Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/X_5mJIe23lTGFoHxQS-RDQrkxZY.roa
File: X_5mJIe23lTGFoHxQS-RDQrkxZY.roa (raw, json)
Hash identifier: RzER0AmjnLXODOGy8fUMFdlmPYkcB4bwanmhBdhdXVQ=
Subject key identifier: 5F:FE:66:24:87:B6:DE:54:C6:16:81:F1:41:2F:91:0D:0A:E4:C5:96
Certificate issuer: /CN=608e6a6a54017dd3b9b2cce35fd5a9a7f2a45498
Certificate serial: 01942068354E88F4E8D153634B1BE5CE33C0
Authority key identifier: 60:8E:6A:6A:54:01:7D:D3:B9:B2:CC:E3:5F:D5:A9:A7:F2:A4:54:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YI5qalQBfdO5sszjX9Wpp_KkVJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/X_5mJIe23lTGFoHxQS-RDQrkxZY.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48815
IP address blocks: 5.104.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:35:4e:88:f4:e8:d1:53:63:4b:1b:e5:ce:33:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=608e6a6a54017dd3b9b2cce35fd5a9a7f2a45498
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ffe662487b6de54c61681f1412f910d0ae4c596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ac:08:92:41:90:cf:15:21:6b:1e:75:49:35:
65:7b:09:a7:4c:93:a8:30:8f:ab:f0:e2:c8:86:f2:
a5:0e:2b:0a:90:45:45:f1:37:43:d3:e2:80:a9:82:
ab:e9:0c:eb:b8:d2:52:45:d3:79:53:cf:f6:fa:fb:
71:be:0c:e3:f5:fc:1a:b9:12:f7:1a:6e:91:1b:80:
88:17:c9:a4:0d:ec:84:24:20:b0:a8:54:49:bf:10:
73:2c:0b:94:dc:4c:ad:73:bc:13:21:9b:3a:9d:3b:
41:8c:ab:62:ce:6a:35:8d:17:ff:c8:7d:01:cf:4f:
cf:59:bb:86:2c:3e:6a:fe:b7:fa:7d:9b:20:78:5c:
d8:b2:f3:5d:06:fc:eb:fb:35:60:6b:c5:fc:a9:4e:
45:a1:e5:62:10:18:66:69:a1:c1:f0:30:7c:1d:14:
10:43:40:c4:7e:1b:0f:c7:2f:34:d8:4d:0e:86:69:
cb:3a:00:68:2f:2c:00:88:50:b1:16:25:ae:0e:b6:
a1:81:40:80:ed:bc:41:f2:cc:21:70:43:cc:9f:50:
1e:c9:61:e0:39:f3:35:e0:56:3b:b8:a8:ff:35:63:
ae:46:af:9a:c4:ac:fb:13:26:64:98:1c:71:ce:26:
e1:bc:e8:ab:db:38:90:70:c2:85:75:3b:bf:bf:9d:
d5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:FE:66:24:87:B6:DE:54:C6:16:81:F1:41:2F:91:0D:0A:E4:C5:96
X509v3 Authority Key Identifier:
keyid:60:8E:6A:6A:54:01:7D:D3:B9:B2:CC:E3:5F:D5:A9:A7:F2:A4:54:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YI5qalQBfdO5sszjX9Wpp_KkVJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/X_5mJIe23lTGFoHxQS-RDQrkxZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c3328e-1ce9-4e38-9eca-2324977c9393/1/YI5qalQBfdO5sszjX9Wpp_KkVJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.24.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1a:fd:a4:0e:80:14:c2:5b:1f:81:3b:c3:08:66:18:7e:0d:
