Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/bExl4A_tLBAbX-OeFCCRrL9Dsyk.roa
File: bExl4A_tLBAbX-OeFCCRrL9Dsyk.roa (raw, json)
Hash identifier: MMmRyVv8bOvPQ4JoDHNxbF0lksG8UDkMZAPsWlNfgRM=
Subject key identifier: 6C:4C:65:E0:0F:ED:2C:10:1B:5F:E3:9E:14:20:91:AC:BF:43:B3:29
Certificate issuer: /CN=f0d59f121fc7efa0c10b7dd614d95a8756d53606
Certificate serial: 019426D9D487C8D8972BB1FF8BCC0F320751
Authority key identifier: F0:D5:9F:12:1F:C7:EF:A0:C1:0B:7D:D6:14:D9:5A:87:56:D5:36:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NWfEh_H76DBC33WFNlah1bVNgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/bExl4A_tLBAbX-OeFCCRrL9Dsyk.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21263
IP address blocks: 5.104.144.0/21 maxlen: 24
45.10.98.0/23 maxlen: 24
2a01:76c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d4:87:c8:d8:97:2b:b1:ff:8b:cc:0f:32:07:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d59f121fc7efa0c10b7dd614d95a8756d53606
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c4c65e00fed2c101b5fe39e142091acbf43b329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:59:db:92:a8:0f:df:52:20:6f:90:1a:1f:
20:bc:b4:b7:cf:a8:91:eb:db:ba:b6:63:cc:af:fc:
82:82:5e:94:8d:77:c0:a3:74:a0:d6:d7:d5:d7:43:
61:a0:89:5b:ff:ee:64:05:67:53:29:9b:47:6d:ce:
17:9e:ce:1e:32:8d:4c:7d:aa:b9:82:ff:af:f2:50:
83:4e:78:25:ed:31:9c:d9:da:f5:03:df:da:bf:15:
26:16:e9:4a:e8:8f:fa:4b:8f:b7:59:e2:bd:95:9b:
57:7b:36:7a:e2:bc:cc:0b:ef:61:e1:58:0b:0a:f7:
56:38:3f:85:fe:9d:90:14:27:97:38:67:85:4b:93:
e9:4a:f8:e3:19:3f:dc:2e:76:da:17:2a:e6:f9:3c:
c3:00:72:59:22:fa:a9:5f:27:7c:77:9c:4f:51:aa:
60:a5:57:35:4e:5a:b1:26:e2:7e:36:ef:6a:0c:8d:
b0:b2:e9:cd:60:53:cb:f6:e5:1b:3b:8f:1c:fd:40:
cd:be:ae:61:a9:91:1d:d6:ff:32:3f:53:a2:63:85:
da:ff:71:eb:bf:c5:3f:f0:10:dd:9c:a0:44:dd:f1:
05:1a:19:0e:21:33:67:5c:31:a4:4e:6d:d2:7e:50:
d6:9f:0c:5f:ae:93:c8:7a:6b:52:fc:8d:2a:23:20:
a0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4C:65:E0:0F:ED:2C:10:1B:5F:E3:9E:14:20:91:AC:BF:43:B3:29
X509v3 Authority Key Identifier:
keyid:F0:D5:9F:12:1F:C7:EF:A0:C1:0B:7D:D6:14:D9:5A:87:56:D5:36:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NWfEh_H76DBC33WFNlah1bVNgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/bExl4A_tLBAbX-OeFCCRrL9Dsyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/8NWfEh_H76DBC33WFNlah1bVNgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.144.0/21
45.10.98.0/23
IPv6:
2a01:76c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:92:df:87:ea:1e:6e:87:70:de:e1:4b:72:74:29:7e:05:f6:
