Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/nkN8ltJzBELoYpBm0phb1xL0AEc.roa
File: nkN8ltJzBELoYpBm0phb1xL0AEc.roa (raw, json)
Hash identifier: UJR4wQ0MJo3ttmH5k9UEjPDRknm3NvKoTS2VXDv1/GA=
Subject key identifier: 9E:43:7C:96:D2:73:04:42:E8:62:90:66:D2:98:5B:D7:12:F4:00:47
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0194228D1A617690B77C712E8D2EB233F045
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/nkN8ltJzBELoYpBm0phb1xL0AEc.roa
Signing time: Wed 01 Jan 2025 15:47:40 +0000
ROA not before: Wed 01 Jan 2025 15:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209595
IP address blocks: 5.153.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1a:61:76:90:b7:7c:71:2e:8d:2e:b2:33:f0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 15:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e437c96d2730442e8629066d2985bd712f40047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:df:64:44:ee:39:45:df:23:46:5b:e9:53:
dd:c3:c6:41:27:c4:ce:95:cd:32:52:f6:0f:85:76:
82:60:50:ef:e5:19:ff:5f:23:0f:d2:de:e3:f2:96:
4a:48:ba:4e:83:cf:c8:a4:97:40:49:06:f7:50:f4:
9e:7d:9a:31:94:a2:9e:fa:7c:03:fa:ca:16:a5:e1:
5d:3d:74:d2:4f:65:d4:7c:a1:12:5c:4a:3d:79:24:
20:48:3c:35:15:ca:1c:20:c9:d8:9a:63:4d:8a:9c:
5d:5b:5c:69:fe:9a:46:f0:bd:9a:e0:73:04:af:36:
1c:aa:14:c5:a3:41:56:61:0a:ed:9b:58:28:00:a8:
35:8a:60:f2:c1:3a:97:d9:f8:f9:57:2d:24:2e:dc:
10:f0:65:7b:c7:dd:7f:c4:d4:20:06:31:8f:ed:a8:
1f:e8:94:31:26:3a:de:a0:90:93:0b:5b:14:fe:9d:
10:d3:1c:d3:2a:75:18:5f:9c:2b:06:c1:4b:54:17:
85:07:fe:44:44:4e:62:1e:97:8e:f2:aa:07:ed:27:
67:c0:04:82:c6:9f:0b:5e:96:ae:f4:fa:50:1e:9d:
62:aa:d0:4c:bf:2d:0e:4b:37:51:32:79:9d:6b:0f:
1b:cc:07:a6:c1:16:ea:50:2a:2a:c8:19:9b:aa:93:
a2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:43:7C:96:D2:73:04:42:E8:62:90:66:D2:98:5B:D7:12:F4:00:47
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/nkN8ltJzBELoYpBm0phb1xL0AEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.172.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d2:b0:38:8a:11:6d:a3:4c:8e:5b:cf:ee:96:ee:76:fa:40:
c1:f2:d4:a3:7f:50:b1:3c:a0:de:fc:13:a4:1e:f8:79:77:dc:
f6:03:b0:4e:e4:10:e0:4e:74:95:0e:6e:90:89:20:c8:69:11:
6a:28:51:6f:4a:0e:cc:0f:e2:99:60:e1:cf:3b:55:c2:96:e1:
ab:41:8d:1a:62:41:e5:aa:85:58:83:86:4c:2b:a3:57:4f:9f:
55:3a:e5:17:b7:d1:4d:a1:32:40:30:ba:5b:f1:dc:a9:b4:92:
14:d0:7c:c2:51:c0:46:a3:4e:86:2d:71:df:6d:98:1a:89:50:
cd:06:41:d5:c3:ef:7d:09:9c:49:10:85:5f:59:b8:01:a1:ed:
9b:bf:18:76:e9:c1:fa:f9:30:40:1e:12:00:0c:6d:9e:5f:27:
8e:cc:2f:51:bc:cd:38:e2:1b:93:3f:6c:9a:7c:f8:23:fd:91:
6c:67:92:c5:0f:ee:3f:f0:27:50:7f:2b:2e:aa:49:4a:d2:9f:
69:72:23:a4:09:3a:60:43:3c:d5:19:70:bd:7f:7d:2d:fe:c6:
00:2e:67:c1:6d:ef:55:bd:d7:9f:32:3a:4f:a7:43:3c:0c:0d:
a8:4b:37:ab:01:bf:9d:5b:89:27:7e:13:11:4e:fe:aa:0b:32:
f6:00:6e:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijRphdpC3fHEujS6yM/BFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTAxMTU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQzN2M5NmQyNzMwNDQyZTg2MjkwNjZkMjk4NWJkNzEyZjQwMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZbfZETuOUXfI0Zb6VPdw8ZBJ8TO
lc0yUvYPhXaCYFDv5Rn/XyMP0t7j8pZKSLpOg8/IpJdASQb3UPSefZoxlKKe+nwD
+soWpeFdPXTST2XUfKESXEo9eSQgSDw1FcocIMnYmmNNipxdW1xp/ppG8L2a4HME
rzYcqhTFo0FWYQrtm1goAKg1imDywTqX2fj5Vy0kLtwQ8GV7x91/xNQgBjGP7agf
6JQxJjreoJCTC1sU/p0Q0xzTKnUYX5wrBsFLVBeFB/5ERE5iHpeO8qoH7SdnwASC
xp8LXpau9PpQHp1iqtBMvy0OSzdRMnmdaw8bzAemwRbqUCoqyBmbqpOiEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5DfJbScwRC6GKQZtKYW9cS9ABHMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvbmtOOGx0SnpCRUxvWXBCbTBwaGIxeEwwQUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZmsMA0G
CSqGSIb3DQEBCwUAA4IBAQAR0rA4ihFto0yOW8/ulu52+kDB8tSjf1CxPKDe/BOk
Hvh5d9z2A7BO5BDgTnSVDm6QiSDIaRFqKFFvSg7MD+KZYOHPO1XCluGrQY0aYkHl
qoVYg4ZMK6NXT59VOuUXt9FNoTJAMLpb8dyptJIU0HzCUcBGo06GLXHfbZgaiVDN
BkHVw+99CZxJEIVfWbgBoe2bvxh26cH6+TBAHhIADG2eXyeOzC9RvM044huTP2ya
fPgj/ZFsZ5LFD+4/8CdQfysuqklK0p9pciOkCTpgQzzVGXC9f30t/sYALmfBbe9V
vdefMjpPp0M8DA2oSzerAb+dW4knfhMRTv6qCzL2AG6H
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:36:52 2025 by rpki-client