Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/B_PNrqaypXS-uuqkeyPbkmY0Qnc.roa
File: B_PNrqaypXS-uuqkeyPbkmY0Qnc.roa (raw, json)
Hash identifier: Du7C+6zjWvOoxLpFBJQPqQbDqvsJ2HaEuG+OJzC6pe8=
Subject key identifier: 07:F3:CD:AE:A6:B2:A5:74:BE:BA:EA:A4:7B:23:DB:92:66:34:42:77
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D76EFA51CC8211598CF10EB778DA62
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/B_PNrqaypXS-uuqkeyPbkmY0Qnc.roa
Signing time: Wed 01 Jan 2025 21:48:28 +0000
ROA not before: Wed 01 Jan 2025 21:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205632
IP address blocks: 5.1.71.0/24 maxlen: 32
2a07:6fc0:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6e:fa:51:cc:82:11:59:8c:f1:0e:b7:78:da:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07f3cdaea6b2a574bebaeaa47b23db9266344277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:02:c2:36:92:d8:c0:70:1d:c6:b3:ea:8a:
f8:9e:33:6f:f4:57:96:b5:9c:e7:e0:83:f5:dd:23:
e9:02:f4:98:45:da:8a:16:b4:60:bf:ca:17:aa:ff:
1e:80:cd:be:9b:c1:33:1b:c4:87:06:c7:ee:71:20:
2c:db:b3:90:4a:3c:9f:8b:e7:76:b2:98:32:1b:2e:
b5:a4:8b:52:9d:0b:5a:70:0b:73:72:05:88:c7:37:
ca:07:20:76:02:61:67:ac:d1:3b:a0:30:42:46:8f:
e2:51:07:1a:71:5b:34:28:5d:92:51:2a:8d:f0:61:
ee:f0:0c:6b:9d:ef:f2:01:9a:63:53:08:f7:b9:2e:
c5:9c:bd:0c:32:7a:55:98:80:4b:9e:d1:7c:a1:ff:
a8:e4:c5:a8:4d:8e:db:a9:5c:ac:8d:fb:ec:a2:f7:
5a:3d:31:cb:69:9b:2b:0c:4c:2d:90:4c:71:f1:80:
58:3c:51:5f:d6:f0:4f:7d:37:df:3c:19:7b:37:20:
38:90:b8:cf:90:f8:df:17:97:e8:71:0b:40:5c:36:
fe:1c:43:85:99:b5:b4:26:0b:54:e7:b6:ed:2f:fb:
bf:03:9d:52:a7:4e:a5:2d:31:cf:b3:3c:ac:17:f6:
cd:b7:4e:5e:d5:a4:79:c6:29:86:aa:b3:51:3a:ad:
91:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F3:CD:AE:A6:B2:A5:74:BE:BA:EA:A4:7B:23:DB:92:66:34:42:77
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/B_PNrqaypXS-uuqkeyPbkmY0Qnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.71.0/24
IPv6:
2a07:6fc0:4::/48
Signature Algorithm: sha256WithRSAEncryption
71:ec:3c:6f:be:05:fc:dc:ee:5a:bf:c9:70:4d:f9:34:4e:ec:
91:84:6a:ef:f4:8b:e0:87:3f:eb:72:15:21:e9:02:92:d3:e5:
43:87:5b:f8:94:fa:bc:56:06:09:f1:8d:21:c5:f0:24:03:bb:
33:04:f2:df:23:78:c1:95:60:bc:be:f0:e6:83:9a:83:36:62:
1a:a4:82:48:a5:64:36:c9:fb:29:3f:a0:07:82:3e:d0:7b:51:
e0:12:11:91:44:1b:94:24:fb:fe:f4:be:13:09:f9:d2:89:9e:
b3:71:94:60:92:75:4e:45:87:9d:14:95:71:28:1e:41:c5:01:
5b:bb:60:6c:3a:c1:08:3a:f5:b2:c0:82:20:75:eb:85:96:6e:
c8:c6:3b:39:0e:ff:79:cd:20:a4:b0:10:e7:b5:06:2d:e7:2d:
5e:57:b7:7e:e5:d2:a5:e3:0f:43:e6:2f:17:11:ac:f7:e7:49:
e1:e3:60:a2:c8:72:5a:bc:bc:70:e7:be:8a:d7:c9:4b:47:0a:
85:77:c4:1f:f9:09:b7:0d:13:dd:a8:c2:a3:a0:e9:5a:e9:dd:
0a:a5:f6:91:ad:d2:d7:d1:ef:fc:8b:d4:6b:f1:90:20:b0:c8:
fa:4a:d3:21:8f:af:80:12:d6:09:b1:9a:df:07:43:1d:a0:29:
d7:31:a3:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1276UcyCEVmM8Q63eNpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2YzY2RhZWE2YjJhNTc0YmViYWVhYTQ3YjIzZGI5MjY2MzQ0Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaoCwjaS2MBwHcaz6or4njNv9FeW
tZzn4IP13SPpAvSYRdqKFrRgv8oXqv8egM2+m8EzG8SHBsfucSAs27OQSjyfi+d2
spgyGy61pItSnQtacAtzcgWIxzfKByB2AmFnrNE7oDBCRo/iUQcacVs0KF2SUSqN
8GHu8Axrne/yAZpjUwj3uS7FnL0MMnpVmIBLntF8of+o5MWoTY7bqVysjfvsovda
PTHLaZsrDEwtkExx8YBYPFFf1vBPfTffPBl7NyA4kLjPkPjfF5focQtAXDb+HEOF
mbW0JgtU57btL/u/A51Sp06lLTHPszysF/bNt05e1aR5ximGqrNROq2RlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAfzza6msqV0vrrqpHsj25JmNEJ3MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvQl9QTnJxYXlwWFMtdXVxa2V5UGJrbVkwUW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQFHMA8E
AgACMAkDBwAqB2/AAAQwDQYJKoZIhvcNAQELBQADggEBAHHsPG++Bfzc7lq/yXBN
+TRO7JGEau/0i+CHP+tyFSHpApLT5UOHW/iU+rxWBgnxjSHF8CQDuzME8t8jeMGV
YLy+8OaDmoM2YhqkgkilZDbJ+yk/oAeCPtB7UeASEZFEG5Qk+/70vhMJ+dKJnrNx
lGCSdU5Fh50UlXEoHkHFAVu7YGw6wQg69bLAgiB164WWbsjGOzkO/3nNIKSwEOe1
Bi3nLV5Xt37l0qXjD0PmLxcRrPfnSeHjYKLIclq8vHDnvorXyUtHCoV3xB/5CbcN
E92owqOg6Vrp3Qql9pGt0tfR7/yL1GvxkCCwyPpK0yGPr4AS1gmxmt8HQx2gKdcx
o9s=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:59:31 2025 by rpki-client