75:7e:b4:73:ad:7f:db:3f:8a:4a:7d:da:40:33:e5:24:a9:d2:
88:43:d3:b3:43:f2:14:3b:ba:53:28:bc:3b:74:b5:2f:cc:b0:
0f:bb:c6:1e:9e:2c:fe:b7:02:ed:74:fd:6f:04:6b:d6:d3:4d:
cf:8b:dd:a7:f0:a9:c5:dd:37:d6:2e:54:62:a4:50:ee:6d:75:
fc:40:05:00:79:5c:bf:59:49:a7:74:4c:d3:90:f1:b8:59:a2:
0a:6f:84:b0:b8:24:bf:40:c2:99:6c:54:0e:17:1b:07:a6:b6:
4b:1c:9b:b9:ac:a1:dc:e8:83:c3:b7:7a:02:00:7a:13:b6:0f:
e8:05:d1:8a:e8:17:dc:69:61:71:e0:70:c1:18:6f:2e:09:d3:
ee:c7:c1:12:3b:6c:9a:3f:3b:8e:db:26:15:4a:15:51:d9:19:
d5:4f:cf:c9:2c:83:84:16:3c:25:77:14:18:f9:b8:59:fe:73:
b3:cb:e9:75:16:ca:47:55:43:e1:39:61:ad:8a:ad:2d:79:80:
e4:65:5b:a5:5f:90:1d:7a:a7:77:71:dc:54:8d:4b:91:67:21:
b8:d6:3a:df:18:1c:80:94:5f:04:fd:a5:de:62:f9:46:00:06:
f6:01:d7:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2dSHyNiXK7H/i8wPMgdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDU5ZjEyMWZjN2VmYTBjMTBiN2RkNjE0ZDk1YTg3NTZk
NTM2MDYwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRjNjVlMDBmZWQyYzEwMWI1ZmUzOWUxNDIwOTFhY2JmNDNiMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuxZ25KoD99SIG+QGh8gvLS3z6iR
69u6tmPMr/yCgl6UjXfAo3Sg1tfV10NhoIlb/+5kBWdTKZtHbc4Xns4eMo1Mfaq5
gv+v8lCDTngl7TGc2dr1A9/avxUmFulK6I/6S4+3WeK9lZtXezZ64rzMC+9h4VgL
CvdWOD+F/p2QFCeXOGeFS5PpSvjjGT/cLnbaFyrm+TzDAHJZIvqpXyd8d5xPUapg
pVc1TlqxJuJ+Nu9qDI2wsunNYFPL9uUbO48c/UDNvq5hqZEd1v8yP1OiY4Xa/3Hr
v8U/8BDdnKBE3fEFGhkOITNnXDGkTm3SflDWnwxfrpPIemtS/I0qIyCgrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGxMZeAP7SwQG1/jnhQgkay/Q7MpMB8GA1UdIwQY
MBaAFPDVnxIfx++gwQt91hTZWodW1TYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5XZkVoX0g3NkRCQzMzV0ZObGFoMWJWTmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lNjk4YzctMGIxZi00MTA2LWJhNjct
NmVlZmU1YjMzNWFhLzEvYkV4bDRBX3RMQkFiWC1PZUZDQ1JyTDlEc3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lNjk4YzctMGIxZi00MTA2LWJhNjctNmVlZmU1YjMzNWFh
LzEvOE5XZkVoX0g3NkRCQzMzV0ZObGFoMWJWTmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBWiQAwQB
LQpiMA0EAgACMAcDBQMqAXbAMA0GCSqGSIb3DQEBCwUAA4IBAQA8kt+H6h5uh3De
4UtydCl+BfZ1frRzrX/bP4pKfdpAM+UkqdKIQ9OzQ/IUO7pTKLw7dLUvzLAPu8Ye
niz+twLtdP1vBGvW003Pi92n8KnF3TfWLlRipFDubXX8QAUAeVy/WUmndEzTkPG4
WaIKb4SwuCS/QMKZbFQOFxsHprZLHJu5rKHc6IPDt3oCAHoTtg/oBdGK6BfcaWFx
4HDBGG8uCdPux8ESO2yaPzuO2yYVShVR2RnVT8/JLIOEFjwldxQY+bhZ/nOzy+l1
FspHVUPhOWGtiq0teYDkZVulX5Adeqd3cdxUjUuRZyG41jrfGByAlF8E/aXeYvlG
AAb2Addx
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:39:41 2025 by rpki-client