Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/8gvSRkioiol7AtclW0w3QDNdRw0.roa
File: 8gvSRkioiol7AtclW0w3QDNdRw0.roa (raw, json)
Hash identifier: pAF2HpC02c8LxHhm/ivKqiw2U8OBqawxXoZZFN2vllM=
Subject key identifier: F2:0B:D2:46:48:A8:8A:89:7B:02:D7:25:5B:4C:37:40:33:5D:47:0D
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 0194221F6152E7AB0A6DC8D366E94DF4E174
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/8gvSRkioiol7AtclW0w3QDNdRw0.roa
Signing time: Wed 01 Jan 2025 13:47:49 +0000
ROA not before: Wed 01 Jan 2025 13:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202468
IP address blocks: 5.253.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:61:52:e7:ab:0a:6d:c8:d3:66:e9:4d:f4:e1:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 1 13:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f20bd24648a88a897b02d7255b4c3740335d470d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7e:db:ce:dc:6a:0e:d6:15:7a:70:9c:39:d6:
be:77:0f:49:5e:a6:a6:3d:5b:3a:67:20:c8:db:15:
8f:3b:32:31:9e:fa:be:a5:db:9a:f1:84:27:d4:6d:
e3:0e:45:6e:d0:86:00:35:05:47:d4:eb:1b:6b:d1:
8a:45:12:cf:ab:4c:ff:62:9d:72:12:68:49:21:17:
fc:a6:e1:c8:b4:fc:5b:02:bd:8b:60:7c:1b:5e:0a:
83:86:13:c0:9b:cd:74:03:da:50:e8:25:cf:51:6e:
ab:10:2d:8b:01:14:ef:c9:d6:d7:9f:09:d9:5c:e2:
2e:ee:31:90:bb:3d:94:4a:8d:97:8d:b4:a0:ea:cb:
6b:d9:91:89:38:74:1e:b6:a9:1a:8a:2e:5e:fc:3a:
7e:2b:60:1a:fd:35:99:b1:30:b6:08:ba:eb:e7:81:
4b:18:87:d0:f6:d4:e3:09:e9:97:f4:c1:5a:76:57:
88:da:ce:85:73:ab:2b:f4:d1:fc:9f:d2:60:0d:3e:
60:bd:b7:49:25:96:a3:44:29:19:11:c9:65:47:b5:
1e:a0:2c:e2:a8:ca:94:88:e6:28:49:6e:b5:63:d7:
fb:6d:4c:28:71:4f:bc:9f:da:1a:16:68:d5:67:59:
fa:25:c1:b7:e3:1f:b6:76:a5:c3:9c:b7:45:92:e7:
5c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0B:D2:46:48:A8:8A:89:7B:02:D7:25:5B:4C:37:40:33:5D:47:0D
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/8gvSRkioiol7AtclW0w3QDNdRw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:fc:a3:ac:34:5d:b3:b3:b5:c1:65:da:a8:e6:18:6f:c1:74:
df:78:9f:14:9f:0c:c3:2a:ef:ed:87:fc:50:ce:75:40:40:5c:
17:e6:ad:4d:25:2a:1d:19:10:cd:63:a6:85:35:3d:3b:80:e9:
22:82:85:61:29:c8:ff:6b:4f:d7:aa:f5:36:25:72:3f:cd:40:
fd:da:4f:26:b4:1f:86:98:51:70:14:02:25:c5:ec:9b:68:0a:
10:fe:fd:d3:45:87:89:31:85:98:a5:be:af:d1:4c:4a:4b:4a:
63:bb:c5:4c:81:d4:7c:78:7a:2d:85:46:6b:43:24:63:ae:83:
f0:17:84:10:00:3e:9d:18:d1:fb:10:8f:e4:81:1a:23:10:aa:
e9:8d:67:e6:6b:49:9b:71:77:95:ea:ee:b3:a7:21:c7:a5:47:
40:68:cb:d7:46:d9:fd:ca:4d:8c:1b:de:db:26:a1:cc:34:bc:
da:4c:36:b2:8a:24:18:fe:32:ee:2d:bf:b8:a4:7d:5f:24:64:
bf:1a:46:c2:b8:41:0f:74:c6:60:47:bc:07:f3:7e:1d:60:74:
37:25:77:51:47:11:47:38:24:72:65:6d:27:38:e4:6c:c0:51:
0e:de:6c:42:48:94:8e:b0:58:c1:62:97:02:e8:3a:41:87:c0:
65:d1:ad:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH2FS56sKbcjTZulN9OF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjUwMTAxMTM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBiZDI0NjQ4YTg4YTg5N2IwMmQ3MjU1YjRjMzc0MDMzNWQ0NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH7bztxqDtYVenCcOda+dw9JXqam
PVs6ZyDI2xWPOzIxnvq+pdua8YQn1G3jDkVu0IYANQVH1Osba9GKRRLPq0z/Yp1y
EmhJIRf8puHItPxbAr2LYHwbXgqDhhPAm810A9pQ6CXPUW6rEC2LARTvydbXnwnZ
XOIu7jGQuz2USo2XjbSg6str2ZGJOHQetqkaii5e/Dp+K2Aa/TWZsTC2CLrr54FL
GIfQ9tTjCemX9MFadleI2s6Fc6sr9NH8n9JgDT5gvbdJJZajRCkZEcllR7UeoCzi
qMqUiOYoSW61Y9f7bUwocU+8n9oaFmjVZ1n6JcG34x+2dqXDnLdFkudcJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIL0kZIqIqJewLXJVtMN0AzXUcNMB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvOGd2U1JraW9pb2w3QXRjbFcwdzNRRE5kUncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQBu/KOsNF2zs7XBZdqo5hhvwXTfeJ8UnwzDKu/th/xQ
znVAQFwX5q1NJSodGRDNY6aFNT07gOkigoVhKcj/a0/XqvU2JXI/zUD92k8mtB+G
mFFwFAIlxeybaAoQ/v3TRYeJMYWYpb6v0UxKS0pju8VMgdR8eHothUZrQyRjroPw
F4QQAD6dGNH7EI/kgRojEKrpjWfma0mbcXeV6u6zpyHHpUdAaMvXRtn9yk2MG97b
JqHMNLzaTDayiiQY/jLuLb+4pH1fJGS/GkbCuEEPdMZgR7wH834dYHQ3JXdRRxFH
OCRyZW0nOORswFEO3mxCSJSOsFjBYpcC6DpBh8Bl0a3g
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:46 2025 by rpki-client