Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9aX1C0GBDjpl9KbtzL0_14BT4x4.roa
File: 9aX1C0GBDjpl9KbtzL0_14BT4x4.roa (raw, json)
Hash identifier: 2ZwMdtmJ2Vb2cjnuC6vVTCJhkSLVLpECEfkccephonY=
Subject key identifier: F5:A5:F5:0B:41:81:0E:3A:65:F4:A6:ED:CC:BD:3F:D7:80:53:E3:1E
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D766E472DB5315DE2A34D1F7CDD9E5
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9aX1C0GBDjpl9KbtzL0_14BT4x4.roa
Signing time: Wed 01 Jan 2025 21:48:26 +0000
ROA not before: Wed 01 Jan 2025 21:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199839
IP address blocks: 5.180.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:66:e4:72:db:53:15:de:2a:34:d1:f7:cd:d9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5a5f50b41810e3a65f4a6edccbd3fd78053e31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:45:77:a9:6f:23:7f:62:1c:7f:5e:ab:6f:
b9:c9:c2:ab:e9:52:75:9f:5e:df:d0:6b:ef:0c:bb:
29:00:ad:1b:5b:7b:20:6d:70:44:91:63:d4:fe:97:
0d:af:ae:26:05:76:c9:4f:d2:08:3d:29:56:bd:cf:
0c:01:57:4d:54:d9:a7:d9:2d:01:24:38:5d:4a:30:
33:7e:92:58:d0:68:42:06:2a:8b:76:d4:b5:0b:38:
0c:f0:d2:6d:27:0a:6a:87:9a:b8:6b:08:c8:25:ff:
94:02:8b:18:b0:7f:48:6c:46:46:2a:a4:2a:e7:d0:
6b:ff:e4:f5:f5:e7:75:0e:ad:dd:2b:b8:3a:86:2d:
0c:f3:2e:cb:9c:c7:f6:0d:09:80:44:16:67:6d:8f:
df:78:a9:f9:f9:0a:18:54:f8:56:39:6f:6a:f4:fd:
2e:0b:0e:e6:1e:3b:df:4d:5f:e3:14:15:a2:0f:5a:
b9:e4:34:72:0b:04:3d:c4:40:29:3a:84:13:eb:9b:
8a:c1:b4:b8:7e:1e:5c:bb:e3:c1:85:b1:15:8c:0d:
4c:9e:bd:7a:05:0b:3f:53:d8:07:75:2e:89:81:01:
cc:b2:37:94:0d:86:35:8e:3d:2c:41:e0:4d:89:c8:
81:4e:b2:2e:25:17:7e:f9:af:e0:a6:98:40:6b:27:
32:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A5:F5:0B:41:81:0E:3A:65:F4:A6:ED:CC:BD:3F:D7:80:53:E3:1E
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9aX1C0GBDjpl9KbtzL0_14BT4x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.195.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:6a:07:6b:f7:25:0e:33:a2:59:f7:4e:17:3e:5f:72:88:54:
ba:15:3f:9f:fa:89:7c:ca:d3:cb:ff:13:1a:52:9f:72:63:68:
4e:99:80:4e:11:65:6e:1e:cb:3c:40:f3:57:cf:59:26:2e:f1:
b5:f3:4f:90:41:ea:3c:45:52:a9:be:01:eb:a6:65:25:01:ed:
3b:00:0a:9a:38:2b:ef:40:f0:1d:7c:40:d0:36:82:e3:7f:e6:
c5:cb:5b:73:83:be:70:4c:11:fc:10:ad:1c:cb:f2:0c:eb:2b:
e9:85:f3:68:5f:2c:14:ee:27:1a:1d:36:70:39:c9:cc:02:9a:
36:36:9c:36:8a:3b:12:9f:84:30:09:e1:fc:4d:d7:6e:68:b9:
d9:d1:6b:3d:22:be:55:17:ed:e1:80:9e:41:da:d4:2a:49:ed:
b8:8c:be:83:cd:ba:aa:4b:c9:32:dd:8a:26:14:58:fe:5b:b1:
7a:27:43:5f:0d:66:de:bd:77:08:20:25:5e:03:13:4b:8a:bd:
2f:ec:5c:f3:9e:44:d7:25:5e:9f:bd:ae:18:46:10:36:18:65:
c2:2a:eb:f8:67:ab:9a:fd:68:76:1e:78:26:40:a8:71:97:98:
db:d6:bd:9a:07:99:f9:a2:12:a5:3c:07:99:2e:91:9c:21:b1:
15:cd:37:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj12bkcttTFd4qNNH3zdnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE1ZjUwYjQxODEwZTNhNjVmNGE2ZWRjY2JkM2ZkNzgwNTNlMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXBFd6lvI39iHH9eq2+5ycKr6VJ1
n17f0GvvDLspAK0bW3sgbXBEkWPU/pcNr64mBXbJT9IIPSlWvc8MAVdNVNmn2S0B
JDhdSjAzfpJY0GhCBiqLdtS1CzgM8NJtJwpqh5q4awjIJf+UAosYsH9IbEZGKqQq
59Br/+T19ed1Dq3dK7g6hi0M8y7LnMf2DQmARBZnbY/feKn5+QoYVPhWOW9q9P0u
Cw7mHjvfTV/jFBWiD1q55DRyCwQ9xEApOoQT65uKwbS4fh5cu+PBhbEVjA1Mnr16
BQs/U9gHdS6JgQHMsjeUDYY1jj0sQeBNiciBTrIuJRd++a/gpphAaycyywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWl9QtBgQ46ZfSm7cy9P9eAU+MeMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvOWFYMUMwR0JEanBsOUtidHpMMF8xNEJUNHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbTDMA0G
CSqGSIb3DQEBCwUAA4IBAQCaagdr9yUOM6JZ904XPl9yiFS6FT+f+ol8ytPL/xMa
Up9yY2hOmYBOEWVuHss8QPNXz1kmLvG180+QQeo8RVKpvgHrpmUlAe07AAqaOCvv
QPAdfEDQNoLjf+bFy1tzg75wTBH8EK0cy/IM6yvphfNoXywU7icaHTZwOcnMApo2
Npw2ijsSn4QwCeH8TdduaLnZ0Ws9Ir5VF+3hgJ5B2tQqSe24jL6DzbqqS8ky3Yom
FFj+W7F6J0NfDWbevXcIICVeAxNLir0v7FzznkTXJV6fva4YRhA2GGXCKuv4Z6ua
/Wh2HngmQKhxl5jb1r2aB5n5ohKlPAeZLpGcIbEVzTey
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:26 2025 by rpki-client