Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/wqBm7rPN_QCGYMr0G_aOxp5hD2w.roa
File: wqBm7rPN_QCGYMr0G_aOxp5hD2w.roa (raw, json)
Hash identifier: luljtEiBvQ077ULzFpsCWlvJ3NF6749HEShaCtOITcM=
Subject key identifier: C2:A0:66:EE:B3:CD:FD:00:86:60:CA:F4:1B:F6:8E:C6:9E:61:0F:6C
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 0194236A2B8888ABCB761F4DB56391225867
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/wqBm7rPN_QCGYMr0G_aOxp5hD2w.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56547
IP address blocks: 5.201.172.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:88:88:ab:cb:76:1f:4d:b5:63:91:22:58:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2a066eeb3cdfd008660caf41bf68ec69e610f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:16:a2:27:b7:bb:2b:2a:1e:f9:ac:29:6c:
75:bd:6f:7c:a5:37:10:ce:b5:32:c4:dc:a9:b6:34:
6e:a9:4d:d4:77:0a:ad:20:1a:52:60:08:7b:41:d0:
76:76:a7:64:27:35:e4:77:19:5b:6c:27:75:3b:17:
1b:2b:76:ba:54:75:bc:f5:d9:47:41:21:94:2c:34:
8d:c2:17:1f:6f:35:cf:46:4f:15:2f:d7:fc:18:4a:
ea:31:fa:11:2d:70:4c:c3:a3:1e:05:46:5c:52:92:
b2:1d:ae:7d:c1:e1:6b:09:db:c5:60:a4:b9:03:d6:
b5:38:68:e2:06:64:bc:ef:f5:c2:1b:65:97:d3:6a:
75:81:70:2f:80:03:5f:07:f3:da:35:16:a7:60:c2:
a3:e5:c7:c7:62:6e:1c:58:58:3e:55:ac:22:c3:de:
6f:ae:69:be:66:b5:25:ab:ec:98:b8:77:27:78:89:
f3:2f:d9:47:2a:a1:c4:0d:a2:d9:a2:fd:f3:6b:c4:
fa:bd:9c:cc:b2:3d:9c:a4:e9:2a:3f:2e:5e:00:b7:
40:20:1d:10:c7:0e:c0:01:2c:3d:93:ce:cf:8d:32:
04:e2:a8:6c:90:f7:5b:2d:fc:49:1a:ed:8b:48:e6:
47:e8:53:42:97:19:e4:c3:00:f4:83:a0:d1:d2:d9:
02:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A0:66:EE:B3:CD:FD:00:86:60:CA:F4:1B:F6:8E:C6:9E:61:0F:6C
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/wqBm7rPN_QCGYMr0G_aOxp5hD2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.172.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:93:fc:3c:61:f1:c6:d8:1a:cf:e4:22:e1:6f:5d:08:b2:a5:
90:0d:d2:ef:28:63:c7:34:98:cc:94:ff:c9:26:92:69:58:ed:
5a:c4:e5:a6:26:a4:88:fc:35:2a:c9:01:ed:19:2d:dd:34:8d:
4d:c1:ba:9d:c0:e1:ee:61:c8:86:1f:3b:48:1d:7b:97:d4:f0:
72:42:85:2a:4b:1a:6d:f2:03:54:cd:d4:5d:be:11:4a:bc:76:
8b:95:8c:3f:1a:74:4c:f5:7d:79:ea:37:22:35:dc:5c:d6:5c:
4f:ef:f4:a5:3c:42:91:58:48:01:88:d8:2a:62:24:22:b5:f5:
bf:c1:1f:e8:6b:97:0d:0d:11:80:d7:11:99:0e:4e:d8:2c:ea:
58:e2:81:7f:7f:e5:36:e7:17:cc:a6:03:08:1f:68:f1:7b:86:
c2:3b:1c:98:9b:b5:26:94:79:42:18:9c:a5:70:f8:05:90:a0:
27:76:69:f3:29:cc:90:31:aa:f9:9a:d2:58:a6:12:fc:94:06:
b0:09:f7:72:0d:14:45:8b:22:72:1e:1f:80:54:4d:cb:76:40:
6a:28:d4:b5:d3:f7:64:c1:4d:77:97:bd:25:fe:86:22:40:2f:
65:97:a0:80:4d:84:9b:63:04:59:4d:89:e0:11:1c:10:74:cb:
fa:9a:35:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaiuIiKvLdh9NtWORIlhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmEwNjZlZWIzY2RmZDAwODY2MGNhZjQxYmY2OGVjNjllNjEwZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHoWoie3uysqHvmsKWx1vW98pTcQ
zrUyxNyptjRuqU3UdwqtIBpSYAh7QdB2dqdkJzXkdxlbbCd1OxcbK3a6VHW89dlH
QSGULDSNwhcfbzXPRk8VL9f8GErqMfoRLXBMw6MeBUZcUpKyHa59weFrCdvFYKS5
A9a1OGjiBmS87/XCG2WX02p1gXAvgANfB/PaNRanYMKj5cfHYm4cWFg+Vawiw95v
rmm+ZrUlq+yYuHcneInzL9lHKqHEDaLZov3za8T6vZzMsj2cpOkqPy5eALdAIB0Q
xw7AASw9k87PjTIE4qhskPdbLfxJGu2LSOZH6FNClxnkwwD0g6DR0tkCcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKgZu6zzf0AhmDK9Bv2jsaeYQ9sMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvd3FCbTdyUE5fUUNHWU1yMEdfYU94cDVoRDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBcmsMA0G
CSqGSIb3DQEBCwUAA4IBAQBKk/w8YfHG2BrP5CLhb10IsqWQDdLvKGPHNJjMlP/J
JpJpWO1axOWmJqSI/DUqyQHtGS3dNI1NwbqdwOHuYciGHztIHXuX1PByQoUqSxpt
8gNUzdRdvhFKvHaLlYw/GnRM9X156jciNdxc1lxP7/SlPEKRWEgBiNgqYiQitfW/
wR/oa5cNDRGA1xGZDk7YLOpY4oF/f+U25xfMpgMIH2jxe4bCOxyYm7UmlHlCGJyl
cPgFkKAndmnzKcyQMar5mtJYphL8lAawCfdyDRRFiyJyHh+AVE3LdkBqKNS10/dk
wU13l70l/oYiQC9ll6CATYSbYwRZTYngERwQdMv6mjWd
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:03:10 2025 by rpki-client