Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/5K2zlrIHADlFytOUhc54zx-uCAw.roa
File: 5K2zlrIHADlFytOUhc54zx-uCAw.roa (raw, json)
Hash identifier: VJ3nEApsPTUcM1XeIb75bGQ+CbjZ/H8pdnWKdP3UYOg=
Subject key identifier: E4:AD:B3:96:B2:07:00:39:45:CA:D3:94:85:CE:78:CF:1F:AE:08:0C
Certificate issuer: /CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f
Certificate serial: 019426D93911EBB7D2611AB698678050DB88
Authority key identifier: 70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/5K2zlrIHADlFytOUhc54zx-uCAw.roa
Signing time: Thu 02 Jan 2025 11:49:17 +0000
ROA not before: Thu 02 Jan 2025 11:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29003
IP address blocks: 192.162.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:39:11:eb:b7:d2:61:1a:b6:98:67:80:50:db:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70a0b5aca731ea71f26d63d23c22c123b2bb120f
Validity
Not Before: Jan 2 11:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4adb396b207003945cad39485ce78cf1fae080c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:81:f0:b5:d7:4a:f9:0b:11:f8:1b:93:61:23:
6c:ce:1d:2b:64:ff:4e:ce:49:54:96:34:d3:7e:8b:
54:a2:17:e4:54:d5:0c:77:9e:6f:8f:a3:62:88:ef:
b2:4b:73:5c:9e:71:3b:a8:75:71:7f:dc:72:96:54:
dd:43:80:84:e1:84:67:55:6d:52:ee:56:43:da:a3:
a4:4e:41:e4:d9:3c:f5:6d:39:7a:31:0f:1b:6c:da:
9a:90:7e:cd:c2:26:2f:41:ff:ba:6e:19:47:15:8d:
0c:8c:5b:71:61:8c:0b:3e:fa:70:4f:ad:85:93:c3:
65:72:0f:2c:62:f1:ed:7e:72:14:87:0c:a4:bb:17:
88:dc:eb:cc:8d:49:4f:29:a1:7a:7a:d2:24:88:67:
b2:db:c5:b8:1b:92:78:2b:92:56:f0:c8:28:1f:1a:
75:ef:d9:bb:1c:8a:51:c8:70:1a:56:60:06:18:89:
27:e6:ac:18:e7:f2:9c:53:dd:68:9f:73:29:c3:d8:
20:ef:96:b3:2b:53:43:e7:86:51:82:d4:d8:bf:25:
37:9f:e7:fd:d9:33:fb:78:37:26:a3:81:40:0a:37:
4d:a7:10:48:be:a3:68:e2:7f:a9:07:bd:a4:ae:4d:
c1:d2:a9:67:e4:7c:fa:20:0e:f0:0d:3a:dd:21:fd:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AD:B3:96:B2:07:00:39:45:CA:D3:94:85:CE:78:CF:1F:AE:08:0C
X509v3 Authority Key Identifier:
keyid:70:A0:B5:AC:A7:31:EA:71:F2:6D:63:D2:3C:22:C1:23:B2:BB:12:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cKC1rKcx6nHybWPSPCLBI7K7Eg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/5K2zlrIHADlFytOUhc54zx-uCAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f649e5-a7cb-4218-93e0-43e31800df0c/1/cKC1rKcx6nHybWPSPCLBI7K7Eg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.17.0/24
