Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/Hq4qtu3Hmw7ihPLhHJm0o3HW0ME.roa
File: Hq4qtu3Hmw7ihPLhHJm0o3HW0ME.roa (raw, json)
Hash identifier: cBO4YeU2VYitDB5gOiHBAGdFdmypsOGShw+oH/O7hOQ=
Subject key identifier: 1E:AE:2A:B6:ED:C7:9B:0E:E2:84:F2:E1:1C:99:B4:A3:71:D6:D0:C1
Certificate issuer: /CN=9dc366af6ce0b1a9f60173b14b5fddd7e0b96306
Certificate serial: 019426D9D05C2D10B1900FDD7B638EBD728B
Authority key identifier: 9D:C3:66:AF:6C:E0:B1:A9:F6:01:73:B1:4B:5F:DD:D7:E0:B9:63:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncNmr2zgsan2AXOxS1_d1-C5YwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/Hq4qtu3Hmw7ihPLhHJm0o3HW0ME.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51487
IP address blocks: 5.253.4.0/24 maxlen: 24
5.253.5.0/24 maxlen: 24
5.253.6.0/24 maxlen: 24
5.253.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d0:5c:2d:10:b1:90:0f:dd:7b:63:8e:bd:72:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc366af6ce0b1a9f60173b14b5fddd7e0b96306
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1eae2ab6edc79b0ee284f2e11c99b4a371d6d0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:04:b4:ff:06:3a:0c:9e:ac:fa:f6:59:9c:2a:
8a:11:24:e8:c2:75:f3:25:4e:90:d1:a1:b8:3a:27:
62:e2:7e:af:ff:7e:cd:51:8a:39:01:de:b4:5b:20:
bd:bb:fa:ac:03:13:d1:02:23:98:cf:63:2c:24:a1:
ab:e0:70:dc:1f:c6:63:fb:89:9e:47:a6:4e:eb:68:
04:68:fa:24:37:9f:9e:1a:23:ad:86:74:01:bc:50:
87:47:37:6b:b3:72:8b:75:7b:92:5a:20:16:38:e3:
83:97:02:3f:b7:96:9a:76:1a:2b:3a:b9:3c:cf:87:
fd:04:a8:0d:68:83:03:aa:ae:7f:1d:85:e9:34:ea:
ff:28:cf:90:1f:1b:26:40:ba:40:d6:9e:5b:97:20:
95:e8:ba:13:cb:27:8c:33:05:55:52:a2:cc:dc:3a:
b7:00:ff:b9:4b:9b:a1:39:c9:1f:2f:5e:a6:ef:f5:
27:bc:5e:5e:38:f8:70:23:95:71:f3:55:38:4d:33:
d5:96:38:83:27:9c:47:3f:83:af:11:1b:7e:9b:ef:
18:6c:44:c7:f4:9f:11:a9:e0:7b:ee:c3:ce:3c:c5:
2e:78:16:c8:22:5d:13:47:f0:e4:7d:cb:25:ca:57:
4d:ec:c3:3e:91:ee:de:a0:1c:ad:08:dc:13:cb:45:
fe:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:2A:B6:ED:C7:9B:0E:E2:84:F2:E1:1C:99:B4:A3:71:D6:D0:C1
X509v3 Authority Key Identifier:
keyid:9D:C3:66:AF:6C:E0:B1:A9:F6:01:73:B1:4B:5F:DD:D7:E0:B9:63:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncNmr2zgsan2AXOxS1_d1-C5YwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/Hq4qtu3Hmw7ihPLhHJm0o3HW0ME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/788fcf-60f3-426f-9858-82f476b5cfdb/1/ncNmr2zgsan2AXOxS1_d1-C5YwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.4.0/22
