b:e9:66:c1:44:ab:28:1b:20:b3:d4:a6:c4:ea:9c:
2c:70:54:7d:47:e6:31:ea:f9:47:b9:42:21:5f:c1:5c:d4:5a:
11:6d:d2:2f:9a:48:57:b2:ef:f6:2b:1a:ba:8e:7b:93:12:0f:
6d:1c:3f:54:ed:d7:31:b8:9b:da:c5:42:33:fd:6a:5c:9a:95:
38:0a:a5:06:57:25:09:ff:3f:f9:0c:27:e0:30:dc:a9:76:f3:
f2:1f:6b:43:fd:37:ca:f7:e1:eb:28:5d:14:61:31:24:05:da:
16:a4:32:6e:69:bc:dd:a2:f9:23:e0:84:d8:4f:2d:97:6f:ec:
ea:04:d8:bf
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQgaGdVLY+E+b0w+VYYus26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdlNGFiODcxMjJmNDM4NjliN2I0MGU4NGEyYWNjNjBmOTRjMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnqiqOJQbJtk4uftb/fuZ0a4lFE3
OkFmrfS7X//o/YZbfzps14lWKZXpZt/o8fk2K/Yz5dTxZiuRGhF9KHh+mg7LesrS
D2Nwi0DHNAZOPB3mX1eDYQp0PdTaprOHR37mlXgGHR4ClOiKUkv1tYb26TLuewM0
TFr4YtJ9Ml1RAZbS0Af2Kd2Fo11aF5/JJykahtPDPNYn7b0XKPctV9wbTaEm1a5P
yHgqo2Bgct13vn2e420cK2towsNE24kKnaWeKp4/+9Sz/tLSP5PfHVD1C23SxhXh
2TrnYdWosS2NwHYiq72zDUGKJd5EWD+q5E+LSJfEFVQ1Z80hloZcnKGglwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJp+SrhxIvQ4abe0DoSirMYPlMIUMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvbW41S3VIRWk5RGhwdDdRT2hLS3N4Zy1Vd2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADGJlUD
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBACkLlRnohoZXa44882I8091211ukjGqf
1LES5oGh6aCrSVTvnEBdX8RQWirzc1Nf/JkVuRmFmJbHL7RBjRzGTULEe/+IQYQk
8ShfoXAO1s5g3YtfzVwa6UNnm4ff+JkevU5WgmKIFvdSpmkZlvxFf31+XQIjSi+C
tw4w7HuZ9X180nvpZsFEqygbILPUpsTqnCxwVH1H5jHq+Ue5QiFfwVzUWhFt0i+a
SFey7/YrGrqOe5MSD20cP1Tt1zG4m9rFQjP9alyalTgKpQZXJQn/P/kMJ+Aw3Kl2
8/Ifa0P9N8r34esoXRRhMSQF2hakMm5pvN2i+SPghNhPLZdv7OoE2L8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:03:31 2025 by rpki-client