Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/k0QlprzRd36NvHYuNRv4f12GQM0.roa
File: k0QlprzRd36NvHYuNRv4f12GQM0.roa (raw, json)
Hash identifier: Hx84zYj3bWhYMPrnnvF3XuIdVOKhCJJnqYNhR0z12o8=
Subject key identifier: 93:44:25:A6:BC:D1:77:7E:8D:BC:76:2E:35:1B:F8:7F:5D:86:40:CD
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D76465D12A12A8EC3C74D712B7E54E
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/k0QlprzRd36NvHYuNRv4f12GQM0.roa
Signing time: Wed 01 Jan 2025 21:48:25 +0000
ROA not before: Wed 01 Jan 2025 21:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60461
IP address blocks: 5.1.81.0/24 maxlen: 24
178.251.228.0/23 maxlen: 32
178.251.228.0/24 maxlen: 32
2a01:367:c1f2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:64:65:d1:2a:12:a8:ec:3c:74:d7:12:b7:e5:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=934425a6bcd1777e8dbc762e351bf87f5d8640cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:71:03:30:6f:2e:a7:34:6e:3a:d6:39:b7:b0:
18:f3:0c:1b:9a:be:e0:db:aa:fb:29:f1:3f:a0:47:
f6:28:48:23:84:8b:18:d7:98:69:17:38:9f:32:9b:
30:1a:58:58:35:c2:69:fb:e4:d9:b5:e0:dd:5a:70:
cd:95:46:c6:2a:4f:dd:2c:8c:1a:cd:a7:ee:ec:ca:
17:07:c1:5b:bc:21:1a:39:75:8f:a5:a1:7a:c7:1d:
fa:13:15:c5:9d:29:c6:b2:ca:ed:ac:43:25:c8:f9:
6f:6e:6b:c0:7d:11:27:15:73:ad:bf:6e:50:d6:91:
9b:ac:b7:ac:33:91:25:e9:dd:09:34:2c:65:c8:dd:
46:06:f3:a6:18:50:51:63:2b:63:86:11:0e:45:4d:
cc:d4:53:29:87:24:2e:a3:29:13:2c:84:7a:31:ed:
a6:3c:91:7a:c3:12:ec:87:06:64:d7:9c:63:35:bb:
eb:39:c9:dc:e6:dc:51:23:76:4e:22:b4:32:41:a3:
62:29:d7:e8:05:85:4f:a1:aa:d0:15:5a:fc:3b:26:
3e:c1:63:99:38:98:03:7f:48:f6:e1:94:15:f9:65:
f0:e2:54:a7:38:9e:4e:52:50:0a:76:80:10:00:f7:
f8:1a:2e:c3:93:36:db:06:f9:45:8a:7c:55:2f:ab:
ee:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:44:25:A6:BC:D1:77:7E:8D:BC:76:2E:35:1B:F8:7F:5D:86:40:CD
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/k0QlprzRd36NvHYuNRv4f12GQM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.81.0/24
178.251.228.0/23
IPv6:
2a01:367:c1f2::/48
Signature Algorithm: sha256WithRSAEncryption
a4:a9:00:ec:d6:25:e1:14:1e:f5:18:cb:f4:13:99:8e:2e:7a:
9b:ba:b0:53:38:76:17:d4:23:cd:4a:b4:e6:d6:3b:bf:b0:95:
59:f7:db:ef:83:4b:18:34:a1:f6:de:c3:a3:dd:56:b1:14:78:
72:3d:61:92:d1:e3:d0:46:a7:38:d6:d2:9c:f0:a1:70:c2:24:
2c:b8:dd:42:da:07:b6:59:dc:7c:c3:fc:cb:9f:a7:b9:51:dd:
35:30:08:1f:b9:5c:52:39:ea:5c:18:77:e5:ca:24:a0:09:20:
6d:74:c9:25:a9:7d:4c:b5:05:fd:f1:d1:51:b1:2f:1f:a7:01:
3e:b5:f9:ac:c4:b3:7a:95:5c:23:86:3c:d8:95:dd:e6:4c:f9:
fe:b7:4c:e6:97:a0:3c:1b:a6:e3:a5:4e:8e:2c:13:ee:8e:51:
95:41:7c:44:ba:28:04:d6:9c:13:8e:bd:db:7d:04:e3:43:42:
2e:6f:80:4b:09:67:1c:d7:20:d0:39:3b:bd:9f:1b:bb:ba:76:
07:33:2e:c0:f6:78:72:83:01:c3:14:24:ed:51:fe:f0:7d:1d:
58:b8:94:da:4f:98:09:45:e6:77:6a:b0:d5:3b:4c:7c:db:2a:
87:19:3e:48:13:09:9c:e0:da:30:11:d5:f1:f5:05:f7:49:02:
7a:c2:45:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQj12Rl0SoSqOw8dNcSt+VOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ0MjVhNmJjZDE3NzdlOGRiYzc2MmUzNTFiZjg3ZjVkODY0MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnEDMG8upzRuOtY5t7AY8wwbmr7g
26r7KfE/oEf2KEgjhIsY15hpFzifMpswGlhYNcJp++TZteDdWnDNlUbGKk/dLIwa
zafu7MoXB8FbvCEaOXWPpaF6xx36ExXFnSnGssrtrEMlyPlvbmvAfREnFXOtv25Q
1pGbrLesM5El6d0JNCxlyN1GBvOmGFBRYytjhhEORU3M1FMphyQuoykTLIR6Me2m
PJF6wxLshwZk15xjNbvrOcnc5txRI3ZOIrQyQaNiKdfoBYVPoarQFVr8OyY+wWOZ
OJgDf0j24ZQV+WXw4lSnOJ5OUlAKdoAQAPf4Gi7DkzbbBvlFinxVL6vuGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJNEJaa80Xd+jbx2LjUb+H9dhkDNMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvazBRbHByelJkMzZOdkhZdU5SdjRmMTJHUU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABQFRAwQB
svvkMA8EAgACMAkDBwAqAQNnwfIwDQYJKoZIhvcNAQELBQADggEBAKSpAOzWJeEU
HvUYy/QTmY4uepu6sFM4dhfUI81KtObWO7+wlVn32++DSxg0ofbew6PdVrEUeHI9
YZLR49BGpzjW0pzwoXDCJCy43ULaB7ZZ3HzD/Mufp7lR3TUwCB+5XFI56lwYd+XK
JKAJIG10ySWpfUy1Bf3x0VGxLx+nAT61+azEs3qVXCOGPNiV3eZM+f63TOaXoDwb
puOlTo4sE+6OUZVBfES6KATWnBOOvdt9BONDQi5vgEsJZxzXINA5O72fG7u6dgcz
LsD2eHKDAcMUJO1R/vB9HVi4lNpPmAlF5ndqsNU7THzbKocZPkgTCZzg2jAR1fH1
BfdJAnrCRe8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:15 2025 by rpki-client