Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/pTyF1JoXYCoZz-KG1JjIibL8xGo.roa
File: pTyF1JoXYCoZz-KG1JjIibL8xGo.roa (raw, json)
Hash identifier: vzl8eNI/EQCwh+OEQbKzF0qaN2Tj+HKQNe77BSYrUas=
Subject key identifier: A5:3C:85:D4:9A:17:60:2A:19:CF:E2:86:D4:98:C8:89:B2:FC:C4:6A
Certificate issuer: /CN=72d1b5cb6fb0423986871ef01e663f365ce0d895
Certificate serial: 01856F1DC1795FD47653BF2B1E27B5F33B52
Authority key identifier: 72:D1:B5:CB:6F:B0:42:39:86:87:1E:F0:1E:66:3F:36:5C:E0:D8:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/pTyF1JoXYCoZz-KG1JjIibL8xGo.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 5.145.32.0/19 maxlen: 24
185.74.128.0/22 maxlen: 22
2a00:d3e0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c1:79:5f:d4:76:53:bf:2b:1e:27:b5:f3:3b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72d1b5cb6fb0423986871ef01e663f365ce0d895
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a53c85d49a17602a19cfe286d498c889b2fcc46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a0:7a:31:dd:4f:57:e0:2c:65:87:ce:9c:6b:
74:05:44:1c:99:74:1d:7a:af:c5:7b:d9:17:56:dc:
bb:04:28:ff:9f:2b:ed:56:ae:ce:56:c8:8c:54:21:
81:e4:fb:fc:42:5f:ea:f6:34:19:78:90:5d:13:63:
fb:14:be:5a:89:93:ef:52:01:3a:d1:ab:3e:a9:6b:
11:a0:85:f8:f9:7a:8b:1a:04:b3:b2:aa:23:ca:7d:
0d:25:90:42:7e:2c:f8:f3:5d:ca:6e:fb:c1:23:49:
ef:2b:be:8a:8a:dc:a7:3f:ac:7f:67:f4:60:96:73:
56:67:53:27:82:ff:92:59:ad:02:ff:c8:3b:77:c3:
ab:77:e1:71:5f:3d:3e:0b:a8:c1:d8:76:72:cb:90:
a5:de:e9:1f:0d:99:35:6a:a8:c6:2a:68:b0:fd:98:
a4:fc:ef:6a:7b:cf:a6:bd:bc:9b:88:db:15:7c:55:
09:47:f2:80:3e:6d:19:9e:d4:92:7d:08:50:48:dc:
fb:e5:56:6f:fc:18:d7:73:c1:d9:fc:1e:59:be:db:
63:08:48:8b:98:d6:d9:3f:9e:96:a6:fd:a1:10:28:
ad:3f:45:0c:8d:22:59:69:ba:bf:71:01:d1:ee:1d:
e0:84:d6:0e:53:f0:ba:f2:dd:07:21:da:f7:76:64:
36:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3C:85:D4:9A:17:60:2A:19:CF:E2:86:D4:98:C8:89:B2:FC:C4:6A
X509v3 Authority Key Identifier:
keyid:72:D1:B5:CB:6F:B0:42:39:86:87:1E:F0:1E:66:3F:36:5C:E0:D8:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/pTyF1JoXYCoZz-KG1JjIibL8xGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.32.0/19
185.74.128.0/22
IPv6:
2a00:d3e0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:90:96:73:6c:9e:3a:ff:d1:5a:1c:6a:6a:86:30:f4:1f:90:
29:32:38:55:85:82:4f:ea:e8:25:46:31:51:33:91:2a:05:fa:
