Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/5cdSX-zrncWspL0K6fL133Q3uNs.roa
File: 5cdSX-zrncWspL0K6fL133Q3uNs.roa (raw, json)
Hash identifier: RtUr90lsO7bvirIbH36Twsg4zf98Kyt3Rbxenxpq4mM=
Subject key identifier: E5:C7:52:5F:EC:EB:9D:C5:AC:A4:BD:0A:E9:F2:F5:DF:74:37:B8:DB
Certificate issuer: /CN=10ab57ab0e96518679114cbf0ee8af54bbfda5f5
Certificate serial: 0194214456A6AF8CA360C2AA4AB49B8DD436
Authority key identifier: 10:AB:57:AB:0E:96:51:86:79:11:4C:BF:0E:E8:AF:54:BB:FD:A5:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKtXqw6WUYZ5EUy_DuivVLv9pfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/5cdSX-zrncWspL0K6fL133Q3uNs.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198053
IP address blocks: 2001:67c:768::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:56:a6:af:8c:a3:60:c2:aa:4a:b4:9b:8d:d4:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10ab57ab0e96518679114cbf0ee8af54bbfda5f5
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5c7525feceb9dc5aca4bd0ae9f2f5df7437b8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:34:5f:e2:72:90:52:da:5d:05:09:8b:a4:e6:
9f:59:20:f8:f4:3e:97:84:06:c7:b8:0e:b1:38:22:
e6:0c:ca:97:07:7b:47:5b:15:e0:36:04:29:4c:9a:
b5:30:7b:97:07:2f:4f:1d:16:7a:f4:5a:11:51:9e:
c8:78:a7:b6:37:eb:e0:d7:0b:d7:6b:50:9e:e7:a3:
e5:80:31:be:02:d1:9a:8a:6b:42:bb:0e:87:7e:43:
49:76:a4:80:de:f5:d7:00:02:5d:aa:2e:13:2f:bd:
88:03:62:da:ad:c1:21:e1:f4:1d:65:3d:44:89:a8:
2d:c8:e3:da:2c:c9:93:6f:36:fe:3f:18:ef:29:ed:
08:fd:03:68:0a:3f:d1:cd:53:45:6a:4a:4e:60:d5:
b8:97:41:bb:1e:14:58:82:45:48:bc:c9:b3:7e:21:
e8:d4:bf:67:57:30:73:b3:38:bb:cf:4a:97:eb:05:
1d:d8:ed:1e:fa:a0:f4:1e:38:e1:a8:c3:eb:19:cb:
96:58:ce:fd:04:80:3c:8f:10:01:f6:2a:f5:cb:e9:
7d:3a:d4:20:5c:52:71:b1:7f:03:91:11:05:d9:a9:
d5:ef:c2:93:eb:be:58:96:85:9d:ef:1d:03:50:42:
39:8a:4d:7d:e4:f9:51:66:ff:6c:9c:97:35:36:4b:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C7:52:5F:EC:EB:9D:C5:AC:A4:BD:0A:E9:F2:F5:DF:74:37:B8:DB
X509v3 Authority Key Identifier:
keyid:10:AB:57:AB:0E:96:51:86:79:11:4C:BF:0E:E8:AF:54:BB:FD:A5:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKtXqw6WUYZ5EUy_DuivVLv9pfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/5cdSX-zrncWspL0K6fL133Q3uNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b61ac2-6e27-4d4e-ab9e-f380bf0fdd84/1/EKtXqw6WUYZ5EUy_DuivVLv9pfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:768::/48
Signature Algorithm: sha256WithRSAEncryption