Signature Algorithm: sha256WithRSAEncryption
94:07:e7:3f:38:9c:73:df:ca:38:e7:d6:ff:cc:28:59:1e:13:
8d:82:95:10:ac:73:c8:a6:c4:b3:2d:af:77:0c:ba:21:e0:1a:
a0:09:04:12:44:bb:c9:07:1a:4f:e2:0d:fe:f4:03:04:86:12:
47:a2:05:43:72:dd:de:01:4e:09:98:81:d1:77:ef:e7:b0:37:
41:8b:a4:6d:8c:21:d9:88:a4:60:62:58:8a:9f:ac:96:99:03:
d8:6d:c5:5c:2f:77:da:b4:7d:b1:74:ee:95:49:56:3d:01:8f:
1b:87:f1:94:e3:11:ee:19:96:70:a0:a6:df:02:c0:f7:f9:8c:
19:9f:74:72:35:94:a5:17:b5:cf:54:d3:0d:8b:67:29:c5:14:
0c:b8:e9:f4:c0:0f:24:b6:48:b3:0a:bc:02:f9:fd:ed:9d:c2:
34:c1:f5:e5:4a:05:75:a0:1a:63:e9:36:de:f2:36:1a:ac:f7:
37:9c:a1:f8:3b:5d:59:af:89:2f:43:f5:5a:a7:6d:a9:3a:66:
90:0f:ed:40:44:9a:b1:bc:a2:3c:f2:96:4e:a0:d4:0e:d3:28:
48:5d:fd:e9:57:01:c6:30:de:e7:ee:90:39:1a:9c:7b:f9:23:
ad:8f:2c:93:5f:0d:1b:07:02:f7:82:2f:ba:80:26:e4:35:04:
70:c3:be:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dBcLRCxkA/de2OOvXKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzM2NmFmNmNlMGIxYTlmNjAxNzNiMTRiNWZkZGQ3ZTBi
OTYzMDYwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFlMmFiNmVkYzc5YjBlZTI4NGYyZTExYzk5YjRhMzcxZDZkMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wS0/wY6DJ6s+vZZnCqKESTownXz
JU6Q0aG4Oidi4n6v/37NUYo5Ad60WyC9u/qsAxPRAiOYz2MsJKGr4HDcH8Zj+4me
R6ZO62gEaPokN5+eGiOthnQBvFCHRzdrs3KLdXuSWiAWOOODlwI/t5aadhorOrk8
z4f9BKgNaIMDqq5/HYXpNOr/KM+QHxsmQLpA1p5blyCV6LoTyyeMMwVVUqLM3Dq3
AP+5S5uhOckfL16m7/UnvF5eOPhwI5Vx81U4TTPVljiDJ5xHP4OvERt+m+8YbETH
9J8RqeB77sPOPMUueBbIIl0TR/DkfcslyldN7MM+ke7eoBytCNwTy0X+7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6uKrbtx5sO4oTy4RyZtKNx1tDBMB8GA1UdIwQY
MBaAFJ3DZq9s4LGp9gFzsUtf3dfguWMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNObXIyemdzYW4yQVhPeFMxX2QxLUM1WXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC83ODhmY2YtNjBmMy00MjZmLTk4NTgt
ODJmNDc2YjVjZmRiLzEvSHE0cXR1M0htdzdpaFBMaEhKbTBvM0hXME1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC83ODhmY2YtNjBmMy00MjZmLTk4NTgtODJmNDc2YjVjZmRi
LzEvbmNObXIyemdzYW4yQVhPeFMxX2QxLUM1WXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0EMA0G
CSqGSIb3DQEBCwUAA4IBAQCUB+c/OJxz38o459b/zChZHhONgpUQrHPIpsSzLa93
DLoh4BqgCQQSRLvJBxpP4g3+9AMEhhJHogVDct3eAU4JmIHRd+/nsDdBi6RtjCHZ
iKRgYliKn6yWmQPYbcVcL3fatH2xdO6VSVY9AY8bh/GU4xHuGZZwoKbfAsD3+YwZ
n3RyNZSlF7XPVNMNi2cpxRQMuOn0wA8ktkizCrwC+f3tncI0wfXlSgV1oBpj6Tbe
8jYarPc3nKH4O11Zr4kvQ/Vap22pOmaQD+1ARJqxvKI88pZOoNQO0yhIXf3pVwHG
MN7n7pA5Gpx7+SOtjyyTXw0bBwL3gi+6gCbkNQRww745
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:34 2025 by rpki-client