Signature Algorithm: sha256WithRSAEncryption
35:27:df:79:e3:37:62:81:88:27:73:b2:0a:ee:68:11:41:dd:
e8:a9:18:56:e9:d8:db:e9:5d:b2:ea:08:ac:9b:4d:3e:0e:15:
73:44:7f:b9:26:c7:a0:f7:07:29:94:71:0c:3d:6e:58:54:69:
65:a1:dd:96:1d:1f:85:cf:a5:8c:eb:3a:1d:48:4b:99:d6:40:
aa:67:a2:4b:eb:52:ac:d9:58:48:20:a6:fe:d2:74:f6:7b:4d:
d8:af:52:4a:28:d6:0f:aa:15:5f:9b:75:be:9b:4b:c7:66:e9:
53:b7:bd:d8:41:cc:31:7c:4e:1f:25:4f:ff:c1:a1:5b:8c:e4:
f9:c3:73:9c:46:45:83:f3:2e:dc:0c:2a:8f:3c:d6:e6:47:9b:
c0:70:3b:ff:a5:66:88:aa:b4:fe:8a:c5:62:77:fb:bd:76:de:
00:53:35:c0:1d:f7:1b:db:ae:5d:bc:5a:a9:91:bb:77:e3:24:
8d:12:f8:e5:eb:46:92:91:16:0a:7d:6f:67:0f:f3:a8:09:ba:
04:85:3a:5e:d9:fc:4d:45:d3:33:ad:09:a1:e8:cd:a2:c3:51:
93:84:26:35:18:94:ce:ca:f7:17:81:69:78:aa:dc:2f:33:8d:
ef:55:8c:49:80:29:f0:26:43:02:e2:77:f8:90:1c:15:1f:23:
ad:c7:9b:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2TkR67fSYRq2mGeAUNuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYTBiNWFjYTczMWVhNzFmMjZkNjNkMjNjMjJjMTIzYjJi
YjEyMGYwHhcNMjUwMTAyMTE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFkYjM5NmIyMDcwMDM5NDVjYWQzOTQ4NWNlNzhjZjFmYWUwODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IHwtddK+QsR+BuTYSNszh0rZP9O
zklUljTTfotUohfkVNUMd55vj6NiiO+yS3NcnnE7qHVxf9xyllTdQ4CE4YRnVW1S
7lZD2qOkTkHk2Tz1bTl6MQ8bbNqakH7NwiYvQf+6bhlHFY0MjFtxYYwLPvpwT62F
k8Nlcg8sYvHtfnIUhwykuxeI3OvMjUlPKaF6etIkiGey28W4G5J4K5JW8MgoHxp1
79m7HIpRyHAaVmAGGIkn5qwY5/KcU91on3Mpw9gg75azK1ND54ZRgtTYvyU3n+f9
2TP7eDcmo4FACjdNpxBIvqNo4n+pB72krk3B0qln5Hz6IA7wDTrdIf3mWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOSts5ayBwA5RcrTlIXOeM8frggMMB8GA1UdIwQY
MBaAFHCgtaynMepx8m1j0jwiwSOyuxIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAt
NDNlMzE4MDBkZjBjLzEvNUsyemxySUhBRGxGeXRPVWhjNTR6eC11Q0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNjQ5ZTUtYTdjYi00MjE4LTkzZTAtNDNlMzE4MDBkZjBj
LzEvY0tDMXJLY3g2bkh5YldQU1BDTEJJN0s3RWc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKIRMA0G
CSqGSIb3DQEBCwUAA4IBAQA1J9954zdigYgnc7IK7mgRQd3oqRhW6djb6V2y6gis
m00+DhVzRH+5Jseg9wcplHEMPW5YVGllod2WHR+Fz6WM6zodSEuZ1kCqZ6JL61Ks
2VhIIKb+0nT2e03Yr1JKKNYPqhVfm3W+m0vHZulTt73YQcwxfE4fJU//waFbjOT5
w3OcRkWD8y7cDCqPPNbmR5vAcDv/pWaIqrT+isVid/u9dt4AUzXAHfcb265dvFqp
kbt34ySNEvjl60aSkRYKfW9nD/OoCboEhTpe2fxNRdMzrQmh6M2iw1GThCY1GJTO
yvcXgWl4qtwvM43vVYxJgCnwJkMC4nf4kBwVHyOtx5ug
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:41 2025 by rpki-client