Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/mx5KYeLzr9lyOwTUvCRgpGpeZ4E.roa
File: mx5KYeLzr9lyOwTUvCRgpGpeZ4E.roa (raw, json)
Hash identifier: lpv0D5SfwmuFWskD1jXdGqPckfHmRNfDU4m+hRisO84=
Subject key identifier: 9B:1E:4A:61:E2:F3:AF:D9:72:3B:04:D4:BC:24:60:A4:6A:5E:67:81
Certificate issuer: /CN=eeadaa6339103bdb5566d83271d3c47c005c250d
Certificate serial: 01942827DEA62619973715ACBB6FEBB706C4
Authority key identifier: EE:AD:AA:63:39:10:3B:DB:55:66:D8:32:71:D3:C4:7C:00:5C:25:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7q2qYzkQO9tVZtgycdPEfABcJQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/mx5KYeLzr9lyOwTUvCRgpGpeZ4E.roa
Signing time: Thu 02 Jan 2025 17:54:48 +0000
ROA not before: Thu 02 Jan 2025 17:54:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61404
IP address blocks: 185.128.88.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:de:a6:26:19:97:37:15:ac:bb:6f:eb:b7:06:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeadaa6339103bdb5566d83271d3c47c005c250d
Validity
Not Before: Jan 2 17:54:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b1e4a61e2f3afd9723b04d4bc2460a46a5e6781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ec:18:be:57:60:b8:7a:b7:3e:5c:12:28:26:
5c:e8:dd:74:dc:dd:57:e2:82:0b:c1:f6:02:eb:66:
9f:07:fa:b1:dc:0e:b6:b8:1f:9f:b7:e1:b3:84:5a:
74:c9:3f:91:a2:be:9a:31:02:85:87:dc:9b:43:92:
43:6c:c0:f0:86:7c:e4:2d:f8:9f:20:b3:12:72:f0:
93:60:b8:c4:e2:dc:2f:d1:3e:22:c7:a6:48:df:dd:
d0:47:80:a9:58:b0:df:c1:0b:a5:54:c9:22:01:6c:
59:0a:80:10:f6:f2:19:cb:bf:8d:33:59:8e:b3:2b:
9e:46:92:71:e9:37:7c:54:4a:85:eb:ac:42:b0:40:
ee:59:79:c9:f7:41:f3:9f:b9:89:12:e2:d3:5f:82:
c5:8c:cc:91:89:a9:fd:7d:6d:f0:14:9d:9c:72:10:
d3:97:3d:76:95:4f:5b:ff:ce:1b:19:97:dd:30:45:
62:f9:d7:9c:ae:e5:dc:89:cf:85:0a:1d:de:7f:74:
48:6c:51:89:5e:6b:4e:71:5a:18:b1:f5:42:f2:c5:
c2:d4:cd:1b:af:4c:be:7f:dc:95:a2:b0:5a:57:4e:
f9:93:c6:45:70:35:7a:8e:b9:bd:21:e7:5a:e9:49:
15:ee:c8:1c:ec:79:a1:f3:3a:10:40:25:dc:c6:7a:
e3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1E:4A:61:E2:F3:AF:D9:72:3B:04:D4:BC:24:60:A4:6A:5E:67:81
X509v3 Authority Key Identifier:
keyid:EE:AD:AA:63:39:10:3B:DB:55:66:D8:32:71:D3:C4:7C:00:5C:25:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7q2qYzkQO9tVZtgycdPEfABcJQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/mx5KYeLzr9lyOwTUvCRgpGpeZ4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/7q2qYzkQO9tVZtgycdPEfABcJQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:74:d0:ca:91:76:fa:fd:cf:05:05:59:d7:42:e3:a8:e4:72:
