Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f58e8a-6227-4d07-ac59-76ed5cb0e022/1/w5D1yX-tZICiSwFR7jL3CytqOn4.roa
File: w5D1yX-tZICiSwFR7jL3CytqOn4.roa (raw, json)
Hash identifier: 2NNJMvsHwacMFGzvYSwe5becAnCEvkEVPVyFOuRSFjk=
Subject key identifier: C3:90:F5:C9:7F:AD:64:80:A2:4B:01:51:EE:32:F7:0B:2B:6A:3A:7E
Certificate issuer: /CN=5e231df87bdfe227a7e5e419340370bab301e279
Certificate serial: 01942747B5D749168CD10DBBDA2B33EE8E9C
Authority key identifier: 5E:23:1D:F8:7B:DF:E2:27:A7:E5:E4:19:34:03:70:BA:B3:01:E2:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiMd-Hvf4ien5eQZNANwurMB4nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f58e8a-6227-4d07-ac59-76ed5cb0e022/1/w5D1yX-tZICiSwFR7jL3CytqOn4.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 5.23.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b5:d7:49:16:8c:d1:0d:bb:da:2b:33:ee:8e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e231df87bdfe227a7e5e419340370bab301e279
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c390f5c97fad6480a24b0151ee32f70b2b6a3a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4a:f6:cb:45:78:f4:f0:77:48:37:09:7b:40:
8e:2f:b2:7e:25:73:74:cb:78:ff:91:c9:89:f6:e7:
2e:ca:69:a5:f9:fd:1e:d8:19:e6:7f:da:e8:a3:f4:
1e:36:83:c4:37:3c:74:c1:32:9f:5a:68:d0:ce:32:
37:c0:e1:72:93:ff:19:23:2a:ff:74:4f:ab:be:c1:
7b:8c:92:ef:d8:32:c1:79:06:40:33:96:77:73:af:
b3:5e:97:b5:8a:1b:79:c4:7f:6f:2d:c1:6f:ac:f0:
41:26:fe:40:85:ff:b4:5a:cc:58:65:4a:89:1c:8e:
74:b2:91:c0:d9:9b:c7:8c:c1:6a:2d:78:b7:d9:69:
72:5c:63:f5:c6:bb:35:6b:4f:61:b7:de:1f:e4:1c:
ea:5e:3f:d6:d1:55:92:fd:7e:e9:6a:95:c6:37:15:
33:44:1f:21:0c:a1:7a:be:b6:a9:18:f7:5c:97:38:
59:89:d7:35:d2:c2:2d:40:1e:21:df:0e:ad:7c:1b:
e0:84:e3:27:65:ed:94:ac:fb:3c:1a:4f:70:10:f0:
35:b7:91:0b:50:3e:4b:c1:ca:cf:fe:fb:96:ed:18:
f8:27:19:2a:15:56:da:77:71:6c:f8:df:c0:77:ec:
d8:a2:e1:17:92:8a:44:55:48:ad:f4:f7:f1:3a:88:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:90:F5:C9:7F:AD:64:80:A2:4B:01:51:EE:32:F7:0B:2B:6A:3A:7E
X509v3 Authority Key Identifier:
keyid:5E:23:1D:F8:7B:DF:E2:27:A7:E5:E4:19:34:03:70:BA:B3:01:E2:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiMd-Hvf4ien5eQZNANwurMB4nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f58e8a-6227-4d07-ac59-76ed5cb0e022/1/w5D1yX-tZICiSwFR7jL3CytqOn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f58e8a-6227-4d07-ac59-76ed5cb0e022/1/XiMd-Hvf4ien5eQZNANwurMB4nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.34.0/24
