Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5kH3bpl3V-isUkUNudD58iInBZc.roa
File: 5kH3bpl3V-isUkUNudD58iInBZc.roa (raw, json)
Hash identifier: 9I73qymR+LK/qCtRDbo35stAyg5KexmlCV5XPg19M/c=
Subject key identifier: E6:41:F7:6E:99:77:57:E8:AC:52:45:0D:B9:D0:F9:F2:22:27:05:97
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748820739B8367D9DBCDBFFFE580805
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5kH3bpl3V-isUkUNudD58iInBZc.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211564
IP address blocks: 192.165.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:82:07:39:b8:36:7d:9d:bc:db:ff:fe:58:08:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e641f76e997757e8ac52450db9d0f9f222270597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:25:77:05:50:fa:02:65:60:f5:dc:e5:4d:5d:
d9:38:62:8f:50:64:39:ab:5e:18:75:f0:7d:62:3e:
a7:84:c3:55:ad:ee:05:8c:38:4c:11:f7:26:6d:0c:
f1:e4:9a:a6:f0:6f:1e:9f:a1:31:d9:1a:f1:ea:ff:
ca:90:68:ac:46:33:d1:8e:33:96:16:3c:72:2f:ec:
e2:b1:05:1f:c3:ee:21:ba:22:4c:d6:6e:5d:9e:83:
54:ac:9c:9b:d6:e1:01:a6:6a:86:6d:69:5f:da:00:
74:8c:f6:e8:e1:05:82:0f:73:13:09:cf:24:f2:b4:
6d:41:ee:a2:6d:72:ae:a6:09:af:00:3c:fc:7f:d5:
9a:97:63:d9:44:38:9f:c3:2d:24:df:ce:90:32:0f:
7a:79:74:29:f2:65:78:28:e2:6d:fe:02:a2:ff:8e:
7b:89:b8:9a:dd:a9:93:50:46:a7:dd:81:9d:ea:36:
ec:d7:03:3a:03:b6:15:db:7a:1a:10:bd:ce:56:61:
01:85:38:f0:77:67:48:e9:91:97:71:3e:aa:72:32:
51:69:f1:89:0e:9b:88:fa:71:1f:6e:71:32:f4:58:
30:91:56:9f:93:6c:2d:63:04:4d:2a:e5:10:35:48:
45:6b:d5:9b:15:87:b8:08:38:a8:fd:86:be:1f:80:
93:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:41:F7:6E:99:77:57:E8:AC:52:45:0D:B9:D0:F9:F2:22:27:05:97
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5kH3bpl3V-isUkUNudD58iInBZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.11.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:35:dd:f1:e1:ed:f6:0a:11:85:ea:4b:0f:a0:62:39:92:9e:
e6:3c:d1:8b:76:9b:6f:54:3b:7b:c0:59:d8:4e:40:25:46:ff:
76:b4:a9:40:a9:ff:96:fc:6b:33:ed:52:5c:1e:80:71:cf:ef:
3c:cd:eb:83:93:01:2e:a3:3b:8c:6d:c6:27:01:d5:5f:91:71:
8f:da:a3:8c:d3:27:9a:c6:4a:65:5a:c4:74:bd:c6:5b:41:5d:
e3:81:99:bb:ce:ff:0c:b1:07:1d:ef:50:b8:d6:99:41:12:92:
cc:a1:4f:74:b5:5b:52:94:86:6d:fc:85:74:43:74:b7:68:e3:
6a:06:f2:2b:b7:a1:38:76:15:a3:96:b8:39:b8:5f:a6:0d:64:
19:63:d6:75:ff:48:05:64:73:bb:48:69:f6:6d:b9:17:f4:c2:
1f:c3:08:84:8d:ec:5e:ad:5a:ec:7e:07:ab:a3:14:6e:a0:0e:
36:1c:c6:6a:60:df:04:3e:bf:27:4f:cf:44:aa:ad:13:28:08:
77:88:f5:86:75:1f:b2:a1:4e:d5:12:0b:aa:8c:9a:0b:d3:a7:
e3:9f:12:33:a6:87:ac:d7:b8:7f:33:34:5d:82:18:cd:ab:ef:
47:c9:a3:f8:a6:88:6d:08:05:1c:ee:55:0e:75:30:ed:f3:82:
74:08:13:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSIIHObg2fZ282//+WAgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQxZjc2ZTk5Nzc1N2U4YWM1MjQ1MGRiOWQwZjlmMjIyMjcwNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9yV3BVD6AmVg9dzlTV3ZOGKPUGQ5
q14YdfB9Yj6nhMNVre4FjDhMEfcmbQzx5Jqm8G8en6Ex2Rrx6v/KkGisRjPRjjOW
FjxyL+zisQUfw+4huiJM1m5dnoNUrJyb1uEBpmqGbWlf2gB0jPbo4QWCD3MTCc8k
8rRtQe6ibXKupgmvADz8f9Wal2PZRDifwy0k386QMg96eXQp8mV4KOJt/gKi/457
ibia3amTUEan3YGd6jbs1wM6A7YV23oaEL3OVmEBhTjwd2dI6ZGXcT6qcjJRafGJ
DpuI+nEfbnEy9FgwkVafk2wtYwRNKuUQNUhFa9WbFYe4CDio/Ya+H4CTzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZB926Zd1forFJFDbnQ+fIiJwWXMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNWtIM2JwbDNWLWlzVWtVTnVkRDU4aUluQlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKULMA0G
CSqGSIb3DQEBCwUAA4IBAQDHNd3x4e32ChGF6ksPoGI5kp7mPNGLdptvVDt7wFnY
TkAlRv92tKlAqf+W/Gsz7VJcHoBxz+88zeuDkwEuozuMbcYnAdVfkXGP2qOM0yea
xkplWsR0vcZbQV3jgZm7zv8MsQcd71C41plBEpLMoU90tVtSlIZt/IV0Q3S3aONq
BvIrt6E4dhWjlrg5uF+mDWQZY9Z1/0gFZHO7SGn2bbkX9MIfwwiEjexerVrsfger
oxRuoA42HMZqYN8EPr8nT89Eqq0TKAh3iPWGdR+yoU7VEguqjJoL06fjnxIzpoes
17h/MzRdghjNq+9HyaP4pohtCAUc7lUOdTDt84J0CBP8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:21 2025 by rpki-client