3b:73:6c:14:be:1c:8e:b2:44:60:50:15:5c:6c:d4:67:83:21:
0c:f8:11:88:b9:8e:40:28:8a:d2:71:08:40:c5:9c:21:1f:51:
8e:8a:9d:22:8a:86:42:2d:82:b4:b1:58:1d:b0:49:a7:1a:ad:
20:c4:6f:fe:a0:4e:e8:a6:86:87:07:20:7a:49:63:ee:e2:8a:
62:f3:99:19:cd:f6:d7:79:4b:3b:26:3f:6c:48:9d:d1:df:09:
35:1b:b1:e5:c0:e9:be:70:f2:4e:88:44:ab:85:36:19:ae:8d:
f2:fd:a4:60:99:88:82:9d:73:8a:61:0d:fb:05:dc:9f:bb:1d:
fc:8b:18:b7:e8:5e:f1:c3:81:d6:3a:89:f1:62:64:9a:ea:99:
f2:b2:cf:89:1a:c3:b0:7d:c5:dd:4d:40:09:3a:db:23:b8:77:
ce:20:10:15:f2:85:f6:c5:1a:a8:df:d9:18:cc:9e:18:41:50:
5d:5f:b2:60:79:0e:5f:21:5c:73:ed:91:0e:57:27:bd:f8:4b:
46:b0:ab:36:99:06:f9:c2:f7:dd:a3:b3:eb:75:c9:6b:30:b2:
e7:98:f4:08:3b:84:0a:d5:e0:3a:52:65:e1:10:97:c5:2e:cc:
3c:62:6a:1b:2b:4c:cd:b5:89:b6:ed:ed:15:4a:2f:01:5b:6f:
f7:51:a1:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRFamr4yjYMKqSrSbjdQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWI1N2FiMGU5NjUxODY3OTExNGNiZjBlZThhZjU0YmJm
ZGE1ZjUwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM3NTI1ZmVjZWI5ZGM1YWNhNGJkMGFlOWYyZjVkZjc0MzdiOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzRf4nKQUtpdBQmLpOafWSD49D6X
hAbHuA6xOCLmDMqXB3tHWxXgNgQpTJq1MHuXBy9PHRZ69FoRUZ7IeKe2N+vg1wvX
a1Ce56PlgDG+AtGaimtCuw6HfkNJdqSA3vXXAAJdqi4TL72IA2LarcEh4fQdZT1E
iagtyOPaLMmTbzb+PxjvKe0I/QNoCj/RzVNFakpOYNW4l0G7HhRYgkVIvMmzfiHo
1L9nVzBzszi7z0qX6wUd2O0e+qD0HjjhqMPrGcuWWM79BIA8jxAB9ir1y+l9OtQg
XFJxsX8DkREF2anV78KT675YloWd7x0DUEI5ik195PlRZv9snJc1NkuRMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOXHUl/s653FrKS9Cuny9d90N7jbMB8GA1UdIwQY
MBaAFBCrV6sOllGGeRFMvw7or1S7/aX1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUt0WHF3NldVWVo1RVV5X0R1aXZWTHY5cGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iNjFhYzItNmUyNy00ZDRlLWFiOWUt
ZjM4MGJmMGZkZDg0LzEvNWNkU1gtenJuY1dzcEwwSzZmTDEzM1EzdU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iNjFhYzItNmUyNy00ZDRlLWFiOWUtZjM4MGJmMGZkZDg0
LzEvRUt0WHF3NldVWVo1RVV5X0R1aXZWTHY5cGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAdo
MA0GCSqGSIb3DQEBCwUAA4IBAQA7c2wUvhyOskRgUBVcbNRngyEM+BGIuY5AKIrS
cQhAxZwhH1GOip0iioZCLYK0sVgdsEmnGq0gxG/+oE7opoaHByB6SWPu4opi85kZ
zfbXeUs7Jj9sSJ3R3wk1G7HlwOm+cPJOiESrhTYZro3y/aRgmYiCnXOKYQ37Bdyf
ux38ixi36F7xw4HWOonxYmSa6pnyss+JGsOwfcXdTUAJOtsjuHfOIBAV8oX2xRqo
39kYzJ4YQVBdX7JgeQ5fIVxz7ZEOVye9+EtGsKs2mQb5wvfdo7PrdclrMLLnmPQI
O4QK1eA6UmXhEJfFLsw8YmobK0zNtYm27e0VSi8BW2/3UaFi
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:57:50 2025 by rpki-client