Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/y1lINwCoifyovhdAeAf2rHi3ZHU.roa
File: y1lINwCoifyovhdAeAf2rHi3ZHU.roa (raw, json)
Hash identifier: wdFrAh4YUjbnThTYrymA+tW+SWC0S+T+ZCRyXfvs7nw=
Subject key identifier: CB:59:48:37:00:A8:89:FC:A8:BE:17:40:78:07:F6:AC:78:B7:64:75
Certificate issuer: /CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Certificate serial: 01942444D111272B190B0183207BFA8BF3E0
Authority key identifier: 08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/y1lINwCoifyovhdAeAf2rHi3ZHU.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49820
IP address blocks: 5.35.176.0/21 maxlen: 21
2a10:87c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d1:11:27:2b:19:0b:01:83:20:7b:fa:8b:f3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089bbb09a5fbef6135c2d920bf27bb61f5c2e09d
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb59483700a889fca8be17407807f6ac78b76475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4b:01:09:f4:3b:39:1f:a4:7c:ae:79:67:64:
b8:05:d3:db:56:64:d7:e4:d6:aa:91:79:29:8e:a4:
eb:45:bc:37:7a:9a:d0:72:41:41:a7:91:1a:a5:73:
df:8e:c7:24:a0:a2:2a:a6:e8:bc:1b:ee:9f:cc:94:
5c:a1:df:0a:b8:a1:05:d7:0b:18:e2:fd:cf:ac:a0:
3d:b0:33:4d:19:a1:f2:68:86:74:38:45:c0:70:c0:
8d:60:41:f1:22:26:a1:12:9d:41:03:54:82:38:6e:
1e:15:39:f6:0c:20:d6:b6:83:f9:56:2d:8d:68:1e:
af:1d:a9:18:c6:7e:4a:09:90:79:5d:e7:49:f4:87:
25:86:b7:f9:ac:b0:61:68:f2:1c:e4:a7:5c:52:be:
47:e8:26:f9:ae:55:9d:9b:49:4a:e4:a0:ae:28:e6:
10:64:ce:31:98:18:36:90:71:80:84:d1:8d:53:97:
4b:05:d3:1b:0f:52:35:18:c2:5a:5c:19:93:85:9a:
c2:45:bf:f9:93:92:58:33:51:52:5c:45:45:c2:15:
48:05:7e:c7:6d:e5:6b:dd:f1:da:fc:71:94:33:e8:
81:de:63:fd:a4:ce:24:2e:90:f4:97:ed:75:85:6b:
4f:35:b3:02:47:50:88:51:2e:59:71:46:f0:1b:7d:
7e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:59:48:37:00:A8:89:FC:A8:BE:17:40:78:07:F6:AC:78:B7:64:75
X509v3 Authority Key Identifier:
keyid:08:9B:BB:09:A5:FB:EF:61:35:C2:D9:20:BF:27:BB:61:F5:C2:E0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJu7CaX772E1wtkgvye7YfXC4J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/y1lINwCoifyovhdAeAf2rHi3ZHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/5ccb8f-5148-4706-a040-2f9b00fdc5d3/1/CJu7CaX772E1wtkgvye7YfXC4J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.176.0/21
IPv6:
2a10:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:0a:ab:4f:e3:33:74:81:e1:af:7d:35:d1:b8:b2:d8:d7:b0:
8e:4f:bc:16:94:e7:b3:ec:55:07:11:c1:4c:0d:6f:f7:a9:6e:
e2:c6:dd:ad:14:09:18:07:8f:1a:8f:e5:42:12:ff:e2:76:e7:
5b:51:df:d1:07:8f:46:0f:8e:bb:5e:89:91:df:42:65:2d:2d:
5e:40:b3:ef:7a:ab:65:13:17:17:1c:50:a2:a7:54:80:92:b1:
1c:11:87:76:bf:48:db:7b:96:83:e9:f5:17:7a:3a:a6:b5:23:
77:00:d4:90:e6:72:4d:2e:83:82:19:64:c5:c3:02:80:28:2e:
6b:64:a9:66:6d:b1:c1:eb:d6:ae:52:b0:e3:82:36:a7:b5:17:
c0:8d:5d:b7:c6:8e:40:f8:17:a3:46:66:62:d7:95:7a:13:71:
f2:17:f4:b3:ee:f5:76:38:c4:0c:eb:3f:d2:a9:6f:a8:07:99:
e2:3c:54:f4:de:da:6c:48:04:58:83:71:1d:cd:42:26:fc:c3:
ae:12:c8:38:c7:7e:1f:94:1f:29:40:3e:c1:b9:64:0c:f2:4d:
b2:34:aa:ae:9f:27:c9:65:c5:4e:15:5b:dd:fb:9e:9d:ba:72:
75:d3:30:f8:1f:6f:e8:f1:72:ce:b4:48:2f:5a:5d:93:b3:73:
4d:92:66:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRNERJysZCwGDIHv6i/PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWJiYjA5YTVmYmVmNjEzNWMyZDkyMGJmMjdiYjYxZjVj
MmUwOWQwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU5NDgzNzAwYTg4OWZjYThiZTE3NDA3ODA3ZjZhYzc4Yjc2NDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+EsBCfQ7OR+kfK55Z2S4BdPbVmTX
5NaqkXkpjqTrRbw3eprQckFBp5EapXPfjsckoKIqpui8G+6fzJRcod8KuKEF1wsY
4v3PrKA9sDNNGaHyaIZ0OEXAcMCNYEHxIiahEp1BA1SCOG4eFTn2DCDWtoP5Vi2N
aB6vHakYxn5KCZB5XedJ9Iclhrf5rLBhaPIc5KdcUr5H6Cb5rlWdm0lK5KCuKOYQ
ZM4xmBg2kHGAhNGNU5dLBdMbD1I1GMJaXBmThZrCRb/5k5JYM1FSXEVFwhVIBX7H
beVr3fHa/HGUM+iB3mP9pM4kLpD0l+11hWtPNbMCR1CIUS5ZcUbwG31+HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtZSDcAqIn8qL4XQHgH9qx4t2R1MB8GA1UdIwQY
MBaAFAibuwml++9hNcLZIL8nu2H1wuCdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAt
MmY5YjAwZmRjNWQzLzEveTFsSU53Q29pZnlvdmhkQWVBZjJySGkzWkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC81Y2NiOGYtNTE0OC00NzA2LWEwNDAtMmY5YjAwZmRjNWQz
LzEvQ0p1N0NhWDc3MkUxd3RrZ3Z5ZTdZZlhDNEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSOwMA0E
AgACMAcDBQMqEIfAMA0GCSqGSIb3DQEBCwUAA4IBAQABCqtP4zN0geGvfTXRuLLY
17COT7wWlOez7FUHEcFMDW/3qW7ixt2tFAkYB48aj+VCEv/idudbUd/RB49GD467
XomR30JlLS1eQLPveqtlExcXHFCip1SAkrEcEYd2v0jbe5aD6fUXejqmtSN3ANSQ
5nJNLoOCGWTFwwKAKC5rZKlmbbHB69auUrDjgjantRfAjV23xo5A+BejRmZi15V6
E3HyF/Sz7vV2OMQM6z/SqW+oB5niPFT03tpsSARYg3EdzUIm/MOuEsg4x34flB8p
QD7BuWQM8k2yNKqunyfJZcVOFVvd+56dunJ10zD4H2/o8XLOtEgvWl2Ts3NNkmbk
-----END CERTIFICATE-----
Generated at Fri Apr 25 20:00:03 2025 by rpki-client