Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xRk9nX4gnISIqgfiDUHiXY-QRAc.roa
File: xRk9nX4gnISIqgfiDUHiXY-QRAc.roa (raw, json)
Hash identifier: hX+pCn3WRkjFv46roNsz0j4I0Puw5K5a7CaBdX3eIlU=
Subject key identifier: C5:19:3D:9D:7E:20:9C:84:88:AA:07:E2:0D:41:E2:5D:8F:90:44:07
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019420682E18F71127744E03E6468B190D05
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xRk9nX4gnISIqgfiDUHiXY-QRAc.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2e:18:f7:11:27:74:4e:03:e6:46:8b:19:0d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5193d9d7e209c8488aa07e20d41e25d8f904407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fb:99:9a:dc:13:c4:28:de:4f:bd:86:dc:a5:
1e:71:29:50:60:3f:34:af:0d:2b:7a:29:bd:82:54:
fd:41:bf:b9:94:8c:9c:0a:25:4e:25:0a:92:53:7e:
c9:11:33:df:da:5e:50:2f:fb:dc:54:8e:4b:f5:6e:
43:d2:8f:ee:fc:43:c7:75:ef:52:07:ff:28:04:81:
f4:9e:4d:9b:28:35:e3:69:5f:ee:ad:52:fa:bb:cd:
de:cc:d2:d8:7e:2a:6d:e3:aa:ea:6f:58:42:f4:67:
c6:05:dc:2f:e5:6a:1c:a4:be:f9:11:ea:02:36:0d:
6e:3f:c2:dd:75:38:9c:fd:2f:36:f2:98:ce:54:07:
ec:57:83:51:9e:a3:a5:fb:fe:c7:70:0b:cf:b2:aa:
35:05:e2:b3:8a:88:d0:c3:84:49:b9:f1:91:f4:58:
12:c9:df:14:93:66:04:8f:7f:e7:4d:9c:91:14:ac:
b9:c3:12:32:95:a2:ed:99:1f:59:69:31:ce:82:69:
80:5e:eb:45:ab:74:fb:fa:df:ee:09:d3:dc:d3:0d:
3d:6c:83:2f:6d:1f:5f:f3:e2:a7:6a:bd:b9:d0:7f:
aa:c6:d1:5a:06:58:5b:2e:12:92:b6:86:97:6a:70:
96:b5:89:21:b8:9e:59:97:d1:2d:a9:f6:c1:0f:9a:
8b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:19:3D:9D:7E:20:9C:84:88:AA:07:E2:0D:41:E2:5D:8F:90:44:07
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/xRk9nX4gnISIqgfiDUHiXY-QRAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:7e:5f:1b:80:95:21:ef:fe:83:c3:65:bc:07:e8:c8:d7:ed:
63:8a:bb:e9:79:92:43:c6:29:a6:ef:a5:87:c4:6c:5d:f2:38:
2c:e9:52:02:02:6d:1f:ed:61:56:84:6e:b8:b7:29:43:44:a2:
5f:16:9c:43:1f:3b:44:1d:1a:87:de:5e:73:1b:ff:ea:75:b6:
62:c0:58:4d:91:93:69:2e:ac:71:99:e7:2d:7d:32:90:c7:46:
a7:cd:e2:55:a3:e6:3e:00:d9:22:85:05:92:ac:6c:f6:02:34:
6f:9b:9d:55:d9:d8:19:fe:eb:c1:9a:64:88:02:79:99:4a:45:
53:81:13:33:25:3b:7e:dd:69:e8:2a:3c:79:7e:e9:43:cf:7e:
e3:62:c0:f9:e5:9f:82:a1:b6:ca:91:b4:b7:91:41:ef:d8:19:
af:15:35:fc:d9:b0:1f:e5:2a:6d:7e:a4:39:04:5b:6f:51:27:
ac:6c:14:24:24:cf:48:06:5b:88:8d:ab:46:b6:7d:64:26:ef:
e6:ba:6c:d2:29:b0:db:18:7a:f4:ad:c8:70:4d:c6:1a:1d:10:
35:bb:6d:8c:b8:71:ae:6d:a3:ee:e7:51:f4:85:4b:ab:f2:a3:
19:14:b1:c5:5e:bb:97:29:8c:07:f6:7f:45:3d:d2:96:d1:58:
37:26:51:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaC4Y9xEndE4D5kaLGQ0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTE5M2Q5ZDdlMjA5Yzg0ODhhYTA3ZTIwZDQxZTI1ZDhmOTA0NDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvuZmtwTxCjeT72G3KUecSlQYD80
rw0reim9glT9Qb+5lIycCiVOJQqSU37JETPf2l5QL/vcVI5L9W5D0o/u/EPHde9S
B/8oBIH0nk2bKDXjaV/urVL6u83ezNLYfipt46rqb1hC9GfGBdwv5WocpL75EeoC
Ng1uP8LddTic/S828pjOVAfsV4NRnqOl+/7HcAvPsqo1BeKziojQw4RJufGR9FgS
yd8Uk2YEj3/nTZyRFKy5wxIylaLtmR9ZaTHOgmmAXutFq3T7+t/uCdPc0w09bIMv
bR9f8+Knar250H+qxtFaBlhbLhKStoaXanCWtYkhuJ5Zl9EtqfbBD5qLzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUZPZ1+IJyEiKoH4g1B4l2PkEQHMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEveFJrOW5YNGduSVNJcWdmaURVSGlYWS1RUkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQDFfl8bgJUh7/6Dw2W8B+jI1+1jirvpeZJDximm76WH
xGxd8jgs6VICAm0f7WFWhG64tylDRKJfFpxDHztEHRqH3l5zG//qdbZiwFhNkZNp
LqxxmectfTKQx0anzeJVo+Y+ANkihQWSrGz2AjRvm51V2dgZ/uvBmmSIAnmZSkVT
gRMzJTt+3WnoKjx5fulDz37jYsD55Z+CobbKkbS3kUHv2BmvFTX82bAf5SptfqQ5
BFtvUSesbBQkJM9IBluIjatGtn1kJu/mumzSKbDbGHr0rchwTcYaHRA1u22MuHGu
baPu51H0hUur8qMZFLHFXruXKYwH9n9FPdKW0Vg3JlFq
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:07:19 2025 by rpki-client