Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/218311-4443-416f-99b6-badd619cf342/1/pdMxNSRSXsUBzdPnhdWMVJ8hZf0.roa
File: pdMxNSRSXsUBzdPnhdWMVJ8hZf0.roa (raw, json)
Hash identifier: CdCZBcmmvUUakh/OV0PugoB9tXDGiBYekQDnmGzW8Kk=
Subject key identifier: A5:D3:31:35:24:52:5E:C5:01:CD:D3:E7:85:D5:8C:54:9F:21:65:FD
Certificate issuer: /CN=55b1f12ad2c470d8af372c58f4904e4c9fb684b5
Certificate serial: 01856DA667E4FBED47417ED93EED2964D02B
Authority key identifier: 55:B1:F1:2A:D2:C4:70:D8:AF:37:2C:58:F4:90:4E:4C:9F:B6:84:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbHxKtLEcNivNyxY9JBOTJ-2hLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/218311-4443-416f-99b6-badd619cf342/1/pdMxNSRSXsUBzdPnhdWMVJ8hZf0.roa
Signing time: Sun 01 Jan 2023 14:05:00 +0000
ROA not before: Sun 01 Jan 2023 14:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44285
IP address blocks: 5.1.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:67:e4:fb:ed:47:41:7e:d9:3e:ed:29:64:d0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b1f12ad2c470d8af372c58f4904e4c9fb684b5
Validity
Not Before: Jan 1 14:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5d3313524525ec501cdd3e785d58c549f2165fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:4a:b2:88:71:5c:d6:a0:b8:44:05:22:ef:
c3:06:ce:a2:df:2e:2c:3a:f3:65:e3:d5:48:f5:31:
75:66:48:93:1c:8f:2d:11:58:df:e9:7c:83:11:6f:
4b:77:a8:0e:54:b7:a0:d7:9d:f8:29:d3:20:2a:94:
aa:cc:ea:23:bf:bf:a0:99:5c:56:65:3a:56:11:ab:
27:e1:d6:41:2b:7e:36:e9:bd:3a:15:c7:d4:39:24:
c3:c0:f4:4b:cf:d7:d9:e7:d2:b7:83:d5:0b:bb:a7:
61:c6:28:11:94:e0:8e:49:9a:f0:55:9a:64:62:75:
3c:ef:a7:0c:57:87:03:ab:a2:6d:2d:66:22:b1:84:
92:39:62:f8:77:eb:c9:72:10:92:e4:92:f6:9a:10:
a6:d8:28:45:1e:51:b9:84:b5:a1:b2:29:be:15:49:
45:29:f7:37:04:ed:45:28:d2:c6:f7:39:2d:a5:38:
7b:c1:10:7b:89:ab:38:4c:ce:9f:b5:29:dc:05:2d:
41:f6:d6:a0:21:5c:63:83:6d:88:4e:f7:3e:60:66:
1d:1e:2b:7d:f9:54:ab:2a:36:fa:7a:04:30:e0:b3:
31:93:01:26:c4:42:d5:8a:08:46:fa:4d:7b:73:83:
de:7f:36:9a:c3:1d:38:10:89:d1:3e:49:63:51:4f:
58:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D3:31:35:24:52:5E:C5:01:CD:D3:E7:85:D5:8C:54:9F:21:65:FD
X509v3 Authority Key Identifier:
keyid:55:B1:F1:2A:D2:C4:70:D8:AF:37:2C:58:F4:90:4E:4C:9F:B6:84:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbHxKtLEcNivNyxY9JBOTJ-2hLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/218311-4443-416f-99b6-badd619cf342/1/pdMxNSRSXsUBzdPnhdWMVJ8hZf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/218311-4443-416f-99b6-badd619cf342/1/VbHxKtLEcNivNyxY9JBOTJ-2hLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:37:3d:be:3f:3e:69:1a:c9:c4:2e:88:2b:f8:cf:d9:03:e5:
