Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/rnKeBfFZAzXnoX483gBeMLhR_io.roa
File: rnKeBfFZAzXnoX483gBeMLhR_io.roa (raw, json)
Hash identifier: LUFMzUPA7FS+Ym9fkyARWucxcvNGMLSTDzKkrhnwUIU=
Subject key identifier: AE:72:9E:05:F1:59:03:35:E7:A1:7E:3C:DE:00:5E:30:B8:51:FE:2A
Certificate issuer: /CN=0bf275af698a207079d9b7d7fcf32815a3f6192d
Certificate serial: 01856D5CEC0366C6D2DC93959928ECCD43BF
Authority key identifier: 0B:F2:75:AF:69:8A:20:70:79:D9:B7:D7:FC:F3:28:15:A3:F6:19:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_J1r2mKIHB52bfX_PMoFaP2GS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/rnKeBfFZAzXnoX483gBeMLhR_io.roa
Signing time: Sun 01 Jan 2023 12:44:44 +0000
ROA not before: Sun 01 Jan 2023 12:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 5.1.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:ec:03:66:c6:d2:dc:93:95:99:28:ec:cd:43:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf275af698a207079d9b7d7fcf32815a3f6192d
Validity
Not Before: Jan 1 12:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae729e05f1590335e7a17e3cde005e30b851fe2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:52:93:f5:31:80:8c:d2:9d:7d:09:23:3d:
cc:af:50:2e:43:50:a9:74:1a:c0:14:95:53:03:cd:
29:c0:60:41:e6:38:eb:26:89:e6:a6:6a:7e:c2:6d:
8b:b7:1e:a8:7f:1a:7f:d1:bd:44:31:85:76:78:d2:
68:7b:15:1d:50:07:fe:aa:dc:3e:8d:79:ae:14:55:
1b:40:0a:e3:3d:45:c9:a4:f2:34:60:59:03:16:0e:
d6:81:2e:cb:a0:a5:ae:6c:00:f1:5f:8c:27:73:ef:
b1:f6:ea:3e:97:4d:8f:84:c7:ac:d3:44:62:94:5a:
cc:5f:0f:cc:45:81:33:f1:8c:90:c5:46:36:6d:23:
1d:7b:44:46:cb:c7:74:d6:a7:9b:e2:55:0f:12:9b:
20:53:d6:51:90:28:6c:f3:f4:d6:2d:b5:1f:26:64:
72:e8:d8:24:bf:ad:65:39:46:85:c3:83:1a:c3:af:
e6:32:21:15:f9:d5:50:9a:14:79:67:99:58:a8:72:
54:6b:15:28:42:1d:e8:7c:18:af:95:56:49:ca:d1:
d3:48:2d:5d:1c:ec:3e:1c:15:1f:b6:49:7e:68:f8:
dc:e1:27:12:85:3d:15:02:0f:d3:a9:12:f0:00:05:
48:dd:d9:c5:a7:67:9a:52:4d:55:8b:ba:19:3d:65:
4d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:72:9E:05:F1:59:03:35:E7:A1:7E:3C:DE:00:5E:30:B8:51:FE:2A
X509v3 Authority Key Identifier:
keyid:0B:F2:75:AF:69:8A:20:70:79:D9:B7:D7:FC:F3:28:15:A3:F6:19:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_J1r2mKIHB52bfX_PMoFaP2GS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/rnKeBfFZAzXnoX483gBeMLhR_io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8c0c82-1959-41aa-a827-06e864dfe253/1/C_J1r2mKIHB52bfX_PMoFaP2GS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
Signature Algorithm: sha256WithRSAEncryption