0c:9d:10:3f:a8:f8:1a:be:db:ab:c7:aa:a2:7f:fb:24:81:58:
c8:3b:ea:56:fa:ec:26:da:3a:97:30:bb:20:28:a9:20:c0:1c:
a6:d1:81:f7:74:3e:a5:39:38:ef:d2:c1:ab:6b:52:fb:a8:95:
7f:22:76:92:89:e6:62:56:5c:ab:70:de:9f:44:61:69:22:fb:
0a:f9:95:8d:7c:7a:3e:8e:ca:91:73:ed:44:e5:d6:f3:6c:bc:
fd:8b:2e:53:33:00:a3:f7:23:15:c7:91:37:aa:03:9b:d6:c4:
c1:f0:0c:cf:c0:69:49:a9:e5:57:fe:64:68:ec:0b:35:fb:d8:
ad:f8:14:7c:61:09:a8:4d:5a:2a:e3:e6:a2:7b:c3:42:dd:5c:
79:37:d3:45:80:e9:9c:0a:6e:45:89:4f:75:29:1b:ed:8d:85:
74:5d:04:c9:65:66:91:97:17:2d:c6:5c:71:55:cd:80:2f:e4:
a6:69:99:37:b5:8c:4a:80:83:b3:f9:5e:c3:ad:3f:25:d4:7c:
49:c1:d5:5a:da:7b:fb:ba:2f:ed:7c:09:a1:cc:f5:f1:7d:5e:
f6:d6:3e:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvHcF5X9R2U78rHie18ztSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZDFiNWNiNmZiMDQyMzk4Njg3MWVmMDFlNjYzZjM2NWNl
MGQ4OTUwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTNjODVkNDlhMTc2MDJhMTljZmUyODZkNDk4Yzg4OWIyZmNjNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6B6Md1PV+AsZYfOnGt0BUQcmXQd
eq/Fe9kXVty7BCj/nyvtVq7OVsiMVCGB5Pv8Ql/q9jQZeJBdE2P7FL5aiZPvUgE6
0as+qWsRoIX4+XqLGgSzsqojyn0NJZBCfiz4813KbvvBI0nvK76KitynP6x/Z/Rg
lnNWZ1Mngv+SWa0C/8g7d8Ord+FxXz0+C6jB2HZyy5Cl3ukfDZk1aqjGKmiw/Zik
/O9qe8+mvbybiNsVfFUJR/KAPm0ZntSSfQhQSNz75VZv/BjXc8HZ/B5ZvttjCEiL
mNbZP56Wpv2hECitP0UMjSJZabq/cQHR7h3ghNYOU/C68t0HIdr3dmQ2vQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKU8hdSaF2AqGc/ihtSYyImy/MRqMB8GA1UdIwQY
MBaAFHLRtctvsEI5hoce8B5mPzZc4NiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3RHMXkyLXdRam1HaHg3d0htWV9ObHpnMkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hNjAwZjUtOTQyOC00ODVjLWI0MmUt
NjRkZTM0ZjFmNDY0LzEvcFR5RjFKb1hZQ29aei1LRzFKaklpYkw4eEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hNjAwZjUtOTQyOC00ODVjLWI0MmUtNjRkZTM0ZjFmNDY0
LzEvY3RHMXkyLXdRam1HaHg3d0htWV9ObHpnMkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFBZEgAwQC
uUqAMA0EAgACMAcDBQMqANPgMA0GCSqGSIb3DQEBCwUAA4IBAQA6kJZzbJ46/9Fa
HGpqhjD0H5ApMjhVhYJP6uglRjFRM5EqBfoMnRA/qPgavturx6qif/skgVjIO+pW
+uwm2jqXMLsgKKkgwBym0YH3dD6lOTjv0sGra1L7qJV/InaSieZiVlyrcN6fRGFp
IvsK+ZWNfHo+jsqRc+1E5dbzbLz9iy5TMwCj9yMVx5E3qgOb1sTB8AzPwGlJqeVX
/mRo7As1+9it+BR8YQmoTVoq4+aie8NC3Vx5N9NFgOmcCm5FiU91KRvtjYV0XQTJ
ZWaRlxctxlxxVc2AL+SmaZk3tYxKgIOz+V7DrT8l1HxJwdVa2nv7ui/tfAmhzPXx
fV721j4m
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:24 2025 by rpki-client