Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/GZfhsd46gVloXCLkm-SnjMieCWg.roa
File: GZfhsd46gVloXCLkm-SnjMieCWg.roa (raw, json)
Hash identifier: mtQhHeXlXjESWEuVPcz6nP8CbiTtuMgTlPlMSQqhc90=
Subject key identifier: 19:97:E1:B1:DE:3A:81:59:68:5C:22:E4:9B:E4:A7:8C:C8:9E:09:68
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 0194266C34603A8DF6B754A203C55534B2AF
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/GZfhsd46gVloXCLkm-SnjMieCWg.roa
Signing time: Thu 02 Jan 2025 09:50:12 +0000
ROA not before: Thu 02 Jan 2025 09:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 5.102.36.0/23 maxlen: 23
195.5.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:34:60:3a:8d:f6:b7:54:a2:03:c5:55:34:b2:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Jan 2 09:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1997e1b1de3a8159685c22e49be4a78cc89e0968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fc:ab:85:b4:7f:30:64:56:39:f5:a0:77:72:
9c:3d:be:ca:8e:6a:80:dd:84:34:d4:41:db:70:54:
54:89:79:3a:a4:7c:9f:a5:e8:f0:63:9a:d6:12:3d:
47:fc:9b:b0:81:19:8f:95:0a:f5:d6:24:c5:2d:b4:
c4:cb:02:fd:f5:cc:3e:fe:f0:48:37:b8:17:50:d9:
2c:dd:f6:30:8a:8b:4a:89:4a:5b:53:13:03:98:df:
2b:26:12:17:be:9a:e3:78:08:87:2f:59:04:0f:92:
3b:ed:1e:8b:d7:e1:4b:16:27:29:2f:7a:40:85:24:
96:91:1a:a6:21:67:7f:8a:40:b8:69:3e:55:f2:53:
b9:04:db:bb:4f:08:e2:3c:de:1a:0b:7f:2c:6c:85:
f1:28:70:77:03:48:2c:99:6c:b4:6b:1d:d8:5c:6a:
69:b7:c7:90:d5:f8:a3:59:51:ed:dc:3b:eb:ae:25:
01:d0:71:38:8c:7d:40:19:9d:ba:75:ec:f4:3c:39:
91:ea:fe:98:5d:21:ed:93:c6:33:43:79:86:17:3a:
ee:ce:35:5c:29:39:dc:23:e9:a7:12:22:26:58:06:
c2:ba:37:f3:d1:09:48:6f:20:74:c0:95:83:0a:b1:
2f:c8:04:ab:dc:f0:75:02:45:01:23:c6:e5:79:1d:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:97:E1:B1:DE:3A:81:59:68:5C:22:E4:9B:E4:A7:8C:C8:9E:09:68
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/GZfhsd46gVloXCLkm-SnjMieCWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/23
195.5.125.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:62:78:5a:f8:ef:28:f7:c2:14:68:19:8f:8e:de:8d:b2:f9:
d7:2e:a7:32:70:7e:a5:f8:64:41:b6:bb:71:e0:1d:d2:3f:d5:
fb:c6:2a:fc:54:41:ba:13:f7:52:72:00:1a:5e:e2:38:58:d1:
e7:82:78:cb:4c:4d:f9:57:65:c7:8b:5a:10:d3:9c:27:84:4a:
65:54:46:c0:d5:eb:f3:37:dc:00:76:03:29:a3:81:42:e6:ea:
5d:c4:33:a5:6c:8c:51:f7:b2:37:00:4b:e0:ab:b0:6f:5d:f2:
9e:17:7c:6a:48:ae:24:f3:ca:7d:96:0b:c8:a5:78:84:b8:77:
10:d5:6b:34:98:de:5d:78:13:5c:c3:c0:b8:10:84:4a:d2:ce:
3f:8d:d9:0b:83:ad:26:ad:f4:28:55:4e:da:cc:2b:12:9a:2f:
7d:3b:d0:0b:91:d8:cc:ad:bf:15:1a:02:db:e5:5b:26:3f:2c:
ec:24:e7:dd:e8:a0:78:e5:77:04:1c:1b:96:0b:8b:83:c6:f0:
fd:88:ee:1d:4f:cd:56:ce:81:99:ae:fb:87:10:f6:ec:1f:ba:
55:8f:c7:53:16:d1:a2:f8:43:b8:56:a8:43:ee:63:84:e8:16:
93:64:b4:f6:cc:2b:30:06:05:b1:9c:d8:a7:99:a7:97:d6:4f:
8b:f1:9b:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbDRgOo32t1SiA8VVNLKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjUwMTAyMDk1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk3ZTFiMWRlM2E4MTU5Njg1YzIyZTQ5YmU0YTc4Y2M4OWUwOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPyrhbR/MGRWOfWgd3KcPb7KjmqA
3YQ01EHbcFRUiXk6pHyfpejwY5rWEj1H/JuwgRmPlQr11iTFLbTEywL99cw+/vBI
N7gXUNks3fYwiotKiUpbUxMDmN8rJhIXvprjeAiHL1kED5I77R6L1+FLFicpL3pA
hSSWkRqmIWd/ikC4aT5V8lO5BNu7TwjiPN4aC38sbIXxKHB3A0gsmWy0ax3YXGpp
t8eQ1fijWVHt3DvrriUB0HE4jH1AGZ26dez0PDmR6v6YXSHtk8YzQ3mGFzruzjVc
KTncI+mnEiImWAbCujfz0QlIbyB0wJWDCrEvyASr3PB1AkUBI8bleR0tNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBmX4bHeOoFZaFwi5Jvkp4zIngloMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvR1pmaHNkNDZnVmxvWENMa20tU25qTWllQ1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBWYkAwQA
wwV9MA0GCSqGSIb3DQEBCwUAA4IBAQBtYnha+O8o98IUaBmPjt6NsvnXLqcycH6l
+GRBtrtx4B3SP9X7xir8VEG6E/dScgAaXuI4WNHngnjLTE35V2XHi1oQ05wnhEpl
VEbA1evzN9wAdgMpo4FC5updxDOlbIxR97I3AEvgq7BvXfKeF3xqSK4k88p9lgvI
pXiEuHcQ1Ws0mN5deBNcw8C4EIRK0s4/jdkLg60mrfQoVU7azCsSmi99O9ALkdjM
rb8VGgLb5VsmPyzsJOfd6KB45XcEHBuWC4uDxvD9iO4dT81WzoGZrvuHEPbsH7pV
j8dTFtGi+EO4VqhD7mOE6BaTZLT2zCswBgWxnNinmaeX1k+L8ZuC
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:27:00 2025 by rpki-client