Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/5b5c16-c11e-452d-98b2-eb15e38bbd15/1/hni5Zm6l0tWgRkMPSWNQcz9bJXs.roa
File: hni5Zm6l0tWgRkMPSWNQcz9bJXs.roa (raw, json)
Hash identifier: 5m+4OOvVIAL5ATC+IriCV/aH5fa2JcS0703gOVQtJWE=
Subject key identifier: 86:78:B9:66:6E:A5:D2:D5:A0:46:43:0F:49:63:50:73:3F:5B:25:7B
Certificate issuer: /CN=17272ec13da42f5b361f1074c6751cc354593e7f
Certificate serial: 019445125D52013554AE9BDFAADB1C5BBD1B
Authority key identifier: 17:27:2E:C1:3D:A4:2F:5B:36:1F:10:74:C6:75:1C:C3:54:59:3E:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FycuwT2kL1s2HxB0xnUcw1RZPn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/5b5c16-c11e-452d-98b2-eb15e38bbd15/1/hni5Zm6l0tWgRkMPSWNQcz9bJXs.roa
Signing time: Wed 08 Jan 2025 08:40:18 +0000
ROA not before: Wed 08 Jan 2025 08:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200434
IP address blocks: 59.153.36.0/22 maxlen: 24
185.107.104.0/22 maxlen: 24
2a06:44c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:12:5d:52:01:35:54:ae:9b:df:aa:db:1c:5b:bd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17272ec13da42f5b361f1074c6751cc354593e7f
Validity
Not Before: Jan 8 08:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8678b9666ea5d2d5a046430f496350733f5b257b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a3:a9:23:a4:bf:a5:a3:ba:59:64:67:be:65:
43:98:ee:7a:4c:49:94:fd:86:67:f8:b5:d6:ac:b3:
47:7c:37:5e:35:81:06:0a:85:b0:fd:8b:81:e4:65:
d5:98:e9:a4:bc:e0:30:22:d4:95:a4:a5:ff:a5:94:
7b:fe:4b:c8:3d:3b:8c:56:5a:5b:9b:59:c8:3d:d5:
a1:32:4d:03:4b:30:b0:bf:23:32:78:cd:66:fb:16:
3e:90:6d:4e:6d:6b:1f:d4:01:b7:e1:89:24:2d:f9:
2f:fb:5a:19:eb:16:8e:ef:19:a6:2d:2b:c9:98:18:
73:24:39:40:f8:75:17:a5:0b:97:f3:08:33:19:9e:
ab:74:af:4c:a5:cf:79:8d:63:8a:15:82:73:7c:bc:
49:49:74:08:14:86:46:d1:67:c1:48:a2:8c:52:63:
a5:04:34:d4:f6:ca:bc:d2:46:25:75:44:3f:44:b2:
54:89:74:a1:86:2c:8b:f8:f1:d6:fe:7b:28:39:44:
0f:45:7e:94:f1:74:ca:bb:0d:ad:a4:49:d9:de:26:
b6:90:ef:c5:73:45:1f:69:d7:89:59:3d:82:8c:58:
82:3f:b7:56:73:f1:66:47:dc:a8:31:c4:c2:b3:bc:
f0:08:33:03:fe:6d:8e:37:da:71:11:9b:c3:25:48:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:78:B9:66:6E:A5:D2:D5:A0:46:43:0F:49:63:50:73:3F:5B:25:7B
X509v3 Authority Key Identifier:
keyid:17:27:2E:C1:3D:A4:2F:5B:36:1F:10:74:C6:75:1C:C3:54:59:3E:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FycuwT2kL1s2HxB0xnUcw1RZPn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5b5c16-c11e-452d-98b2-eb15e38bbd15/1/hni5Zm6l0tWgRkMPSWNQcz9bJXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5b5c16-c11e-452d-98b2-eb15e38bbd15/1/FycuwT2kL1s2HxB0xnUcw1RZPn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.153.36.0/22