73:fe:a9:e3:a1:53:ef:bf:d2:2b:57:d0:ce:2b:5b:0d:3b:24:
31:12:e1:57:ad:bd:f3:c0:a9:04:8d:d1:55:45:aa:c6:89:ee:
99:04:d7:c2:a8:5f:8c:f4:c2:2f:28:f1:e6:a1:f7:5a:1d:61:
f1:03:d7:9d:aa:16:90:7c:6b:cb:ad:09:84:a5:9f:64:d1:90:
48:be:5e:a8:94:6c:29:a3:77:15:d7:09:30:f1:7d:69:6e:1f:
49:65:69:0f:43:ad:c2:12:7d:8c:d3:0e:11:50:2c:89:d1:8e:
da:66:24:81:54:3a:1c:4c:f5:31:3d:bf:f1:89:d3:6f:fb:50:
25:2b:a8:d5:79:64:63:19:7f:2c:28:36:3f:b1:78:91:06:02:
f5:1c:36:77:16:35:4a:23:20:f0:40:f4:b5:ab:19:8d:a6:e9:
85:e6:fc:1d:2c:d5:ef:0f:62:b7:02:b8:2a:24:8b:f1:66:ff:
cd:1b:32:4b:fc:cc:90:ea:d4:47:95:18:9f:94:ce:a0:d9:4a:
0c:25:a3:6d:ba:40:a0:7c:40:d3:75:1b:b9:6d:23:5f:75:9c:
7b:9c:d0:52:5e:a8:93:21:46:f4:33:4f:6f:57:6b:ad:b8:d7:
0e:8c:ce:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ96mJhmXNxWsu2/rtwbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYWRhYTYzMzkxMDNiZGI1NTY2ZDgzMjcxZDNjNDdjMDA1
YzI1MGQwHhcNMjUwMTAyMTc1NDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFlNGE2MWUyZjNhZmQ5NzIzYjA0ZDRiYzI0NjBhNDZhNWU2NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApewYvldguHq3PlwSKCZc6N103N1X
4oILwfYC62afB/qx3A62uB+ft+GzhFp0yT+Ror6aMQKFh9ybQ5JDbMDwhnzkLfif
ILMScvCTYLjE4twv0T4ix6ZI393QR4CpWLDfwQulVMkiAWxZCoAQ9vIZy7+NM1mO
syueRpJx6Td8VEqF66xCsEDuWXnJ90Hzn7mJEuLTX4LFjMyRian9fW3wFJ2cchDT
lz12lU9b/84bGZfdMEVi+decruXcic+FCh3ef3RIbFGJXmtOcVoYsfVC8sXC1M0b
r0y+f9yVorBaV075k8ZFcDV6jrm9Ieda6UkV7sgc7Hmh8zoQQCXcxnrjZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJseSmHi86/ZcjsE1LwkYKRqXmeBMB8GA1UdIwQY
MBaAFO6tqmM5EDvbVWbYMnHTxHwAXCUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3EycVl6a1FPOXRWWnRneWNkUEVmQUJjSlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mNTAwZTEtMjQxMi00MmU1LWE4YTMt
MjE0MmMwYzQzODVmLzEvbXg1S1llTHpyOWx5T3dUVXZDUmdwR3BlWjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mNTAwZTEtMjQxMi00MmU1LWE4YTMtMjE0MmMwYzQzODVm
LzEvN3EycVl6a1FPOXRWWnRneWNkUEVmQUJjSlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBYMA0G
CSqGSIb3DQEBCwUAA4IBAQBcdNDKkXb6/c8FBVnXQuOo5HJz/qnjoVPvv9IrV9DO
K1sNOyQxEuFXrb3zwKkEjdFVRarGie6ZBNfCqF+M9MIvKPHmofdaHWHxA9edqhaQ
fGvLrQmEpZ9k0ZBIvl6olGwpo3cV1wkw8X1pbh9JZWkPQ63CEn2M0w4RUCyJ0Y7a
ZiSBVDocTPUxPb/xidNv+1AlK6jVeWRjGX8sKDY/sXiRBgL1HDZ3FjVKIyDwQPS1
qxmNpumF5vwdLNXvD2K3ArgqJIvxZv/NGzJL/MyQ6tRHlRiflM6g2UoMJaNtukCg
fEDTdRu5bSNfdZx7nNBSXqiTIUb0M09vV2utuNcOjM4z
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:30:04 2025 by rpki-client