Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/5PZ3g6OP7Xkkh7yPx23u6neBrAE.roa
File: 5PZ3g6OP7Xkkh7yPx23u6neBrAE.roa (raw, json)
Hash identifier: Oeq+7unGkdcn5PZadl5yUb8yi+1t207kSQ+K6DCv118=
Subject key identifier: E4:F6:77:83:A3:8F:ED:79:24:87:BC:8F:C7:6D:EE:EA:77:81:AC:01
Certificate issuer: /CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Certificate serial: 019421B1C1CC63AB7B8EF2C14D77B5EA24C5
Authority key identifier: F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/5PZ3g6OP7Xkkh7yPx23u6neBrAE.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 192.162.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c1:cc:63:ab:7b:8e:f2:c1:4d:77:b5:ea:24:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4f67783a38fed792487bc8fc76deeea7781ac01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e7:d2:da:f6:db:9f:29:9c:06:2a:b7:a1:7d:
4a:e2:96:ac:c8:a4:54:f8:c1:18:00:ca:bc:0f:97:
f9:07:f4:73:ac:39:95:a9:e5:47:72:1b:70:cf:46:
f2:4f:48:6f:47:e8:92:4e:61:a7:8d:3b:71:51:b7:
2d:0a:cf:00:10:3c:6d:b0:77:a3:84:1a:b8:1d:19:
2e:a9:8f:8e:3a:e1:c8:5f:7c:be:36:f0:7f:18:d4:
40:01:e7:15:26:3b:60:11:2b:3c:b7:e0:da:d5:57:
6b:38:d0:96:ee:39:0f:73:44:6b:89:f0:e4:a6:99:
1f:33:f6:47:cc:95:7e:0d:5a:fe:ed:0a:62:fa:37:
13:4b:fb:17:fb:c2:1a:e7:a3:de:00:77:93:cd:1d:
1b:06:08:c1:55:e6:0e:15:78:a9:52:5e:d6:cc:fa:
cf:ab:34:1e:41:de:b3:12:d8:ce:4e:2d:c8:4f:a2:
5d:ec:07:61:76:55:ff:0d:b0:94:2e:e1:3f:fb:a7:
12:5e:15:d7:87:64:48:88:aa:cb:f9:4d:34:a7:b9:
34:4f:8f:1e:e7:ec:ac:a3:27:f6:d1:35:d7:ea:8d:
fe:60:68:a0:e1:87:f5:99:55:5c:f8:89:fb:2d:4a:
69:bb:29:14:3d:ea:1e:89:b7:65:20:a3:f9:36:ec:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F6:77:83:A3:8F:ED:79:24:87:BC:8F:C7:6D:EE:EA:77:81:AC:01
X509v3 Authority Key Identifier:
keyid:F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/5PZ3g6OP7Xkkh7yPx23u6neBrAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/83T3NMNpXmeQanAy6y5Z-z60GyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.219.0/24
Signature Algorithm: sha256WithRSAEncryption
40:db:b6:b9:09:fd:61:86:6c:da:2d:ba:e8:a3:f5:74:4f:f5:
44:c7:eb:f5:79:c2:4c:b2:ca:33:53:8a:5b:bf:bd:8e:5c:c2:
86:2b:e9:94:ae:94:c2:27:94:9e:24:44:28:a8:f9:26:4e:eb:
d8:47:a3:90:ec:39:19:a2:f6:9b:a7:d3:10:b7:ce:bb:72:f5:
c4:dc:2d:d3:08:6e:b0:9a:68:92:15:57:b5:5c:3b:43:e1:73:
49:93:51:4b:d1:7f:69:66:bd:86:af:34:9e:05:6f:13:f8:10:
72:a1:1c:6c:a8:9a:6c:a5:6e:c3:d1:a4:bd:5e:77:32:49:6d:
e3:b5:91:1c:5b:40:d4:dd:5b:58:eb:c5:83:3a:22:96:7c:48:
ba:53:53:2f:90:30:7d:6a:20:5c:97:c9:39:66:f0:48:cd:87:
bf:37:9c:78:a2:70:b6:ac:54:57:82:52:06:f2:f7:45:f0:4b:
17:af:3e:ea:d1:da:88:13:c6:10:7c:fa:a4:6b:b4:b1:96:d1:
bb:d1:14:cd:b8:f4:4b:2f:4b:d5:44:5b:95:73:85:2e:8c:51:
34:6d:79:28:39:62:56:9c:0e:be:c8:0a:62:ac:0e:b8:6d:21:
f4:db:0b:e5:73:f2:bb:af:1d:ef:0e:5e:9c:b2:1a:18:35:1d:
5e:fd:77:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhscHMY6t7jvLBTXe16iTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzRmNzM0YzM2OTVlNjc5MDZhNzAzMmViMmU1OWZiM2Vi
NDFiMjIwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY2Nzc4M2EzOGZlZDc5MjQ4N2JjOGZjNzZkZWVlYTc3ODFhYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0efS2vbbnymcBiq3oX1K4pasyKRU
+MEYAMq8D5f5B/RzrDmVqeVHchtwz0byT0hvR+iSTmGnjTtxUbctCs8AEDxtsHej
hBq4HRkuqY+OOuHIX3y+NvB/GNRAAecVJjtgESs8t+Da1VdrONCW7jkPc0RrifDk
ppkfM/ZHzJV+DVr+7Qpi+jcTS/sX+8Ia56PeAHeTzR0bBgjBVeYOFXipUl7WzPrP
qzQeQd6zEtjOTi3IT6Jd7AdhdlX/DbCULuE/+6cSXhXXh2RIiKrL+U00p7k0T48e
5+ysoyf20TXX6o3+YGig4Yf1mVVc+In7LUppuykUPeoeibdlIKP5Nuz6uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOT2d4Ojj+15JIe8j8dt7up3gawBMB8GA1UdIwQY
MBaAFPN09zTDaV5nkGpwMusuWfs+tBsiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTIt
NGJlZjgzMjhhYWFiLzEvNVBaM2c2T1A3WGtraDd5UHgyM3U2bmVCckFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTItNGJlZjgzMjhhYWFi
LzEvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKLbMA0G
CSqGSIb3DQEBCwUAA4IBAQBA27a5Cf1hhmzaLbroo/V0T/VEx+v1ecJMssozU4pb
v72OXMKGK+mUrpTCJ5SeJEQoqPkmTuvYR6OQ7DkZovabp9MQt867cvXE3C3TCG6w
mmiSFVe1XDtD4XNJk1FL0X9pZr2GrzSeBW8T+BByoRxsqJpspW7D0aS9XncySW3j
tZEcW0DU3VtY68WDOiKWfEi6U1MvkDB9aiBcl8k5ZvBIzYe/N5x4onC2rFRXglIG
8vdF8EsXrz7q0dqIE8YQfPqka7SxltG70RTNuPRLL0vVRFuVc4UujFE0bXkoOWJW
nA6+yApirA64bSH02wvlc/K7rx3vDl6cshoYNR1e/Xep
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:51 2025 by rpki-client