185.107.104.0/22
IPv6:
2a06:44c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:45:6f:4a:dd:f4:4f:96:91:68:f4:6a:c3:e1:61:47:d2:8c:
ec:3b:c6:19:97:13:65:6e:e0:6a:21:7e:1d:dd:28:2e:b7:ac:
3c:30:53:24:1b:93:cd:f2:39:a8:7a:35:8a:08:26:48:fc:60:
27:f2:78:2a:ef:d6:06:e3:39:c6:b7:68:d7:ad:d5:d6:7b:95:
60:70:a0:9e:35:a2:f7:f0:27:63:8f:ad:f4:3f:61:ec:78:f6:
c4:2b:84:e5:26:72:02:35:01:67:3a:ef:28:48:1a:68:8b:7d:
fb:dc:a3:c3:02:8d:0c:2a:72:e0:d8:d6:34:0e:f4:23:fa:cc:
38:fb:38:38:f7:c7:fd:72:7b:08:46:0f:be:00:4c:e6:f2:77:
e6:76:1f:22:08:a1:66:f5:c9:2a:b0:5e:fd:f1:9d:de:8c:8b:
37:8f:61:57:64:cc:b2:3c:62:44:09:4b:4f:2a:75:43:a1:7b:
fb:49:b5:1b:c6:07:b5:69:6a:61:36:a2:9a:80:2e:a7:ae:45:
d7:a3:8f:6b:c9:cb:54:5d:e3:d4:1f:4d:e5:23:bd:6d:ec:40:
78:0d:ea:31:05:84:e0:26:38:94:9f:31:06:dd:94:cf:d2:c7:
48:79:b0:f4:7e:83:47:71:37:d1:6a:b2:93:a3:d7:61:1a:60:
32:bb:60:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZRFEl1SATVUrpvfqtscW70bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjcyZWMxM2RhNDJmNWIzNjFmMTA3NGM2NzUxY2MzNTQ1
OTNlN2YwHhcNMjUwMTA4MDg0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njc4Yjk2NjZlYTVkMmQ1YTA0NjQzMGY0OTYzNTA3MzNmNWIyNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaOpI6S/paO6WWRnvmVDmO56TEmU
/YZn+LXWrLNHfDdeNYEGCoWw/YuB5GXVmOmkvOAwItSVpKX/pZR7/kvIPTuMVlpb
m1nIPdWhMk0DSzCwvyMyeM1m+xY+kG1ObWsf1AG34YkkLfkv+1oZ6xaO7xmmLSvJ
mBhzJDlA+HUXpQuX8wgzGZ6rdK9Mpc95jWOKFYJzfLxJSXQIFIZG0WfBSKKMUmOl
BDTU9sq80kYldUQ/RLJUiXShhiyL+PHW/nsoOUQPRX6U8XTKuw2tpEnZ3ia2kO/F
c0UfadeJWT2CjFiCP7dWc/FmR9yoMcTCs7zwCDMD/m2ON9pxEZvDJUj9hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIZ4uWZupdLVoEZDD0ljUHM/WyV7MB8GA1UdIwQY
MBaAFBcnLsE9pC9bNh8QdMZ1HMNUWT5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnljdXdUMmtMMXMySHhCMHhuVWN3MVJaUG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81YjVjMTYtYzExZS00NTJkLTk4YjIt
ZWIxNWUzOGJiZDE1LzEvaG5pNVptNmwwdFdnUmtNUFNXTlFjejliSlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81YjVjMTYtYzExZS00NTJkLTk4YjItZWIxNWUzOGJiZDE1
LzEvRnljdXdUMmtMMXMySHhCMHhuVWN3MVJaUG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCO5kkAwQC
uWtoMA0EAgACMAcDBQMqBkTAMA0GCSqGSIb3DQEBCwUAA4IBAQB2RW9K3fRPlpFo
9GrD4WFH0ozsO8YZlxNlbuBqIX4d3Sgut6w8MFMkG5PN8jmoejWKCCZI/GAn8ngq
79YG4znGt2jXrdXWe5VgcKCeNaL38Cdjj630P2HsePbEK4TlJnICNQFnOu8oSBpo
i3373KPDAo0MKnLg2NY0DvQj+sw4+zg498f9cnsIRg++AEzm8nfmdh8iCKFm9ckq
sF798Z3ejIs3j2FXZMyyPGJECUtPKnVDoXv7SbUbxge1aWphNqKagC6nrkXXo49r
yctUXePUH03lI71t7EB4DeoxBYTgJjiUnzEG3ZTP0sdIebD0foNHcTfRarKTo9dh
GmAyu2Bx
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:59:31 2025 by rpki-client