Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/cLYB6l9FZL9zQXyfpqoagDuHdic.roa
File: cLYB6l9FZL9zQXyfpqoagDuHdic.roa (raw, json)
Hash identifier: bfsqI0s1izdNOdCWZ5Wt/vOuavl9t3l+ssIuSAYSQTY=
Subject key identifier: 70:B6:01:EA:5F:45:64:BF:73:41:7C:9F:A6:AA:1A:80:3B:87:76:27
Certificate issuer: /CN=7b89385c0002330b096567b21514d8e1bc09689f
Certificate serial: 01941FFAA3499ED49AABD25B56D78DB12377
Authority key identifier: 7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/cLYB6l9FZL9zQXyfpqoagDuHdic.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51580
IP address blocks: 5.172.96.0/22 maxlen: 24
185.143.152.0/22 maxlen: 24
185.212.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a3:49:9e:d4:9a:ab:d2:5b:56:d7:8d:b1:23:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b89385c0002330b096567b21514d8e1bc09689f
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b601ea5f4564bf73417c9fa6aa1a803b877627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8d:4f:04:f2:48:41:c2:23:83:f2:0a:7a:c1:
e7:44:81:a7:89:ed:4d:84:b3:55:e9:70:1e:7c:1a:
d4:f7:ab:66:83:d8:99:c0:39:34:b6:f3:73:fe:eb:
c7:a2:c9:eb:29:13:23:d9:93:d0:ca:a7:32:55:ee:
5f:6f:2c:19:da:2a:72:7d:e7:2c:5a:44:5f:f2:c6:
e1:b1:0c:64:a6:a0:c5:5e:8b:3e:08:1d:cd:9f:4d:
7e:3f:5e:a8:5a:28:18:df:2a:c2:f2:07:9c:87:ed:
bb:ef:4e:1b:e2:0f:86:76:84:ce:d6:f2:73:3d:02:
f2:e1:1f:7f:a9:55:e5:32:8c:61:e7:f5:40:a9:39:
69:9a:6a:b4:75:54:3a:b5:2b:70:66:57:25:e2:84:
de:7f:1c:64:12:d7:c1:a8:05:a2:03:28:9e:51:58:
ff:d8:9f:7f:5c:e8:2d:43:56:8f:e5:86:ef:6b:cb:
e2:6c:8c:f1:2f:e4:6b:20:d6:75:87:73:ee:48:d1:
fe:db:d2:99:27:32:26:48:f4:dd:92:80:ec:fc:ef:
88:c7:40:09:53:8c:da:c7:b4:c8:db:37:af:b3:cb:
15:89:e1:d1:eb:d7:86:cd:88:42:06:d2:ea:27:84:
e6:33:3f:7c:44:9d:26:c6:ce:13:f1:63:78:f0:be:
e3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B6:01:EA:5F:45:64:BF:73:41:7C:9F:A6:AA:1A:80:3B:87:76:27
X509v3 Authority Key Identifier:
keyid:7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/cLYB6l9FZL9zQXyfpqoagDuHdic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/e4k4XAACMwsJZWeyFRTY4bwJaJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.96.0/22
185.143.152.0/22
185.212.16.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:5b:8d:c7:de:b9:03:4a:b4:a0:18:ba:91:b5:b3:d1:16:a8:
80:01:79:47:89:9e:1d:e9:bb:d3:b3:42:ee:e3:9a:b2:b2:5d:
b8:be:43:1f:aa:19:3f:71:7c:33:cc:f7:dd:37:86:ac:a3:40:
57:5d:fa:9b:95:2a:70:ec:76:ec:ad:a1:76:80:9b:2c:fb:8d:
66:0a:38:5f:09:d8:e2:46:42:18:47:09:18:c8:b1:b7:75:05:
b4:24:fd:36:6d:77:d8:b9:55:a2:37:a7:de:99:f6:ce:4f:22:
33:ea:bc:05:0c:ff:31:86:5e:3f:ac:65:43:aa:e0:0b:5f:20:
9c:8a:d2:e9:3b:89:44:a6:80:92:6d:c2:ad:e1:72:fb:0a:ca:
0a:c0:1c:88:88:c9:49:2a:50:61:d9:20:36:30:d4:dd:af:9e:
ac:38:43:c5:12:9a:36:4b:dc:fe:ad:4c:de:dc:96:75:4a:7e:
10:41:d4:cf:09:18:d1:40:5d:87:5b:91:c2:b0:5d:55:6a:95:
73:43:2e:e3:87:4d:a2:d7:12:be:7f:a0:9a:15:68:23:4f:48:
d7:5b:32:28:42:c6:fc:dc:46:ba:9c:b7:4e:5f:ef:b8:2a:58:
d8:1c:66:57:67:97:f9:5c:3d:68:68:02:b9:58:31:bc:64:c4:
f1:c0:bb:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+qNJntSaq9JbVteNsSN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODkzODVjMDAwMjMzMGIwOTY1NjdiMjE1MTRkOGUxYmMw
OTY4OWYwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI2MDFlYTVmNDU2NGJmNzM0MTdjOWZhNmFhMWE4MDNiODc3NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY1PBPJIQcIjg/IKesHnRIGnie1N
hLNV6XAefBrU96tmg9iZwDk0tvNz/uvHosnrKRMj2ZPQyqcyVe5fbywZ2ipyfecs
WkRf8sbhsQxkpqDFXos+CB3Nn01+P16oWigY3yrC8gech+27704b4g+GdoTO1vJz
PQLy4R9/qVXlMoxh5/VAqTlpmmq0dVQ6tStwZlcl4oTefxxkEtfBqAWiAyieUVj/
2J9/XOgtQ1aP5Ybva8vibIzxL+RrINZ1h3PuSNH+29KZJzImSPTdkoDs/O+Ix0AJ
U4zax7TI2zevs8sVieHR69eGzYhCBtLqJ4TmMz98RJ0mxs4T8WN48L7j9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHC2AepfRWS/c0F8n6aqGoA7h3YnMB8GA1UdIwQY
MBaAFHuJOFwAAjMLCWVnshUU2OG8CWifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQt
ZmUyNzkyMWUxNTQyLzEvY0xZQjZsOUZaTDl6UVh5ZnBxb2FnRHVIZGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQtZmUyNzkyMWUxNTQy
LzEvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBaxgAwQC
uY+YAwQCudQQMA0GCSqGSIb3DQEBCwUAA4IBAQCqW43H3rkDSrSgGLqRtbPRFqiA
AXlHiZ4d6bvTs0Lu45qysl24vkMfqhk/cXwzzPfdN4aso0BXXfqblSpw7HbsraF2
gJss+41mCjhfCdjiRkIYRwkYyLG3dQW0JP02bXfYuVWiN6femfbOTyIz6rwFDP8x
hl4/rGVDquALXyCcitLpO4lEpoCSbcKt4XL7CsoKwByIiMlJKlBh2SA2MNTdr56s
OEPFEpo2S9z+rUze3JZ1Sn4QQdTPCRjRQF2HW5HCsF1VapVzQy7jh02i1xK+f6Ca
FWgjT0jXWzIoQsb83Ea6nLdOX++4KljYHGZXZ5f5XD1oaAK5WDG8ZMTxwLvk
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:32:04 2025 by rpki-client