Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/2KdZsJushb07kcMeFnc8MMwMC5Y.roa
File: 2KdZsJushb07kcMeFnc8MMwMC5Y.roa (raw, json)
Hash identifier: TmMKxicyDvZF7TEM5s47CXYpekAzMj99DAe9c0D0BkU=
Subject key identifier: D8:A7:59:B0:9B:AC:85:BD:3B:91:C3:1E:16:77:3C:30:CC:0C:0B:96
Certificate issuer: /CN=3545a7200164912041bb931efb1feac123b43a18
Certificate serial: 0189208F50DAF0FFD457186BB5DC54A58EE9
Authority key identifier: 35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/2KdZsJushb07kcMeFnc8MMwMC5Y.roa
Signing time: Tue 04 Jul 2023 11:00:10 +0000
ROA not before: Tue 04 Jul 2023 11:00:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8426
IP address blocks: 5.253.180.0/24 maxlen: 24
2a09:58c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:8f:50:da:f0:ff:d4:57:18:6b:b5:dc:54:a5:8e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3545a7200164912041bb931efb1feac123b43a18
Validity
Not Before: Jul 4 11:00:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8a759b09bac85bd3b91c31e16773c30cc0c0b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:85:be:75:86:2a:48:fb:de:04:19:70:58:ca:
07:ac:54:f5:57:63:3d:9d:b9:bc:15:51:ba:cb:35:
1c:03:7e:5d:da:fc:66:63:d7:9d:4c:0d:19:ed:08:
c1:8f:c6:f4:2a:9d:f9:c9:5e:05:47:dc:4a:b7:fc:
c8:24:f1:d3:fd:a9:c2:93:91:ae:42:6a:22:af:c2:
7a:28:b4:28:6a:87:3b:d7:2f:76:73:9b:08:aa:7e:
a7:fd:74:45:7f:ac:33:63:5b:7f:ac:0f:02:4b:18:
65:19:9b:5d:10:67:03:00:04:12:7b:41:3c:4f:fa:
83:0f:8d:43:70:e4:89:ee:57:f1:cd:26:68:d8:fc:
d2:a3:80:8d:73:a0:ca:9c:dc:eb:08:36:b6:1a:d6:
8e:9c:85:f7:92:50:24:54:61:1c:f3:0f:4d:7b:14:
88:26:49:dd:a1:64:0a:94:46:3e:74:65:96:df:4a:
29:ba:c3:ed:85:8b:df:5d:a1:be:78:9b:dd:ee:08:
c4:ce:b7:21:4f:59:d6:e6:1d:1e:aa:a8:a5:cb:a2:
bf:3a:5e:d2:fe:4a:5d:20:36:16:dd:8d:f0:65:18:
b2:ab:bf:d8:89:e5:58:c8:63:3c:dd:fa:4f:22:67:
7f:43:35:53:04:a8:e4:71:8b:92:d2:eb:74:4d:45:
f9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A7:59:B0:9B:AC:85:BD:3B:91:C3:1E:16:77:3C:30:CC:0C:0B:96
X509v3 Authority Key Identifier:
keyid:35:45:A7:20:01:64:91:20:41:BB:93:1E:FB:1F:EA:C1:23:B4:3A:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/2KdZsJushb07kcMeFnc8MMwMC5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/59c4b8-87f4-4f2f-a449-aabb062e40db/1/NUWnIAFkkSBBu5Me-x_qwSO0Ohg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.180.0/24
IPv6:
2a09:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
