Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/5Be6EqezXfxwhrFPLeonCfAyvI8.roa
File: 5Be6EqezXfxwhrFPLeonCfAyvI8.roa (raw, json)
Hash identifier: 5DTu5fQoOJxSVXmen8IkdRj7K/ip+zcpfYhUFVu0omI=
Subject key identifier: E4:17:BA:12:A7:B3:5D:FC:70:86:B1:4F:2D:EA:27:09:F0:32:BC:8F
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 0194221FD98784FA8DA4A00C6E8A816AF6A2
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/5Be6EqezXfxwhrFPLeonCfAyvI8.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19607
IP address blocks: 91.108.160.0/21 maxlen: 21
159.253.160.0/21 maxlen: 21
185.31.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d9:87:84:fa:8d:a4:a0:0c:6e:8a:81:6a:f6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e417ba12a7b35dfc7086b14f2dea2709f032bc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:4b:99:25:4b:f9:1c:b3:f5:34:a0:47:10:
87:eb:61:e2:51:dd:37:1d:be:ca:fd:f6:41:ca:cd:
29:7a:9f:0d:40:06:7d:7d:8e:a0:67:41:62:8c:ea:
27:94:35:7b:1f:6d:69:da:bf:44:96:c1:52:4c:86:
a7:c6:24:ad:23:9a:cb:cc:54:b9:1e:7f:39:34:4b:
e1:77:ab:a7:56:a7:d2:da:6d:ec:2b:3d:74:77:e2:
ad:95:c3:23:c2:0a:4c:40:b0:9f:fb:1b:8d:3a:84:
5f:22:25:77:3f:be:f1:96:8e:30:15:79:17:49:ec:
ec:55:e4:d4:ae:3a:ee:60:54:21:fb:8e:25:6d:47:
37:87:88:9e:81:c7:6d:0e:61:68:62:d4:10:f4:07:
7a:16:95:ea:4f:3f:ff:be:c5:8d:eb:50:cc:61:a4:
65:86:30:4b:c0:b4:68:fd:bd:fe:1f:1e:b0:f1:ce:
f5:22:e3:c2:f4:4d:7c:34:fb:19:4c:86:dc:08:95:
70:04:78:22:fb:8e:8c:06:2b:a5:33:d2:d9:87:6e:
76:01:2e:8b:23:91:7b:26:9a:70:60:ed:c7:86:b3:
97:57:8e:a2:cf:9c:d1:0a:c7:08:89:e6:42:6e:9f:
ee:97:ba:87:55:00:02:8f:ab:be:4a:18:74:d3:27:
2e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:BA:12:A7:B3:5D:FC:70:86:B1:4F:2D:EA:27:09:F0:32:BC:8F
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/5Be6EqezXfxwhrFPLeonCfAyvI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
77:24:bd:b2:c4:9d:36:fb:99:eb:8b:96:c4:d8:3a:f7:49:2b:
bf:aa:ed:9f:46:0e:14:ab:85:40:ea:32:85:72:0c:b1:55:13:
2d:12:79:3a:be:d8:aa:0f:3a:a9:8a:7e:23:58:99:90:0f:b5:
e6:de:0b:04:4c:4a:79:2a:f1:cf:6e:28:a6:1f:9a:f5:d8:6d:
51:83:3a:6d:77:f4:ef:89:55:ae:98:50:1c:92:00:af:f2:7d:
bc:fe:79:5d:6a:d5:5b:fe:63:c7:da:28:b5:19:50:56:52:64:
7d:20:eb:f8:99:67:98:38:65:6e:69:b7:04:c4:db:8a:d5:f9:
e4:d3:5e:4e:b7:c2:22:8e:8f:2e:e7:8a:ce:b0:31:5b:9d:65:
4d:78:55:37:e2:5b:bf:e2:d8:fe:96:7a:82:0e:71:41:34:8b:
52:4c:90:14:5e:bc:c0:59:2d:8a:eb:cf:8c:be:7a:c6:21:f5:
f0:67:cd:f0:ed:c4:df:6b:5f:c4:4b:ac:f8:7b:0b:82:c3:25:
92:b5:71:95:11:81:00:53:3a:68:9c:57:24:c5:6b:d4:af:4c:
fd:d1:fe:13:73:1f:e3:b3:02:0e:44:90:e8:ce:f6:5e:f7:95:
e4:75:d7:a5:3b:2a:cf:7f:c1:d1:92:5f:49:d6:77:ff:39:84:
9f:93:bd:c8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH9mHhPqNpKAMboqBavaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTQzNjViMjhhMDgyODM0YTc1MWE5Nzc3MWI3OTExMjQ1
MjRkZWMwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3YmExMmE3YjM1ZGZjNzA4NmIxNGYyZGVhMjcwOWYwMzJiYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjBLmSVL+Ryz9TSgRxCH62HiUd03
Hb7K/fZBys0pep8NQAZ9fY6gZ0FijOonlDV7H21p2r9ElsFSTIanxiStI5rLzFS5
Hn85NEvhd6unVqfS2m3sKz10d+KtlcMjwgpMQLCf+xuNOoRfIiV3P77xlo4wFXkX
SezsVeTUrjruYFQh+44lbUc3h4iegcdtDmFoYtQQ9Ad6FpXqTz//vsWN61DMYaRl
hjBLwLRo/b3+Hx6w8c71IuPC9E18NPsZTIbcCJVwBHgi+46MBiulM9LZh252AS6L
I5F7JppwYO3HhrOXV46iz5zRCscIieZCbp/ul7qHVQACj6u+Shh00ycuOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOQXuhKns138cIaxTy3qJwnwMryPMB8GA1UdIwQY
MBaAFNiUNlsooIKDSnUal3cbeREkUk3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEt
MjE0NjE3OWQ4ZTJiLzEvNUJlNkVxZXpYZnh3aHJGUExlb25DZkF5dkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEtMjE0NjE3OWQ4ZTJi
LzEvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2ygAwQD
n/2gAwQCuR+YMA0GCSqGSIb3DQEBCwUAA4IBAQB3JL2yxJ02+5nri5bE2Dr3SSu/
qu2fRg4Uq4VA6jKFcgyxVRMtEnk6vtiqDzqpin4jWJmQD7Xm3gsETEp5KvHPbiim
H5r12G1Rgzptd/TviVWumFAckgCv8n28/nldatVb/mPH2ii1GVBWUmR9IOv4mWeY
OGVuabcExNuK1fnk015Ot8Iijo8u54rOsDFbnWVNeFU34lu/4tj+lnqCDnFBNItS
TJAUXrzAWS2K68+MvnrGIfXwZ83w7cTfa1/ES6z4ewuCwyWStXGVEYEAUzponFck
xWvUr0z90f4Tcx/jswIORJDozvZe95XkddelOyrPf8HRkl9J1nf/OYSfk73I
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:14:22 2025 by rpki-client