Signature Algorithm: sha256WithRSAEncryption
57:57:a3:35:b5:06:f0:34:d2:32:d0:45:d7:d5:50:40:b3:b4:
fa:bd:97:e0:f4:3f:1f:a4:3d:5b:2d:56:20:6c:15:6f:96:48:
dd:c4:6b:fe:63:b9:ef:ae:5f:7c:ef:da:e6:ec:1f:d5:e7:c9:
ea:5e:f6:82:ba:87:24:f0:0e:1a:25:10:5d:69:9f:ea:4f:34:
63:48:44:53:a8:82:1b:86:c4:41:79:aa:9e:60:32:bc:04:98:
0f:2a:32:0a:56:5a:3c:df:e7:1f:11:e2:e4:32:fd:8f:ee:dc:
aa:c5:2a:b1:df:34:35:46:8c:5f:81:3e:0a:99:00:d2:97:f0:
0c:2f:71:96:ee:fa:b9:2d:1d:99:3c:93:16:ed:c3:0f:1f:a7:
cc:cc:6b:5f:2d:91:9c:d0:13:ad:57:18:f0:04:db:ed:da:d2:
37:2c:3d:94:b9:cb:f3:18:9a:7f:b3:0c:4f:36:fa:d6:be:ae:
e4:8b:27:b3:d4:3d:23:f1:a1:90:aa:ca:93:03:da:3f:02:1f:
d5:f5:9c:ce:89:b5:c9:3b:eb:f3:3f:17:51:a5:fd:8c:19:32:
b3:22:a4:54:cb:23:dc:a4:32:cf:08:2e:45:eb:60:0d:28:dc:
db:85:22:f1:7b:22:3c:67:ef:28:53:57:8a:b0:de:4a:d6:21:
fa:a5:44:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR7XXSRaM0Q272isz7o6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjMxZGY4N2JkZmUyMjdhN2U1ZTQxOTM0MDM3MGJhYjMw
MWUyNzkwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzkwZjVjOTdmYWQ2NDgwYTI0YjAxNTFlZTMyZjcwYjJiNmEzYTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUr2y0V49PB3SDcJe0COL7J+JXN0
y3j/kcmJ9ucuymml+f0e2Bnmf9roo/QeNoPENzx0wTKfWmjQzjI3wOFyk/8ZIyr/
dE+rvsF7jJLv2DLBeQZAM5Z3c6+zXpe1iht5xH9vLcFvrPBBJv5Ahf+0WsxYZUqJ
HI50spHA2ZvHjMFqLXi32WlyXGP1xrs1a09ht94f5BzqXj/W0VWS/X7papXGNxUz
RB8hDKF6vrapGPdclzhZidc10sItQB4h3w6tfBvghOMnZe2UrPs8Gk9wEPA1t5EL
UD5LwcrP/vuW7Rj4JxkqFVbad3Fs+N/Ad+zYouEXkopEVUit9PfxOoixeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOQ9cl/rWSAoksBUe4y9wsrajp+MB8GA1UdIwQY
MBaAFF4jHfh73+Inp+XkGTQDcLqzAeJ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlNZC1IdmY0aWVuNWVRWk5BTnd1ck1CNG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mNThlOGEtNjIyNy00ZDA3LWFjNTkt
NzZlZDVjYjBlMDIyLzEvdzVEMXlYLXRaSUNpU3dGUjdqTDNDeXRxT240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mNThlOGEtNjIyNy00ZDA3LWFjNTktNzZlZDVjYjBlMDIy
LzEvWGlNZC1IdmY0aWVuNWVRWk5BTnd1ck1CNG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABRciMA0G
CSqGSIb3DQEBCwUAA4IBAQBXV6M1tQbwNNIy0EXX1VBAs7T6vZfg9D8fpD1bLVYg
bBVvlkjdxGv+Y7nvrl9879rm7B/V58nqXvaCuock8A4aJRBdaZ/qTzRjSERTqIIb
hsRBeaqeYDK8BJgPKjIKVlo83+cfEeLkMv2P7tyqxSqx3zQ1RoxfgT4KmQDSl/AM
L3GW7vq5LR2ZPJMW7cMPH6fMzGtfLZGc0BOtVxjwBNvt2tI3LD2UucvzGJp/swxP
NvrWvq7kiyez1D0j8aGQqsqTA9o/Ah/V9ZzOibXJO+vzPxdRpf2MGTKzIqRUyyPc
pDLPCC5F62ANKNzbhSLxeyI8Z+8oU1eKsN5K1iH6pUTw
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:08:53 2025 by rpki-client