Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/EbIlCXFeHVJdJDiBe1_-AsTFB18.roa
File: EbIlCXFeHVJdJDiBe1_-AsTFB18.roa (raw, json)
Hash identifier: 2FHtC0L9Giu4y8iFdM0OxT4cAr5gm92GXDAy0Ue2BKQ=
Subject key identifier: 11:B2:25:09:71:5E:1D:52:5D:24:38:81:7B:5F:FE:02:C4:C5:07:5F
Certificate issuer: /CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Certificate serial: 0194236A15DB24AE16080A3771149F7CAEBD
Authority key identifier: 4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/EbIlCXFeHVJdJDiBe1_-AsTFB18.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41023
IP address blocks: 5.102.64.0/23 maxlen: 23
5.102.66.0/23 maxlen: 23
5.102.68.0/22 maxlen: 22
5.102.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:15:db:24:ae:16:08:0a:37:71:14:9f:7c:ae:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed682965b5a15ea0c45ea85ef3db4be71679696
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11b22509715e1d525d2438817b5ffe02c4c5075f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:13:dd:58:5c:aa:e4:e6:51:41:03:82:40:ad:
15:bf:72:b6:63:76:66:ed:76:82:bc:34:7b:bb:2d:
e6:5f:f8:b6:92:7b:61:c3:37:0d:ce:51:5d:e8:c4:
65:a5:18:ce:2f:c4:82:09:08:d8:af:0e:0c:64:9b:
06:f8:6a:47:8f:7d:57:ff:a6:b4:11:3f:a5:8c:70:
2f:1c:1f:dd:be:59:28:40:e1:94:75:f3:4a:72:ce:
c0:cc:26:f4:52:be:f4:15:30:a6:08:96:01:f7:90:
81:5c:79:26:fa:63:29:81:20:98:59:7f:4b:c3:d6:
30:3e:95:ad:1a:63:49:0e:88:fb:d3:b7:92:62:96:
8e:57:99:dd:44:4d:bd:01:4c:96:bb:53:56:8d:a3:
5d:43:14:fc:70:8e:1d:39:2d:bb:fd:e9:17:6d:2a:
de:c3:57:b2:a6:19:b8:77:de:79:25:3a:28:05:f3:
20:f3:45:2a:19:67:2a:37:30:49:3f:8a:96:9e:13:
c4:0e:c6:af:60:21:57:dd:a7:64:ce:c2:37:d5:98:
87:58:da:83:37:10:41:c1:3b:61:0f:5c:d9:d2:ec:
16:15:bd:3e:84:e2:fd:70:15:b7:e9:98:e7:11:67:
b6:aa:89:43:9f:76:c8:3f:90:5b:1d:bc:e9:10:03:
dd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B2:25:09:71:5E:1D:52:5D:24:38:81:7B:5F:FE:02:C4:C5:07:5F
X509v3 Authority Key Identifier:
keyid:4E:D6:82:96:5B:5A:15:EA:0C:45:EA:85:EF:3D:B4:BE:71:67:96:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtaClltaFeoMReqF7z20vnFnlpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/EbIlCXFeHVJdJDiBe1_-AsTFB18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3e401b-64c1-41aa-98df-133e7e6f6069/1/TtaClltaFeoMReqF7z20vnFnlpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.64.0/21
Signature Algorithm: sha256WithRSAEncryption
37:de:19:33:35:fb:17:f2:73:40:9c:a6:40:a0:b6:63:3b:2f:
9a:28:9c:8a:9d:f1:ea:fb:16:ad:1f:f5:b7:79:45:dc:d4:02:
bb:f4:02:3f:c0:7d:62:32:26:9d:b5:68:f2:e0:da:59:02:43:
60:5c:4b:75:a6:76:e7:cc:25:96:96:dd:2c:85:dd:26:e2:01:
99:0d:00:0c:ab:4b:00:6e:b1:b7:27:cf:1b:05:33:63:c8:ab:
d2:47:f2:9f:2f:b5:ac:0f:ef:8d:1c:51:4a:c2:f8:20:75:a0:
6a:e1:d0:7d:d2:f5:e9:08:e1:fd:28:e2:ad:ac:6f:e1:64:ec:
7f:f9:c6:51:90:31:99:94:62:23:91:ea:ab:43:c8:5e:3d:db:
90:67:62:04:52:f1:97:15:0d:be:5b:1e:cf:9e:08:66:f7:bf:
21:3b:f5:a9:29:36:04:8d:cd:ae:fc:e2:ce:c8:45:6c:db:2f:
f7:b5:79:9d:80:21:34:65:dc:98:60:fc:f6:3a:42:e1:49:88:
e9:93:55:6c:26:79:ef:ad:72:93:d3:51:60:cc:11:c3:d6:dd:
e1:a4:f3:b8:e3:39:05:48:ce:8b:1d:ba:74:e6:83:3b:5a:dc:
8c:73:b2:b7:83:19:62:ed:5f:1b:63:ed:c1:8a:fd:a4:64:c3:
c0:35:19:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahXbJK4WCAo3cRSffK69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDY4Mjk2NWI1YTE1ZWEwYzQ1ZWE4NWVmM2RiNGJlNzE2
Nzk2OTYwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWIyMjUwOTcxNWUxZDUyNWQyNDM4ODE3YjVmZmUwMmM0YzUwNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xPdWFyq5OZRQQOCQK0Vv3K2Y3Zm
7XaCvDR7uy3mX/i2knthwzcNzlFd6MRlpRjOL8SCCQjYrw4MZJsG+GpHj31X/6a0
ET+ljHAvHB/dvlkoQOGUdfNKcs7AzCb0Ur70FTCmCJYB95CBXHkm+mMpgSCYWX9L
w9YwPpWtGmNJDoj707eSYpaOV5ndRE29AUyWu1NWjaNdQxT8cI4dOS27/ekXbSre
w1eyphm4d955JTooBfMg80UqGWcqNzBJP4qWnhPEDsavYCFX3adkzsI31ZiHWNqD
NxBBwTthD1zZ0uwWFb0+hOL9cBW36ZjnEWe2qolDn3bIP5BbHbzpEAPdvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBGyJQlxXh1SXSQ4gXtf/gLExQdfMB8GA1UdIwQY
MBaAFE7WgpZbWhXqDEXqhe89tL5xZ5aWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYt
MTMzZTdlNmY2MDY5LzEvRWJJbENYRmVIVkpkSkRpQmUxXy1Bc1RGQjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zZTQwMWItNjRjMS00MWFhLTk4ZGYtMTMzZTdlNmY2MDY5
LzEvVHRhQ2xsdGFGZW9NUmVxRjd6MjB2bkZubHBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBWZAMA0G
CSqGSIb3DQEBCwUAA4IBAQA33hkzNfsX8nNAnKZAoLZjOy+aKJyKnfHq+xatH/W3
eUXc1AK79AI/wH1iMiadtWjy4NpZAkNgXEt1pnbnzCWWlt0shd0m4gGZDQAMq0sA
brG3J88bBTNjyKvSR/KfL7WsD++NHFFKwvggdaBq4dB90vXpCOH9KOKtrG/hZOx/
+cZRkDGZlGIjkeqrQ8hePduQZ2IEUvGXFQ2+Wx7Pnghm978hO/WpKTYEjc2u/OLO
yEVs2y/3tXmdgCE0ZdyYYPz2OkLhSYjpk1VsJnnvrXKT01FgzBHD1t3hpPO44zkF
SM6LHbp05oM7WtyMc7K3gxli7V8bY+3Biv2kZMPANRkh
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:41:25 2025 by rpki-client