Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/rk256Cg9l5rJt7sM8fnBygCTgpY.roa
File: rk256Cg9l5rJt7sM8fnBygCTgpY.roa (raw, json)
Hash identifier: dc6UMaA0MRg49fkxNAVmrs1bI+zBVqYZqiSeZtJSxkQ=
Subject key identifier: AE:4D:B9:E8:28:3D:97:9A:C9:B7:BB:0C:F1:F9:C1:CA:00:93:82:96
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 0194AC3F2545E6AE94BE24A9D8C0D6215175
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/rk256Cg9l5rJt7sM8fnBygCTgpY.roa
Signing time: Tue 28 Jan 2025 09:30:06 +0000
ROA not before: Tue 28 Jan 2025 09:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202870
IP address blocks: 5.152.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:3f:25:45:e6:ae:94:be:24:a9:d8:c0:d6:21:51:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 28 09:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae4db9e8283d979ac9b7bb0cf1f9c1ca00938296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f3:71:15:93:d3:3e:42:a5:70:d7:d0:91:11:
ab:ca:47:24:b1:61:c9:f2:62:c0:41:55:35:d3:32:
c0:2b:54:c3:f0:1d:7e:f2:a3:6a:64:2c:32:39:f8:
0c:2c:7d:af:65:b0:cc:ee:33:26:49:be:dd:0f:66:
69:3b:ff:f8:18:b7:5b:0e:29:a0:3f:0f:bc:29:54:
57:d7:62:38:ff:fd:9c:25:08:e6:26:b3:0e:e7:ca:
ab:62:27:07:72:00:9f:d3:18:f5:ac:c9:97:37:2f:
28:17:99:78:aa:cb:4c:bb:36:18:50:bb:d9:92:fe:
aa:b3:63:a2:9d:49:fd:cc:01:bd:33:b9:38:71:5b:
bd:8a:f8:21:1b:da:a5:89:90:54:17:3e:31:0b:d2:
cd:d3:39:a9:3c:55:ed:ee:89:09:c1:0b:7d:5c:98:
29:0d:39:ec:cf:9e:f7:d2:ae:01:b9:11:92:3d:0e:
85:27:70:a6:df:f2:50:90:60:72:0d:24:1c:46:6c:
f9:b2:3a:ae:6e:31:80:e7:a5:e0:4d:d9:11:1c:80:
a3:e8:d0:64:a9:91:6c:50:fd:09:22:9d:85:2e:3e:
2e:87:cd:59:f7:82:65:d3:2f:92:c5:34:7f:63:6d:
ea:a2:3b:42:c7:59:f9:15:c0:84:62:2f:17:d0:c0:
ba:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4D:B9:E8:28:3D:97:9A:C9:B7:BB:0C:F1:F9:C1:CA:00:93:82:96
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/rk256Cg9l5rJt7sM8fnBygCTgpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.128.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:93:da:b5:ea:63:47:4d:ac:11:4d:41:88:5d:49:a7:0f:43:
7c:2c:f3:10:14:f8:e2:bf:f6:29:8d:33:30:ce:d0:a9:be:56:
52:23:57:7d:a2:ad:94:96:43:22:6b:71:08:0a:79:86:30:6d:
f8:d3:03:21:04:a0:08:69:d4:2c:cf:e4:d7:88:ed:56:79:e1:
3f:49:99:59:7e:27:f6:80:51:21:1f:08:e7:1f:58:63:9c:98:
15:b7:f7:c5:5b:3e:f9:74:80:a2:0c:34:a4:97:47:4d:be:5b:
ad:c4:1c:ac:cd:18:76:a9:16:59:a4:f0:f9:ed:a8:10:96:36:
38:e2:6a:cc:1f:a3:02:59:d4:c4:b4:b2:6a:32:9e:d9:e2:cf:
00:07:92:91:c8:73:dc:b9:f3:bd:e6:2b:4f:bb:72:8b:ae:72:
21:bf:55:dc:22:37:d6:29:59:0d:4e:ae:16:13:d1:f1:07:d5:
6c:40:47:99:c6:e8:1a:11:a5:15:2a:de:c2:06:10:5c:78:40:
44:46:45:39:b8:26:9a:46:f3:24:ec:e7:15:d1:5b:f2:79:07:
a8:5c:24:11:42:f5:51:76:cf:14:a8:35:d8:72:d6:ac:f3:d5:
bc:f9:9a:f7:52:ed:61:1a:30:aa:b9:a3:84:63:3e:a1:d1:1f:
3a:ce:23:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSsPyVF5q6UviSp2MDWIVF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjUwMTI4MDkzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTRkYjllODI4M2Q5NzlhYzliN2JiMGNmMWY5YzFjYTAwOTM4Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/NxFZPTPkKlcNfQkRGrykcksWHJ
8mLAQVU10zLAK1TD8B1+8qNqZCwyOfgMLH2vZbDM7jMmSb7dD2ZpO//4GLdbDimg
Pw+8KVRX12I4//2cJQjmJrMO58qrYicHcgCf0xj1rMmXNy8oF5l4qstMuzYYULvZ
kv6qs2OinUn9zAG9M7k4cVu9ivghG9qliZBUFz4xC9LN0zmpPFXt7okJwQt9XJgp
DTnsz5730q4BuRGSPQ6FJ3Cm3/JQkGByDSQcRmz5sjqubjGA56XgTdkRHICj6NBk
qZFsUP0JIp2FLj4uh81Z94Jl0y+SxTR/Y23qojtCx1n5FcCEYi8X0MC6kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5NuegoPZeaybe7DPH5wcoAk4KWMB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvcmsyNTZDZzlsNXJKdDdzTThmbkJ5Z0NUZ3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBZiAMA0G
CSqGSIb3DQEBCwUAA4IBAQBsk9q16mNHTawRTUGIXUmnD0N8LPMQFPjiv/YpjTMw
ztCpvlZSI1d9oq2UlkMia3EICnmGMG340wMhBKAIadQsz+TXiO1WeeE/SZlZfif2
gFEhHwjnH1hjnJgVt/fFWz75dICiDDSkl0dNvlutxByszRh2qRZZpPD57agQljY4
4mrMH6MCWdTEtLJqMp7Z4s8AB5KRyHPcufO95itPu3KLrnIhv1XcIjfWKVkNTq4W
E9HxB9VsQEeZxugaEaUVKt7CBhBceEBERkU5uCaaRvMk7OcV0VvyeQeoXCQRQvVR
ds8UqDXYctas89W8+Zr3Uu1hGjCquaOEYz6h0R86ziOY
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:16 2025 by rpki-client