cc:93:68:20:c6:1a:8b:3f:6d:39:6c:dd:3a:30:38:89:57:8f:
d3:60:2e:15:43:fe:20:f8:e0:9e:4c:c1:8f:f9:d0:d9:51:d4:
80:71:4a:3c:08:1c:f9:68:b1:31:7b:97:82:44:ce:1a:4f:e2:
18:0a:36:95:fc:a9:9a:44:fa:00:d5:13:80:08:66:2b:14:24:
d3:1d:f9:84:c7:35:c9:52:83:58:4f:8e:23:d5:da:1a:9b:31:
24:51:89:1c:f3:d1:24:96:97:41:1a:d1:39:8a:78:ad:75:a1:
24:b9:79:67:59:44:ae:53:3a:60:50:dc:5e:58:c3:ff:06:f1:
e3:96:b8:99:ca:4f:00:67:e8:7f:c9:ef:6b:a1:f3:67:c2:eb:
4d:c4:1f:f2:23:db:43:51:76:08:24:55:96:4a:6e:58:95:6a:
a0:65:26:92:66:b7:89:bd:52:57:11:d3:d2:9f:40:d1:f9:a0:
3a:df:8b:95:73:3e:fd:bb:1c:16:2e:56:1b:94:33:d6:ec:d9:
c2:72:6c:f3:46:dc:1a:d2:b1:9a:b6:50:0e:d7:3e:26:93:5f:
6b:1d:52:72:9a:6e:fd:41:35:16:b3:1f:5e:64:4a:f2:0d:1c:
cd:13:dc:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpmfk++1HQX7ZPu0pZNArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjFmMTJhZDJjNDcwZDhhZjM3MmM1OGY0OTA0ZTRjOWZi
Njg0YjUwHhcNMjMwMTAxMTQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQzMzEzNTI0NTI1ZWM1MDFjZGQzZTc4NWQ1OGM1NDlmMjE2NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUJKsohxXNaguEQFIu/DBs6i3y4s
OvNl49VI9TF1ZkiTHI8tEVjf6XyDEW9Ld6gOVLeg1534KdMgKpSqzOojv7+gmVxW
ZTpWEasn4dZBK3426b06FcfUOSTDwPRLz9fZ59K3g9ULu6dhxigRlOCOSZrwVZpk
YnU876cMV4cDq6JtLWYisYSSOWL4d+vJchCS5JL2mhCm2ChFHlG5hLWhsim+FUlF
Kfc3BO1FKNLG9zktpTh7wRB7ias4TM6ftSncBS1B9tagIVxjg22ITvc+YGYdHit9
+VSrKjb6egQw4LMxkwEmxELVighG+k17c4Pefzaawx04EInRPkljUU9YwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXTMTUkUl7FAc3T54XVjFSfIWX9MB8GA1UdIwQY
MBaAFFWx8SrSxHDYrzcsWPSQTkyftoS1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJIeEt0TEVjTml2Tnl4WTlKQk9USi0yaExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8yMTgzMTEtNDQ0My00MTZmLTk5YjYt
YmFkZDYxOWNmMzQyLzEvcGRNeE5TUlNYc1VCemRQbmhkV01WSjhoWmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8yMTgzMTEtNDQ0My00MTZmLTk5YjYtYmFkZDYxOWNmMzQy
LzEvVmJIeEt0TEVjTml2Tnl4WTlKQk9USi0yaExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQErMA0G
CSqGSIb3DQEBCwUAA4IBAQC7Nz2+Pz5pGsnELogr+M/ZA+XMk2ggxhqLP205bN06
MDiJV4/TYC4VQ/4g+OCeTMGP+dDZUdSAcUo8CBz5aLExe5eCRM4aT+IYCjaV/Kma
RPoA1ROACGYrFCTTHfmExzXJUoNYT44j1doamzEkUYkc89EklpdBGtE5initdaEk
uXlnWUSuUzpgUNxeWMP/BvHjlriZyk8AZ+h/ye9rofNnwutNxB/yI9tDUXYIJFWW
Sm5YlWqgZSaSZreJvVJXEdPSn0DR+aA634uVcz79uxwWLlYblDPW7NnCcmzzRtwa
0rGatlAO1z4mk19rHVJymm79QTUWsx9eZEryDRzNE9zr
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:06:09 2025 by rpki-client