Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/5sX-DGEXiD0BFlvf-Fmo0E_zIWA.roa
File: 5sX-DGEXiD0BFlvf-Fmo0E_zIWA.roa (raw, json)
Hash identifier: 9QROXrOe8DbEbrWzP6N+sqZkzzd6XWEYKMJ32P4x344=
Subject key identifier: E6:C5:FE:0C:61:17:88:3D:01:16:5B:DF:F8:59:A8:D0:4F:F3:21:60
Certificate issuer: /CN=bc1d20936626b55743c6594512de42ef9f8e905f
Certificate serial: 019422FB83650372C5080D5FB3AFEE4D4F8B
Authority key identifier: BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/5sX-DGEXiD0BFlvf-Fmo0E_zIWA.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206610
IP address blocks: 2.56.104.0/22 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:83:65:03:72:c5:08:0d:5f:b3:af:ee:4d:4f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc1d20936626b55743c6594512de42ef9f8e905f
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6c5fe0c6117883d01165bdff859a8d04ff32160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b0:aa:87:af:b1:13:fa:c4:61:ca:33:cb:22:
5c:61:56:17:0b:76:90:ed:bc:2f:90:e2:8e:1e:95:
d3:21:a3:f1:6f:9c:92:dc:cb:04:2e:5b:b4:d0:8e:
d8:c0:c8:3d:62:d5:7c:24:3d:9f:86:51:02:4d:12:
b8:95:b8:76:b0:52:e9:72:f6:14:97:db:f0:98:2e:
8d:c0:08:81:43:14:58:ff:d7:3a:42:79:68:d3:07:
b0:1d:d3:a9:cb:05:4f:3c:b5:87:17:08:dd:03:7e:
ef:b2:c9:27:11:d8:c7:d7:b6:2b:2c:f9:89:01:12:
c5:e2:ad:1f:b6:9a:b5:90:0f:29:a1:2c:76:41:1e:
06:5f:63:77:30:19:7e:f9:a6:64:3a:10:55:18:b4:
e0:85:73:a9:be:85:d0:c1:b6:2c:95:a1:2b:9d:09:
63:fc:d1:9b:47:be:2a:4a:ba:01:ab:5c:df:20:2c:
d9:6e:59:c9:fa:70:dc:72:32:32:ae:36:de:8b:b5:
b0:d5:b1:3d:16:0f:2b:34:ed:ca:ba:47:c2:c1:33:
43:fe:5a:10:54:c4:2f:c1:04:1d:a9:a8:be:05:d3:
97:09:e6:0b:4e:08:88:a6:98:1a:76:e5:42:a1:dd:
a1:1c:22:74:eb:2c:e4:9e:72:a3:97:45:e0:33:d1:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C5:FE:0C:61:17:88:3D:01:16:5B:DF:F8:59:A8:D0:4F:F3:21:60
X509v3 Authority Key Identifier:
keyid:BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/5sX-DGEXiD0BFlvf-Fmo0E_zIWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.104.0/22
Signature Algorithm: sha256WithRSAEncryption
01:0b:24:3b:af:f3:18:b7:6d:48:34:01:c3:b1:cd:48:6e:83:
64:4f:fb:89:a5:75:e8:56:d0:d0:2a:14:f0:28:c4:d9:41:9c:
30:8a:22:bf:76:05:d5:fd:9d:ee:05:b8:d9:8f:eb:95:bf:13:
d8:32:ed:92:94:1c:83:3b:26:0e:6d:4e:f0:d4:65:f7:e2:39:
ce:b4:62:3d:13:a2:a1:54:99:8c:af:42:25:f3:73:87:1f:1c:
18:64:1e:5a:3c:a3:17:31:17:98:9f:5a:21:1d:ee:06:f0:b9:
90:ad:b0:85:22:11:61:8b:12:b5:92:24:f7:76:0f:a9:3a:bb:
b9:75:88:4f:e9:d6:6f:77:f0:d7:1f:ff:e5:7e:2b:13:d9:eb:
24:e8:74:34:2d:4f:a4:0b:82:28:a1:94:00:89:94:49:87:ca:
4d:d9:87:e8:d2:66:66:36:e1:a8:1d:ce:b6:38:17:94:fc:be:
57:16:0a:14:8b:61:aa:30:88:c9:19:15:63:a7:49:e7:32:ce:
30:a6:c5:bd:0b:c2:10:78:71:2f:83:0c:fd:56:30:b8:57:c1:
1e:a5:02:6d:6b:1b:d6:ef:69:a1:88:0c:b2:d9:5d:d7:ae:85:
18:f2:e4:57:9a:e1:71:92:0d:f5:58:07:20:02:f1:ee:4b:a2:
98:2b:67:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4NlA3LFCA1fs6/uTU+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMWQyMDkzNjYyNmI1NTc0M2M2NTk0NTEyZGU0MmVmOWY4
ZTkwNWYwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM1ZmUwYzYxMTc4ODNkMDExNjViZGZmODU5YThkMDRmZjMyMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47Cqh6+xE/rEYcozyyJcYVYXC3aQ
7bwvkOKOHpXTIaPxb5yS3MsELlu00I7YwMg9YtV8JD2fhlECTRK4lbh2sFLpcvYU
l9vwmC6NwAiBQxRY/9c6Qnlo0wewHdOpywVPPLWHFwjdA37vssknEdjH17YrLPmJ
ARLF4q0ftpq1kA8poSx2QR4GX2N3MBl++aZkOhBVGLTghXOpvoXQwbYslaErnQlj
/NGbR74qSroBq1zfICzZblnJ+nDccjIyrjbei7Ww1bE9Fg8rNO3KukfCwTND/loQ
VMQvwQQdqai+BdOXCeYLTgiIppgaduVCod2hHCJ06yzknnKjl0XgM9EV/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObF/gxhF4g9ARZb3/hZqNBP8yFgMB8GA1UdIwQY
MBaAFLwdIJNmJrVXQ8ZZRRLeQu+fjpBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgt
MWYxZGM1MmJiYjk4LzEvNXNYLURHRVhpRDBCRmx2Zi1GbW8wRV96SVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgtMWYxZGM1MmJiYjk4
LzEvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjhoMA0G
CSqGSIb3DQEBCwUAA4IBAQABCyQ7r/MYt21INAHDsc1IboNkT/uJpXXoVtDQKhTw
KMTZQZwwiiK/dgXV/Z3uBbjZj+uVvxPYMu2SlByDOyYObU7w1GX34jnOtGI9E6Kh
VJmMr0Il83OHHxwYZB5aPKMXMReYn1ohHe4G8LmQrbCFIhFhixK1kiT3dg+pOru5
dYhP6dZvd/DXH//lfisT2esk6HQ0LU+kC4IooZQAiZRJh8pN2Yfo0mZmNuGoHc62
OBeU/L5XFgoUi2GqMIjJGRVjp0nnMs4wpsW9C8IQeHEvgwz9VjC4V8EepQJtaxvW
72mhiAyy2V3XroUY8uRXmuFxkg31WAcgAvHuS6KYK2dd
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:39:21 2025 by rpki-client