Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/AjmtKVshFn4i5oudhf9_vWmAvsw.roa
File: AjmtKVshFn4i5oudhf9_vWmAvsw.roa (raw, json)
Hash identifier: CuwkA+D3Ny2dECS4D0f8gIT8izPiI79T33+j6Gl48lk=
Subject key identifier: 02:39:AD:29:5B:21:16:7E:22:E6:8B:9D:85:FF:7F:BD:69:80:BE:CC
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 0194F0070A59AC073C2E8251FE4422F875E8
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/AjmtKVshFn4i5oudhf9_vWmAvsw.roa
Signing time: Mon 10 Feb 2025 13:23:00 +0000
ROA not before: Mon 10 Feb 2025 13:23:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201949
IP address blocks: 14.102.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:07:0a:59:ac:07:3c:2e:82:51:fe:44:22:f8:75:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Feb 10 13:23:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0239ad295b21167e22e68b9d85ff7fbd6980becc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:13:58:c9:7a:b8:12:44:e0:cb:f9:6a:8a:6e:
8e:f7:9a:5a:84:18:8f:19:e9:ae:7e:b3:2e:51:aa:
e7:11:e6:d5:41:99:3d:92:95:a1:c7:be:51:8e:24:
2e:b0:cb:dd:d8:21:f8:6c:4a:cd:15:01:b9:3e:1c:
26:f2:15:d6:97:c7:84:c7:98:43:27:8a:08:cb:e6:
16:0c:e2:78:6e:c7:1a:a4:5c:3d:ad:5f:61:4c:4b:
43:09:5f:64:6a:11:54:09:88:6d:c4:54:f9:03:10:
8a:fe:41:a2:4f:3c:f9:81:42:e9:cf:8b:37:4a:d2:
2b:42:41:cf:a5:72:4c:4d:35:a0:16:2b:3c:2d:1c:
5a:48:a2:58:6c:39:cc:e7:73:c3:ea:7f:b4:bd:94:
bc:47:3f:21:4c:12:07:d3:90:7c:65:4d:62:42:d0:
67:c6:15:b2:77:a3:61:d0:6c:f3:d0:f5:00:23:3b:
a3:dc:c1:a2:3f:19:ec:f5:f5:c5:94:73:85:2b:11:
3f:3f:34:19:5d:2d:5d:f0:8f:1e:19:93:29:c8:b7:
a5:10:72:7c:95:d5:b9:9b:7d:3f:bb:cd:c7:fe:27:
ab:53:94:af:0e:9b:b4:6d:90:15:84:78:a0:fb:a0:
7c:a5:86:d5:0b:1f:ab:1a:d7:41:ad:b8:25:43:72:
8f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:39:AD:29:5B:21:16:7E:22:E6:8B:9D:85:FF:7F:BD:69:80:BE:CC
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/AjmtKVshFn4i5oudhf9_vWmAvsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.10.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9f:3d:2f:01:b5:ad:83:6e:63:f6:cf:ea:5d:67:c3:d3:af:
a4:18:d4:0a:89:88:20:2d:4b:1d:70:bf:c9:de:84:1b:71:e0:
98:fc:97:23:37:e3:ce:f8:1b:d3:82:23:fa:62:b5:cb:b7:c7:
92:61:a9:59:b9:87:e3:4f:ef:45:1d:14:ec:54:70:e0:44:fa:
ae:1a:40:db:a3:a0:de:1e:d1:73:f7:58:b8:8e:8b:ef:53:44:
2f:63:21:4e:ae:3c:20:6c:c5:2a:a7:60:e4:82:11:4c:68:1b:
79:dd:86:44:d1:0d:a1:af:de:54:a4:1b:3e:a3:93:e3:36:23:
5e:78:31:46:30:5a:55:9e:e3:29:d3:5c:05:bc:5e:51:5b:e4:
96:b9:06:08:65:66:47:5b:a3:56:4c:cc:16:89:60:03:0b:37:
75:a9:67:2b:df:c6:0d:3b:96:80:82:f8:2d:b7:81:44:68:07:
28:9c:ac:fc:d8:09:bc:21:ea:a8:7e:1f:3f:2a:27:e9:81:8f:
bd:6a:8e:7d:ef:18:f4:f4:fb:74:f3:d1:b2:57:97:f1:28:ff:
62:02:9d:31:ff:38:fb:32:a8:b7:0e:65:ef:5a:2f:e8:83:69:
eb:06:cc:30:02:c3:8a:b1:89:42:fa:57:f6:70:ba:4a:6b:ac:
38:14:2d:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTwBwpZrAc8LoJR/kQi+HXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjUwMjEwMTMyMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM5YWQyOTViMjExNjdlMjJlNjhiOWQ4NWZmN2ZiZDY5ODBiZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxNYyXq4EkTgy/lqim6O95pahBiP
GemufrMuUarnEebVQZk9kpWhx75RjiQusMvd2CH4bErNFQG5Phwm8hXWl8eEx5hD
J4oIy+YWDOJ4bscapFw9rV9hTEtDCV9kahFUCYhtxFT5AxCK/kGiTzz5gULpz4s3
StIrQkHPpXJMTTWgFis8LRxaSKJYbDnM53PD6n+0vZS8Rz8hTBIH05B8ZU1iQtBn
xhWyd6Nh0Gzz0PUAIzuj3MGiPxns9fXFlHOFKxE/PzQZXS1d8I8eGZMpyLelEHJ8
ldW5m30/u83H/ierU5SvDpu0bZAVhHig+6B8pYbVCx+rGtdBrbglQ3KP0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI5rSlbIRZ+IuaLnYX/f71pgL7MMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvQWptdEtWc2hGbjRpNW91ZGhmOV92V21BdnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmYKMA0G
CSqGSIb3DQEBCwUAA4IBAQAPnz0vAbWtg25j9s/qXWfD06+kGNQKiYggLUsdcL/J
3oQbceCY/JcjN+PO+BvTgiP6YrXLt8eSYalZuYfjT+9FHRTsVHDgRPquGkDbo6De
HtFz91i4jovvU0QvYyFOrjwgbMUqp2DkghFMaBt53YZE0Q2hr95UpBs+o5PjNiNe
eDFGMFpVnuMp01wFvF5RW+SWuQYIZWZHW6NWTMwWiWADCzd1qWcr38YNO5aAgvgt
t4FEaAconKz82Am8Ieqofh8/KifpgY+9ao597xj09Pt089GyV5fxKP9iAp0x/zj7
Mqi3DmXvWi/og2nrBswwAsOKsYlC+lf2cLpKa6w4FC1r
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:33:16 2025 by rpki-client