10:26:92:79:b4:ce:3e:83:9e:59:48:06:c4:6e:c9:2d:88:90:
53:7c:c5:23:4e:83:37:b6:29:00:ac:dc:77:80:67:c2:30:d4:
b4:aa:d5:7d:2d:0f:6e:2c:62:7b:26:9b:eb:9b:d6:01:87:87:
01:09:86:05:3f:b2:51:4e:00:6b:51:08:a3:0c:0f:64:cf:95:
fe:f0:f7:b3:6a:8d:98:ab:7b:d6:0f:6f:c6:fe:60:d8:9b:89:
f2:78:3f:df:a2:c7:17:56:7c:b4:97:6c:9e:27:32:c9:f7:b4:
45:d7:7f:5b:09:5f:6e:61:cb:50:19:dd:40:9e:62:2b:35:da:
af:a2:ad:fe:4b:10:6b:c4:21:c0:f5:4d:5b:a9:fb:6c:ef:4d:
17:ca:a6:4c:da:db:86:50:23:de:e1:8d:60:44:34:6e:99:0e:
54:6a:b6:bf:85:54:65:22:50:1b:d7:6a:5a:31:f6:89:17:c3:
cc:58:c8:f4:ce:a3:a2:fa:dd:4f:0a:6e:69:1c:49:85:25:58:
f2:3b:84:07:f8:c4:9d:9a:a3:46:a5:82:a9:03:06:f6:10:03:
7d:10:1c:46:c2:b4:49:cf:74:49:c2:c5:58:40:b2:b3:33:41:
1a:25:f3:ef:e3:a5:6d:8a:5f:78:0a:8d:96:3b:ee:51:43:de:
38:fe:4f:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXOwDZsbS3JOVmSjszUO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjI3NWFmNjk4YTIwNzA3OWQ5YjdkN2ZjZjMyODE1YTNm
NjE5MmQwHhcNMjMwMTAxMTI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTcyOWUwNWYxNTkwMzM1ZTdhMTdlM2NkZTAwNWUzMGI4NTFmZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn41Sk/UxgIzSnX0JIz3Mr1AuQ1Cp
dBrAFJVTA80pwGBB5jjrJonmpmp+wm2Ltx6ofxp/0b1EMYV2eNJoexUdUAf+qtw+
jXmuFFUbQArjPUXJpPI0YFkDFg7WgS7LoKWubADxX4wnc++x9uo+l02PhMes00Ri
lFrMXw/MRYEz8YyQxUY2bSMde0RGy8d01qeb4lUPEpsgU9ZRkChs8/TWLbUfJmRy
6Ngkv61lOUaFw4Maw6/mMiEV+dVQmhR5Z5lYqHJUaxUoQh3ofBivlVZJytHTSC1d
HOw+HBUftkl+aPjc4ScShT0VAg/TqRLwAAVI3dnFp2eaUk1Vi7oZPWVNCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5yngXxWQM156F+PN4AXjC4Uf4qMB8GA1UdIwQY
MBaAFAvyda9piiBwedm31/zzKBWj9hktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19KMXIybUtJSEI1MmJmWF9QTW9GYVAyR1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84YzBjODItMTk1OS00MWFhLWE4Mjct
MDZlODY0ZGZlMjUzLzEvcm5LZUJmRlpBelhub1g0ODNnQmVNTGhSX2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84YzBjODItMTk1OS00MWFhLWE4MjctMDZlODY0ZGZlMjUz
LzEvQ19KMXIybUtJSEI1MmJmWF9QTW9GYVAyR1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQEoMA0G
CSqGSIb3DQEBCwUAA4IBAQAQJpJ5tM4+g55ZSAbEbsktiJBTfMUjToM3tikArNx3
gGfCMNS0qtV9LQ9uLGJ7Jpvrm9YBh4cBCYYFP7JRTgBrUQijDA9kz5X+8Pezao2Y
q3vWD2/G/mDYm4nyeD/foscXVny0l2yeJzLJ97RF139bCV9uYctQGd1AnmIrNdqv
oq3+SxBrxCHA9U1bqfts700XyqZM2tuGUCPe4Y1gRDRumQ5Uara/hVRlIlAb12pa
MfaJF8PMWMj0zqOi+t1PCm5pHEmFJVjyO4QH+MSdmqNGpYKpAwb2EAN9EBxGwrRJ
z3RJwsVYQLKzM0EaJfPv46Vtil94Co2WO+5RQ944/k+6
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:26:13 2025 by rpki-client