41:f6:a8:97:f3:0a:1c:ef:5d:78:79:00:23:25:25:d0:9a:62:
29:84:0a:97:95:29:b8:23:bd:1c:5f:0e:45:d6:c4:45:56:5a:
45:a4:08:3f:c2:44:6f:52:d6:48:36:f0:f5:74:8d:5c:39:84:
a4:fd:8c:93:14:2d:1b:cf:73:23:86:d6:3f:0a:66:b8:d1:a1:
c5:8b:c6:6a:e8:6f:4f:e2:55:fe:7b:36:23:3d:21:7e:4a:d9:
e8:a6:4b:b7:0b:bf:73:3d:0a:0e:20:9a:15:54:ab:2f:64:cd:
3a:08:85:1b:b9:1b:45:13:70:dc:23:c9:b3:77:02:39:97:9c:
7e:ef:e3:67:2a:2d:57:eb:93:48:be:e7:26:38:2f:f4:f6:76:
ba:43:fe:ca:94:7b:ca:7c:e5:95:5c:b7:2e:d6:27:ac:22:9c:
ea:94:5e:01:cf:ab:32:c8:3b:55:6d:02:58:ea:ba:0e:1b:91:
90:53:ab:72:0b:e5:9a:c8:c0:9b:a0:60:4d:f4:21:a5:f1:1f:
82:7c:39:7a:71:26:ed:e1:78:09:9a:5c:b3:fe:1e:53:95:d0:
7d:8c:13:68:c3:9a:4d:4b:a1:cf:5b:ed:bd:5f:ad:4c:95:4f:
be:96:fa:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDVOiPTo0VNjSxvlzjPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOGU2YTZhNTQwMTdkZDNiOWIyY2NlMzVmZDVhOWE3ZjJh
NDU0OTgwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmZlNjYyNDg3YjZkZTU0YzYxNjgxZjE0MTJmOTEwZDBhZTRjNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56wIkkGQzxUhax51STVlewmnTJOo
MI+r8OLIhvKlDisKkEVF8TdD0+KAqYKr6QzruNJSRdN5U8/2+vtxvgzj9fwauRL3
Gm6RG4CIF8mkDeyEJCCwqFRJvxBzLAuU3Eytc7wTIZs6nTtBjKtizmo1jRf/yH0B
z0/PWbuGLD5q/rf6fZsgeFzYsvNdBvzr+zVga8X8qU5FoeViEBhmaaHB8DB8HRQQ
Q0DEfhsPxy802E0OhmnLOgBoLywAiFCxFiWuDrahgUCA7bxB8swhcEPMn1AeyWHg
OfM14FY7uKj/NWOuRq+axKz7EyZkmBxxzibhvOir2ziQcMKFdTu/v53V6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/+ZiSHtt5UxhaB8UEvkQ0K5MWWMB8GA1UdIwQY
MBaAFGCOampUAX3TubLM41/VqafypFSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUk1cWFsUUJmZE81c3N6alg5V3BwX0trVkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jMzMyOGUtMWNlOS00ZTM4LTllY2Et
MjMyNDk3N2M5MzkzLzEvWF81bUpJZTIzbFRHRm9IeFFTLVJEUXJreFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jMzMyOGUtMWNlOS00ZTM4LTllY2EtMjMyNDk3N2M5Mzkz
LzEvWUk1cWFsUUJmZE81c3N6alg5V3BwX0trVkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWgYMA0G
CSqGSIb3DQEBCwUAA4IBAQBYGv2kDoAUwlsfgTvDCGYYfg1B9qiX8woc7114eQAj
JSXQmmIphAqXlSm4I70cXw5F1sRFVlpFpAg/wkRvUtZINvD1dI1cOYSk/YyTFC0b
z3MjhtY/Cma40aHFi8Zq6G9P4lX+ezYjPSF+Stnopku3C79zPQoOIJoVVKsvZM06
CIUbuRtFE3DcI8mzdwI5l5x+7+NnKi1X65NIvucmOC/09na6Q/7KlHvKfOWVXLcu
1iesIpzqlF4Bz6syyDtVbQJY6roOG5GQU6tyC+WayMCboGBN9CGl8R+CfDl6cSbt
4XgJmlyz/h5TldB9jBNow5pNS6HPW+29X61MlU++lvpP
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:08:36 2025 by rpki-client