Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qDj1_pmltlDqe6RgbYsAV0PrnPA.roa
File: qDj1_pmltlDqe6RgbYsAV0PrnPA.roa (raw, json)
Hash identifier: xUMBrPeNV87y908WgVU0zlSmX+a3CG4orfTh6gr0/5I=
Subject key identifier: A8:38:F5:FE:99:A5:B6:50:EA:7B:A4:60:6D:8B:00:57:43:EB:9C:F0
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018D18A08E0ED11DFE5221DC3B57A0F277FF
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qDj1_pmltlDqe6RgbYsAV0PrnPA.roa
Signing time: Wed 17 Jan 2024 18:13:11 +0000
ROA not before: Wed 17 Jan 2024 18:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.180.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:a0:8e:0e:d1:1d:fe:52:21:dc:3b:57:a0:f2:77:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 17 18:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a838f5fe99a5b650ea7ba4606d8b005743eb9cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a4:35:97:3e:0a:12:f2:3a:82:e0:7c:1f:c8:
7c:61:ae:05:5f:ce:fb:33:52:07:f9:d2:74:a0:48:
f0:5b:a4:16:c2:8d:e7:7a:e5:18:83:51:2a:df:c2:
ac:d4:cc:5c:4a:61:fe:1d:3b:11:6c:bf:91:8b:2d:
24:f6:a4:00:3a:34:4e:38:a9:b6:e2:8b:a4:10:7c:
1f:1a:21:98:fa:f1:53:79:c6:1b:a7:96:4e:09:99:
f6:8a:6a:41:30:d8:b7:07:6a:dc:60:c5:6b:12:95:
11:94:a1:69:1f:9c:ea:d5:72:41:16:7f:60:79:7e:
80:d2:61:f1:8e:39:fc:e8:2f:c9:89:e1:df:d0:39:
e5:5d:ed:c2:ed:0a:35:44:f4:a8:46:64:31:f5:f7:
11:4a:2a:92:3d:a8:84:5c:b2:7f:e0:1a:4e:f3:27:
c3:9b:56:a5:e3:be:a9:9e:ea:61:de:db:19:86:65:
c4:46:78:f7:c8:b8:25:b9:8f:af:12:bf:8f:0d:c1:
95:3c:5f:db:66:4f:1f:19:38:81:be:b9:e3:1e:56:
f1:53:dc:ed:eb:6b:2c:6e:28:79:e8:e9:83:6a:e2:
22:fe:31:33:9b:f7:03:09:9a:3d:03:d1:69:0d:cc:
7c:5b:58:81:b1:3a:83:ac:ed:05:7d:eb:c7:8b:0a:
88:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:38:F5:FE:99:A5:B6:50:EA:7B:A4:60:6D:8B:00:57:43:EB:9C:F0
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qDj1_pmltlDqe6RgbYsAV0PrnPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.34.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ac:34:90:2f:cb:97:30:97:f7:a4:3c:11:ec:c9:6f:dc:1c:
83:4c:5a:01:0b:ea:87:ad:d8:6a:9f:41:27:39:a8:d9:5c:47:
e6:a6:08:d5:78:50:3b:0f:ee:3e:44:f4:51:5d:8d:84:95:b3:
3f:a6:2b:7a:6e:f7:3e:f4:9b:22:dc:d3:a3:fa:e0:9e:86:f6:
9c:71:26:4f:95:7b:9e:c0:9e:78:90:93:5c:da:1e:56:9d:8d:
fd:fa:eb:31:34:23:16:14:32:cf:ef:5b:a3:21:ce:d3:40:df:
2e:df:d5:19:a1:a6:fc:68:00:fb:98:1a:30:ce:78:4b:32:f2:
cb:d7:ae:57:7e:a6:eb:80:09:e9:89:00:26:af:e9:41:77:04:
3a:05:d5:0a:f3:73:bd:95:51:52:16:4d:1a:07:ca:ef:dd:91:
f8:96:c7:86:d3:04:19:29:8e:3a:d8:bb:14:31:62:f8:35:32:
63:c7:b1:a4:5a:65:9f:d0:40:da:65:11:74:5f:e6:f5:98:f5:
0a:9a:d3:48:b2:06:ce:b6:0c:c2:8e:c7:85:db:2f:bd:4a:b9:
5f:5a:27:b9:df:e7:02:1c:19:4e:4b:ce:6d:44:8a:b8:f8:e3:
22:fd:50:62:f0:6b:d0:ff:13:67:07:a6:6e:e7:b9:5d:3d:de:
cc:5f:78:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0YoI4O0R3+UiHcO1eg8nf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTE3MTgxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM4ZjVmZTk5YTViNjUwZWE3YmE0NjA2ZDhiMDA1NzQzZWI5Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6Q1lz4KEvI6guB8H8h8Ya4FX877
M1IH+dJ0oEjwW6QWwo3neuUYg1Eq38Ks1MxcSmH+HTsRbL+Riy0k9qQAOjROOKm2
4oukEHwfGiGY+vFTecYbp5ZOCZn2impBMNi3B2rcYMVrEpURlKFpH5zq1XJBFn9g
eX6A0mHxjjn86C/JieHf0DnlXe3C7Qo1RPSoRmQx9fcRSiqSPaiEXLJ/4BpO8yfD
m1al476pnuph3tsZhmXERnj3yLgluY+vEr+PDcGVPF/bZk8fGTiBvrnjHlbxU9zt
62ssbih56OmDauIi/jEzm/cDCZo9A9FpDcx8W1iBsTqDrO0FfevHiwqIZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKg49f6ZpbZQ6nukYG2LAFdD65zwMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcURqMV9wbWx0bERxZTZSZ2JZc0FWMFByblBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQiMA0G
CSqGSIb3DQEBCwUAA4IBAQAmrDSQL8uXMJf3pDwR7Mlv3ByDTFoBC+qHrdhqn0En
OajZXEfmpgjVeFA7D+4+RPRRXY2ElbM/pit6bvc+9Jsi3NOj+uCehvaccSZPlXue
wJ54kJNc2h5WnY39+usxNCMWFDLP71ujIc7TQN8u39UZoab8aAD7mBowznhLMvLL
165XfqbrgAnpiQAmr+lBdwQ6BdUK83O9lVFSFk0aB8rv3ZH4lseG0wQZKY462LsU
MWL4NTJjx7GkWmWf0EDaZRF0X+b1mPUKmtNIsgbOtgzCjseF2y+9SrlfWie53+cC
HBlOS85tRIq4+OMi/VBi8GvQ/xNnB6Zu57ldPd7MX3j7
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:43 2025 by rpki-client