Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/PrcLqHgKnfIRGf3YM80gSjoYr6I.roa
File: PrcLqHgKnfIRGf3YM80gSjoYr6I.roa (raw, json)
Hash identifier: ZkwH8oTWm6e+gIX3jU/BvkpmjX7EH4UuYT++yIKL1DQ=
Subject key identifier: 3E:B7:0B:A8:78:0A:9D:F2:11:19:FD:D8:33:CD:20:4A:3A:18:AF:A2
Certificate issuer: /CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Certificate serial: 01942220386FE92775A1E21E6F4CAE6B0D53
Authority key identifier: F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/PrcLqHgKnfIRGf3YM80gSjoYr6I.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208653
IP address blocks: 5.183.136.0/22 maxlen: 22
2a0e:dc00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:38:6f:e9:27:75:a1:e2:1e:6f:4c:ae:6b:0d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d6ddee34c5bb8ec0eb919ce2656bf0cd855d54
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3eb70ba8780a9df21119fdd833cd204a3a18afa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:3b:9f:58:dd:cf:dc:c3:dc:14:11:63:f4:
eb:da:9d:ff:c4:76:10:1a:8f:e4:38:af:2b:a0:72:
3a:a1:b6:0e:e9:b5:bc:01:0c:d1:65:9f:30:8f:73:
b5:b7:5b:7e:30:75:22:9b:5f:dc:fe:31:bf:8b:15:
c0:0e:ee:c3:98:81:db:66:d2:15:fa:36:ea:3d:1d:
06:35:af:dd:6c:d2:65:62:cb:1e:5e:24:e8:d1:1f:
63:4f:3b:40:6a:43:c8:c9:27:ff:89:56:20:ac:5c:
95:a2:ff:05:30:01:f5:72:61:d0:a1:d4:72:8b:42:
01:24:8b:f1:4a:3d:13:1a:81:e3:22:b3:fa:7d:45:
cd:a2:99:77:f5:63:92:d9:c8:0a:93:40:51:47:d1:
39:f0:97:f4:7e:bd:6f:b6:41:48:3d:c0:ab:90:c9:
5c:0f:2c:b6:70:fc:2b:25:a9:be:da:6b:3d:17:63:
3f:4b:ee:14:37:be:2c:7d:a2:40:33:60:c2:d6:53:
22:5a:a6:fe:2e:a0:23:22:26:22:39:08:91:aa:90:
26:49:62:03:a3:57:13:c8:30:ac:fc:4d:67:8b:07:
dd:0f:4b:79:47:cc:e1:e7:9d:6d:37:0c:65:69:5e:
64:f3:21:20:66:80:32:ea:14:a5:40:4b:3b:60:95:
cb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B7:0B:A8:78:0A:9D:F2:11:19:FD:D8:33:CD:20:4A:3A:18:AF:A2
X509v3 Authority Key Identifier:
keyid:F8:D6:DD:EE:34:C5:BB:8E:C0:EB:91:9C:E2:65:6B:F0:CD:85:5D:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/PrcLqHgKnfIRGf3YM80gSjoYr6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/783da5-6572-413d-9d6b-094d0db1ad2c/1/1-Nbd7jTFu47A65Gc4mVr8M2FXVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.136.0/22
IPv6:
2a0e:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
9a:f0:a4:31:40:38:75:7c:cc:88:bb:2c:5c:66:fe:05:31:3f:
13:24:27:fa:7b:a4:a2:2a:cc:8b:05:63:19:e2:75:fd:b2:de:
58:c6:90:f6:b8:c2:35:61:09:91:fa:a9:84:0a:5e:81:ff:a0:
23:22:19:9d:0b:58:3b:06:1f:d7:84:10:e0:ab:91:90:0e:f7:
99:4e:86:f2:c4:8d:d0:7b:da:53:db:60:be:2e:61:ce:64:7d:
fa:5b:d1:54:6b:d0:85:fd:09:3a:15:64:44:1c:45:bb:a7:65:
b9:c2:04:ea:a8:ca:26:0d:44:2e:bd:6e:60:7d:70:91:46:4b:
9b:d7:b6:c8:03:6d:16:29:eb:61:a9:25:f3:2f:de:d7:0d:8c:
25:c9:d8:88:c1:7b:f8:e1:5e:05:09:29:ab:3d:2f:6a:62:d7:
fe:4f:03:69:6d:4c:cc:23:9e:ce:1b:f3:78:ee:e7:40:eb:b9:
59:af:c1:d4:ef:8c:3f:63:ee:81:99:b8:48:9d:79:26:d6:dc:
38:49:6a:72:11:0a:6b:65:ea:50:a3:f0:44:5b:27:b2:55:96:
d7:f4:4c:ca:62:76:d1:8e:f1:d3:3e:1b:7a:12:15:1d:02:85:
e0:c8:95:d2:18:6e:36:15:df:24:1a:9e:55:80:04:1f:81:cd:
1d:ef:b4:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiIDhv6Sd1oeIeb0yuaw1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDZkZGVlMzRjNWJiOGVjMGViOTE5Y2UyNjU2YmYwY2Q4
NTVkNTQwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI3MGJhODc4MGE5ZGYyMTExOWZkZDgzM2NkMjA0YTNhMThhZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Y7n1jdz9zD3BQRY/Tr2p3/xHYQ
Go/kOK8roHI6obYO6bW8AQzRZZ8wj3O1t1t+MHUim1/c/jG/ixXADu7DmIHbZtIV
+jbqPR0GNa/dbNJlYsseXiTo0R9jTztAakPIySf/iVYgrFyVov8FMAH1cmHQodRy
i0IBJIvxSj0TGoHjIrP6fUXNopl39WOS2cgKk0BRR9E58Jf0fr1vtkFIPcCrkMlc
Dyy2cPwrJam+2ms9F2M/S+4UN74sfaJAM2DC1lMiWqb+LqAjIiYiOQiRqpAmSWID
o1cTyDCs/E1niwfdD0t5R8zh551tNwxlaV5k8yEgZoAy6hSlQEs7YJXLpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD63C6h4Cp3yERn92DPNIEo6GK+iMB8GA1UdIwQY
MBaAFPjW3e40xbuOwOuRnOJla/DNhV1UMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OYmQ3alRGdTQ3QTY1R2M0bVZyOE0yRlhWUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZi
LTA5NGQwZGIxYWQyYy8xL1ByY0xxSGdLbmZJUkdmM1lNODBnU2pvWXI2SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTYvNzgzZGE1LTY1NzItNDEzZC05ZDZiLTA5NGQwZGIxYWQy
Yy8xLzEtTmJkN2pURnU0N0E2NUdjNG1WcjhNMkZYVlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIFt4gw
DQQCAAIwBwMFACoO3AAwDQYJKoZIhvcNAQELBQADggEBAJrwpDFAOHV8zIi7LFxm
/gUxPxMkJ/p7pKIqzIsFYxnidf2y3ljGkPa4wjVhCZH6qYQKXoH/oCMiGZ0LWDsG
H9eEEOCrkZAO95lOhvLEjdB72lPbYL4uYc5kffpb0VRr0IX9CToVZEQcRbunZbnC
BOqoyiYNRC69bmB9cJFGS5vXtsgDbRYp62GpJfMv3tcNjCXJ2IjBe/jhXgUJKas9
L2pi1/5PA2ltTMwjns4b83ju50DruVmvwdTvjD9j7oGZuEideSbW3DhJanIRCmtl
6lCj8ERbJ7JVltf0TMpidtGO8dM+G3oSFR0CheDIldIYbjYV3yQanlWABB+BzR3v
tDg=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:05:02 2025 by rpki-client