Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/5Hag6P9QZzNJGQQPElsAvDoZXrY.roa
File: 5Hag6P9QZzNJGQQPElsAvDoZXrY.roa (raw, json)
Hash identifier: sbCnjoQN/zwpc81NILJvfLGG8eJWgqQYFOcEqkbBNRk=
Subject key identifier: E4:76:A0:E8:FF:50:67:33:49:19:04:0F:12:5B:00:BC:3A:19:5E:B6
Certificate issuer: /CN=52ecb0e85d0b7feea4a82ac9448d47c3ec0af053
Certificate serial: 01942669ECE6C774A0B7E0CC95B4432331F7
Authority key identifier: 52:EC:B0:E8:5D:0B:7F:EE:A4:A8:2A:C9:44:8D:47:C3:EC:0A:F0:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/5Hag6P9QZzNJGQQPElsAvDoZXrY.roa
Signing time: Thu 02 Jan 2025 09:47:43 +0000
ROA not before: Thu 02 Jan 2025 09:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200418
IP address blocks: 185.107.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:ec:e6:c7:74:a0:b7:e0:cc:95:b4:43:23:31:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52ecb0e85d0b7feea4a82ac9448d47c3ec0af053
Validity
Not Before: Jan 2 09:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e476a0e8ff5067334919040f125b00bc3a195eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:14:13:fc:99:a2:3e:bf:a6:9f:fb:b6:56:
4f:3e:4c:25:7c:a4:52:2c:42:5f:6d:01:d5:4a:8e:
17:4a:76:ba:6b:0c:be:5e:f1:1d:1c:8a:ec:f3:cf:
ec:98:2b:c7:f0:92:1a:22:1c:63:e3:ed:4c:55:c9:
7e:9d:23:28:a5:d1:85:fa:7c:7f:8d:24:33:3c:b7:
bc:e3:de:e3:76:43:ee:f8:5f:25:3c:62:fe:b1:1b:
e7:73:3f:43:e9:91:71:f4:0a:34:2d:e3:1e:cd:77:
d9:05:7d:5d:f2:3e:c9:f3:83:4e:06:6d:17:e9:c5:
36:f6:c5:c1:14:93:e9:fb:99:bb:16:7f:13:a0:98:
80:1c:10:bc:cc:e6:76:77:fc:a4:48:d8:d4:14:cf:
46:3c:06:af:32:51:ec:be:2e:9f:8b:dc:39:dd:99:
af:a9:a0:a9:ad:7d:d2:7b:29:e2:f8:55:e4:0a:90:
62:9b:c5:dd:17:29:b8:57:96:5c:ac:65:8f:da:54:
6b:fc:e8:23:c3:03:0f:64:94:d2:2d:79:30:0c:39:
0e:8b:8a:3e:aa:b7:54:b6:35:0a:48:04:81:be:a2:
56:e6:f0:48:a5:f4:b7:d5:d4:79:e6:45:99:d3:21:
25:f7:ba:d9:53:87:4a:ed:08:54:e7:bb:0a:e3:01:
32:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:76:A0:E8:FF:50:67:33:49:19:04:0F:12:5B:00:BC:3A:19:5E:B6
X509v3 Authority Key Identifier:
keyid:52:EC:B0:E8:5D:0B:7F:EE:A4:A8:2A:C9:44:8D:47:C3:EC:0A:F0:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/5Hag6P9QZzNJGQQPElsAvDoZXrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/db3e56-e832-491d-b530-ca4f66b09068/1/Uuyw6F0Lf-6kqCrJRI1Hw-wK8FM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.228.0/22
Signature Algorithm: sha256WithRSAEncryption
67:30:24:51:3c:0c:7f:ed:97:9a:f0:e8:78:a6:9d:48:94:ce:
c1:5a:47:b5:21:39:9e:bd:14:6c:f7:24:2d:4a:9f:6f:1a:05:
9e:23:e9:30:15:a4:1d:33:11:88:8d:f5:e0:1d:16:cd:7f:95:
58:03:8c:df:a8:17:39:b4:f6:c6:3c:00:26:f6:93:38:9c:d3:
ad:6f:01:cf:98:35:d3:19:e8:fb:fb:da:c2:67:1c:19:ec:f1:
0f:9d:36:5f:03:6a:5b:20:00:01:38:5a:1b:ae:eb:be:cf:c1:
85:10:2d:a5:4f:2d:93:ad:7b:37:27:c7:00:11:e2:15:fa:52:
51:22:25:49:35:5f:9d:ca:8e:fd:fd:0d:18:e3:f5:2f:ad:9f:
bb:8d:15:1f:c0:be:e9:23:12:b0:46:8d:c7:99:91:1e:b7:68:
e6:ba:62:8b:df:32:d1:2f:65:73:9b:0e:e2:8f:55:ee:dc:66:
86:2c:fc:97:4c:7a:4a:4f:53:e8:3e:e4:64:7e:4f:e2:53:37:
de:26:3e:f6:7e:4c:23:1b:ed:74:5e:69:e5:37:c2:2d:ff:bf:
b7:db:ed:89:ad:fd:23:c5:62:de:4a:13:c9:f7:b3:0d:ae:58:
95:7a:02:f3:b5:01:ad:21:2b:73:43:72:6b:bf:84:43:39:60:
17:aa:6e:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaezmx3Sgt+DMlbRDIzH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZWNiMGU4NWQwYjdmZWVhNGE4MmFjOTQ0OGQ0N2MzZWMw
YWYwNTMwHhcNMjUwMTAyMDk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc2YTBlOGZmNTA2NzMzNDkxOTA0MGYxMjViMDBiYzNhMTk1ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiMUE/yZoj6/pp/7tlZPPkwlfKRS
LEJfbQHVSo4XSna6awy+XvEdHIrs88/smCvH8JIaIhxj4+1MVcl+nSMopdGF+nx/
jSQzPLe8497jdkPu+F8lPGL+sRvncz9D6ZFx9Ao0LeMezXfZBX1d8j7J84NOBm0X
6cU29sXBFJPp+5m7Fn8ToJiAHBC8zOZ2d/ykSNjUFM9GPAavMlHsvi6fi9w53Zmv
qaCprX3Seyni+FXkCpBim8XdFym4V5ZcrGWP2lRr/OgjwwMPZJTSLXkwDDkOi4o+
qrdUtjUKSASBvqJW5vBIpfS31dR55kWZ0yEl97rZU4dK7QhU57sK4wEySQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOR2oOj/UGczSRkEDxJbALw6GV62MB8GA1UdIwQY
MBaAFFLssOhdC3/upKgqyUSNR8PsCvBTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXV5dzZGMExmLTZrcUNySlJJMUh3LXdLOEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kYjNlNTYtZTgzMi00OTFkLWI1MzAt
Y2E0ZjY2YjA5MDY4LzEvNUhhZzZQOVFaek5KR1FRUEVsc0F2RG9aWHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kYjNlNTYtZTgzMi00OTFkLWI1MzAtY2E0ZjY2YjA5MDY4
LzEvVXV5dzZGMExmLTZrcUNySlJJMUh3LXdLOEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWvkMA0G
CSqGSIb3DQEBCwUAA4IBAQBnMCRRPAx/7Zea8Oh4pp1IlM7BWke1ITmevRRs9yQt
Sp9vGgWeI+kwFaQdMxGIjfXgHRbNf5VYA4zfqBc5tPbGPAAm9pM4nNOtbwHPmDXT
Gej7+9rCZxwZ7PEPnTZfA2pbIAABOFobruu+z8GFEC2lTy2TrXs3J8cAEeIV+lJR
IiVJNV+dyo79/Q0Y4/UvrZ+7jRUfwL7pIxKwRo3HmZEet2jmumKL3zLRL2Vzmw7i
j1Xu3GaGLPyXTHpKT1PoPuRkfk/iUzfeJj72fkwjG+10XmnlN8It/7+32+2Jrf0j
xWLeShPJ97MNrliVegLztQGtIStzQ3Jrv4RDOWAXqm6J
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:15:25 2025 by rpki-client