af:4f:4d:07:d9:c3:73:5f:18:c7:4b:b1:3a:77:70:ea:04:b1:
cb:36:66:e0:e2:0e:02:c4:9e:7a:2d:9a:32:b2:a1:da:4b:f7:
02:8c:ed:f5:d5:e4:ca:92:fb:64:c5:91:04:25:6c:17:ad:f7:
b6:01:9f:1e:c5:68:f4:a8:74:f5:1e:39:ce:2e:82:4f:08:fe:
3c:59:b4:77:25:19:d9:73:a7:1f:24:05:d2:36:5e:e9:48:8c:
22:bf:07:77:f1:89:e1:cb:3a:35:83:ef:82:28:7f:5d:18:70:
a4:49:bd:4b:81:a4:e4:20:30:29:b5:5e:49:e1:32:34:21:4b:
12:13:1b:c7:5f:34:75:24:98:b9:34:fd:27:37:9e:c7:f0:32:
2d:5e:f1:d2:40:78:dd:b4:b8:7a:76:41:52:d4:fb:c8:f8:1c:
f2:7e:58:f9:11:d5:8d:13:22:0f:26:43:c9:28:4b:a0:c8:ae:
d8:c7:15:14:c8:3e:79:30:0e:17:66:61:98:e3:df:70:b7:7f:
1a:30:8e:8f:b2:cc:eb:81:55:f2:ca:bf:67:87:0d:51:9f:78:
f6:1b:7c:b7:bf:05:1d:83:02:05:bd:b1:8d:db:1c:be:07:c8:
4d:2b:de:d9:18:18:f1:a3:a4:9c:c3:e9:c6:e3:af:45:b8:a8:
7e:77:fc:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYkgj1Da8P/UVxhrtdxUpY7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDVhNzIwMDE2NDkxMjA0MWJiOTMxZWZiMWZlYWMxMjNi
NDNhMTgwHhcNMjMwNzA0MTEwMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE3NTliMDliYWM4NWJkM2I5MWMzMWUxNjc3M2MzMGNjMGMwYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoW+dYYqSPveBBlwWMoHrFT1V2M9
nbm8FVG6yzUcA35d2vxmY9edTA0Z7QjBj8b0Kp35yV4FR9xKt/zIJPHT/anCk5Gu
Qmoir8J6KLQoaoc71y92c5sIqn6n/XRFf6wzY1t/rA8CSxhlGZtdEGcDAAQSe0E8
T/qDD41DcOSJ7lfxzSZo2PzSo4CNc6DKnNzrCDa2GtaOnIX3klAkVGEc8w9NexSI
JkndoWQKlEY+dGWW30opusPthYvfXaG+eJvd7gjEzrchT1nW5h0eqqily6K/Ol7S
/kpdIDYW3Y3wZRiyq7/YieVYyGM83fpPImd/QzVTBKjkcYuS0ut0TUX5BQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNinWbCbrIW9O5HDHhZ3PDDMDAuWMB8GA1UdIwQY
MBaAFDVFpyABZJEgQbuTHvsf6sEjtDoYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDkt
YWFiYjA2MmU0MGRiLzEvMktkWnNKdXNoYjA3a2NNZUZuYzhNTXdNQzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81OWM0YjgtODdmNC00ZjJmLWE0NDktYWFiYjA2MmU0MGRi
LzEvTlVXbklBRmtrU0JCdTVNZS14X3F3U08wT2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABf20MA8E
AgACMAkDBwAqCVjAAAAwDQYJKoZIhvcNAQELBQADggEBAK9PTQfZw3NfGMdLsTp3
cOoEscs2ZuDiDgLEnnotmjKyodpL9wKM7fXV5MqS+2TFkQQlbBet97YBnx7FaPSo
dPUeOc4ugk8I/jxZtHclGdlzpx8kBdI2XulIjCK/B3fxieHLOjWD74Iof10YcKRJ
vUuBpOQgMCm1XknhMjQhSxITG8dfNHUkmLk0/Sc3nsfwMi1e8dJAeN20uHp2QVLU
+8j4HPJ+WPkR1Y0TIg8mQ8koS6DIrtjHFRTIPnkwDhdmYZjj33C3fxowjo+yzOuB
VfLKv2eHDVGfePYbfLe/BR2DAgW9sY3bHL4HyE0r3tkYGPGjpJzD6cbjr0W4qH53
/FY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:00:28 2025 by rpki-client