Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/5piZhUc6B_Q8SXnCvmVdLn755tk.roa
File: 5piZhUc6B_Q8SXnCvmVdLn755tk.roa (raw, json)
Hash identifier: 1kX1fTcGnU3vqt6H68WNwGSWbpk3Ul9d3oLOLIk5xOI=
Subject key identifier: E6:98:99:85:47:3A:07:F4:3C:49:79:C2:BE:65:5D:2E:7E:F9:E6:D9
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 019424B3EB0B954518B2EDB24C605011B010
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/5piZhUc6B_Q8SXnCvmVdLn755tk.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48355
IP address blocks: 185.1.137.0/24 maxlen: 24
2001:7f8:db::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:eb:0b:95:45:18:b2:ed:b2:4c:60:50:11:b0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6989985473a07f43c4979c2be655d2e7ef9e6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:c6:5e:fb:29:23:11:86:a3:f7:be:4b:ac:
3b:a8:5f:c9:a3:50:53:4b:56:43:f8:2d:f4:a2:c9:
3d:ce:67:1c:cd:85:08:09:7e:e8:b4:f7:2e:c7:22:
fc:33:2c:1c:93:24:b7:f4:59:3d:0a:1d:d8:1a:c1:
b0:e0:43:84:f5:2e:89:88:dc:4b:dc:51:ea:82:d1:
18:01:9d:33:99:d2:4b:f4:dc:db:53:02:fd:49:b6:
e7:57:11:f4:02:62:14:31:21:b6:72:a2:05:b5:72:
db:e8:78:b8:b5:e9:61:26:ad:0d:f7:12:ab:60:ca:
4e:3e:14:f9:fd:7f:ec:46:bb:3f:aa:82:e8:2a:c7:
2c:83:7f:6f:3f:29:3b:f4:4a:14:f8:ec:d4:47:e3:
e7:69:32:65:60:31:67:e5:0d:e1:ce:0e:96:36:6e:
c8:48:2e:ef:76:58:78:1f:13:3a:20:a0:0b:fd:91:
4c:08:d1:fe:59:d1:48:30:f8:95:bf:4d:91:91:6b:
f9:86:55:cf:75:d9:8c:d5:d1:d2:25:07:56:8a:36:
ba:45:37:b1:89:67:0b:5a:e5:89:eb:f8:c8:d1:1c:
9b:ba:5d:b1:1f:6d:26:7e:6f:52:06:88:f5:a5:86:
6b:e4:ec:61:ed:3d:1b:72:68:63:5c:b5:06:a4:0b:
b6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:98:99:85:47:3A:07:F4:3C:49:79:C2:BE:65:5D:2E:7E:F9:E6:D9
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/5piZhUc6B_Q8SXnCvmVdLn755tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.137.0/24
IPv6:
2001:7f8:db::/48
Signature Algorithm: sha256WithRSAEncryption
5b:c0:40:61:04:5d:78:15:84:e0:39:c7:74:32:f0:c5:3a:24:
19:1f:cb:27:47:c0:a5:ca:d9:3e:6c:88:66:ed:b9:e0:79:ff:
3f:2e:28:23:87:ca:32:fb:d2:4c:6a:10:3f:5b:c9:1c:77:04:
e1:92:58:09:d3:1a:9d:2d:a1:81:1c:33:af:bb:d6:5c:5b:a6:
cc:d3:bf:30:f2:7c:37:6a:7e:23:bd:70:b7:c9:ce:b0:9b:60:
61:03:df:e9:ad:e9:a5:d3:b4:fb:10:cf:e3:af:2e:c2:2c:2b:
fc:26:83:f6:0a:b6:4a:33:3c:6b:f2:5b:91:da:f6:ed:ad:65:
69:d1:82:91:3a:78:6f:93:d8:40:be:5b:62:99:d8:c5:9f:09:
34:d0:9b:56:d2:86:33:00:78:e5:e1:6b:6c:ae:30:a4:0d:3f:
56:ce:9d:65:e9:a2:ec:75:5a:b0:70:3d:e8:a1:e7:2a:38:d0:
a3:f0:32:f9:cb:8b:6d:3a:7d:e1:7c:b3:d7:7a:63:04:5c:74:
9a:a0:45:87:95:98:d8:42:3c:b9:65:03:6c:43:2a:68:c5:6d:
93:54:47:83:4d:94:05:2c:69:47:22:61:9c:5c:81:af:19:17:
d2:31:f3:ca:63:b0:f7:e0:a2:18:7e:7c:c9:a1:e7:b0:0f:b5:
48:4d:6c:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks+sLlUUYsu2yTGBQEbAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0
YjIwYjMwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk4OTk4NTQ3M2EwN2Y0M2M0OTc5YzJiZTY1NWQyZTdlZjllNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWfGXvspIxGGo/e+S6w7qF/Jo1BT
S1ZD+C30osk9zmcczYUICX7otPcuxyL8MywckyS39Fk9Ch3YGsGw4EOE9S6JiNxL
3FHqgtEYAZ0zmdJL9NzbUwL9SbbnVxH0AmIUMSG2cqIFtXLb6Hi4telhJq0N9xKr
YMpOPhT5/X/sRrs/qoLoKscsg39vPyk79EoU+OzUR+PnaTJlYDFn5Q3hzg6WNm7I
SC7vdlh4HxM6IKAL/ZFMCNH+WdFIMPiVv02RkWv5hlXPddmM1dHSJQdWija6RTex
iWcLWuWJ6/jI0Rybul2xH20mfm9SBoj1pYZr5Oxh7T0bcmhjXLUGpAu2KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOaYmYVHOgf0PEl5wr5lXS5++ebZMB8GA1UdIwQY
MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt
YTc3NmZlZGU5OTA1LzEvNXBpWmhVYzZCX1E4U1huQ3ZtVmRMbjc1NXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2MtYTc3NmZlZGU5OTA1
LzEvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQGJMA8E
AgACMAkDBwAgAQf4ANswDQYJKoZIhvcNAQELBQADggEBAFvAQGEEXXgVhOA5x3Qy
8MU6JBkfyydHwKXK2T5siGbtueB5/z8uKCOHyjL70kxqED9byRx3BOGSWAnTGp0t
oYEcM6+71lxbpszTvzDyfDdqfiO9cLfJzrCbYGED3+mt6aXTtPsQz+OvLsIsK/wm
g/YKtkozPGvyW5Ha9u2tZWnRgpE6eG+T2EC+W2KZ2MWfCTTQm1bShjMAeOXha2yu
MKQNP1bOnWXpoux1WrBwPeih5yo40KPwMvnLi206feF8s9d6YwRcdJqgRYeVmNhC
PLllA2xDKmjFbZNUR4NNlAUsaUciYZxcga8ZF9Ix88pjsPfgohh+fMmh57APtUhN
bHc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:13 2025 by rpki-client