Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PdbIo6IOdtQQWWAAH58OSkbx7l0.roa
File: PdbIo6IOdtQQWWAAH58OSkbx7l0.roa (raw, json)
Hash identifier: fXOoxHqhqA887Aos0PDBXvnGhtwcwpS15Zzfp0YQRjI=
Subject key identifier: 3D:D6:C8:A3:A2:0E:76:D4:10:59:60:00:1F:9F:0E:4A:46:F1:EE:5D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0193E334BB2D437A032215005627BCD78BA2
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PdbIo6IOdtQQWWAAH58OSkbx7l0.roa
Signing time: Fri 20 Dec 2024 08:35:03 +0000
ROA not before: Fri 20 Dec 2024 08:35:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211407
IP address blocks: 5.180.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:34:bb:2d:43:7a:03:22:15:00:56:27:bc:d7:8b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 20 08:35:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dd6c8a3a20e76d4105960001f9f0e4a46f1ee5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2d:8d:76:5c:c9:9f:26:02:ac:03:79:1e:42:
bf:d6:8f:1e:0e:a5:93:93:91:f4:7f:6a:83:06:79:
41:09:96:fe:d0:b0:19:53:9c:3c:75:50:42:44:fe:
ce:69:63:14:a5:5f:af:cf:db:cf:ed:08:d1:17:f4:
bb:eb:c9:1e:34:88:c4:fe:7b:a1:17:ab:0f:04:5d:
dc:be:60:ae:8f:17:73:47:0d:5f:2a:3d:e3:76:da:
91:1a:bc:09:0c:95:19:ba:74:eb:ff:2e:69:dd:4c:
d9:70:2b:6e:99:a3:4d:ba:14:6a:25:fc:98:61:71:
64:e9:75:53:1b:f8:f1:68:60:32:4b:dd:c8:f4:34:
23:bf:fe:cc:4d:98:14:34:6e:09:0a:a3:7d:2d:8b:
ac:3a:1a:cc:b9:dc:4b:de:8d:b9:b9:8c:0a:76:2a:
45:77:9e:51:8b:16:2c:a6:7b:be:a6:6e:14:eb:a9:
d1:f2:eb:88:3d:78:dc:bb:a7:1b:30:be:ad:37:ed:
b2:aa:7d:f7:30:98:1b:83:f2:48:c8:72:d9:cc:de:
22:b9:d0:0b:0b:8b:a4:9b:4f:1e:e9:ea:9c:fe:bc:
33:d5:a0:39:24:9b:3e:60:8f:f0:8d:c4:23:2e:11:
cf:2f:36:c7:82:d5:52:3c:dc:a1:70:37:1a:1c:06:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D6:C8:A3:A2:0E:76:D4:10:59:60:00:1F:9F:0E:4A:46:F1:EE:5D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PdbIo6IOdtQQWWAAH58OSkbx7l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.33.0/24
Signature Algorithm: sha256WithRSAEncryption
84:3d:22:7e:3e:fa:6e:84:58:a6:72:d6:8d:1f:95:fd:27:a1:
5f:df:3e:fb:64:99:11:7f:f3:21:65:65:57:05:77:90:98:f7:
01:49:0f:bb:3d:41:c9:4c:49:80:20:26:7d:77:c1:06:be:02:
ba:ca:e6:54:76:ae:9d:2b:f2:0f:26:46:58:0d:a4:a1:30:e0:
56:78:58:0a:7b:bb:11:4f:7d:09:a8:d5:29:da:5d:c8:b2:e8:
d7:d3:94:0b:fe:98:37:61:fb:68:35:58:61:17:90:9c:69:a7:
0c:80:59:2e:b4:e2:dd:af:1a:25:2d:a0:9a:c1:96:5f:0a:ed:
8d:d9:27:15:1c:75:6c:b1:24:d5:28:7f:be:60:1e:5c:89:8c:
b5:64:95:90:6e:6d:da:b5:f7:e6:4e:ca:3a:6c:6d:94:ca:16:
13:c6:80:d9:81:72:e9:6e:1e:ac:69:e7:ff:ca:b3:c5:83:78:
72:6f:ee:1b:5a:8d:9b:2e:d2:23:e9:54:93:f2:ec:cd:70:2f:
ba:c9:12:fd:2f:bf:66:96:98:8f:10:50:bd:72:54:f5:cc:bb:
32:4b:06:1a:84:04:e0:55:8a:37:68:87:50:4b:7d:53:aa:eb:
c2:4c:88:ba:74:e4:85:cb:d2:53:75:64:88:6b:c9:c7:4c:a6:
ae:93:40:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPjNLstQ3oDIhUAVie814uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMjIwMDgzNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQ2YzhhM2EyMGU3NmQ0MTA1OTYwMDAxZjlmMGU0YTQ2ZjFlZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y2NdlzJnyYCrAN5HkK/1o8eDqWT
k5H0f2qDBnlBCZb+0LAZU5w8dVBCRP7OaWMUpV+vz9vP7QjRF/S768keNIjE/nuh
F6sPBF3cvmCujxdzRw1fKj3jdtqRGrwJDJUZunTr/y5p3UzZcCtumaNNuhRqJfyY
YXFk6XVTG/jxaGAyS93I9DQjv/7MTZgUNG4JCqN9LYusOhrMudxL3o25uYwKdipF
d55RixYspnu+pm4U66nR8uuIPXjcu6cbML6tN+2yqn33MJgbg/JIyHLZzN4iudAL
C4ukm08e6eqc/rwz1aA5JJs+YI/wjcQjLhHPLzbHgtVSPNyhcDcaHAZpxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3WyKOiDnbUEFlgAB+fDkpG8e5dMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUGRiSW82SU9kdFFRV1dBQUg1OE9Ta2J4N2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQhMA0G
CSqGSIb3DQEBCwUAA4IBAQCEPSJ+PvpuhFimctaNH5X9J6Ff3z77ZJkRf/MhZWVX
BXeQmPcBSQ+7PUHJTEmAICZ9d8EGvgK6yuZUdq6dK/IPJkZYDaShMOBWeFgKe7sR
T30JqNUp2l3IsujX05QL/pg3YftoNVhhF5CcaacMgFkutOLdrxolLaCawZZfCu2N
2ScVHHVssSTVKH++YB5ciYy1ZJWQbm3atffmTso6bG2UyhYTxoDZgXLpbh6saef/
yrPFg3hyb+4bWo2bLtIj6VST8uzNcC+6yRL9L79mlpiPEFC9clT1zLsySwYahATg
VYo3aIdQS31TquvCTIi6dOSFy9JTdWSIa8nHTKauk0Dz
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:15 2025 by rpki-client