Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/g-5hPmoz7dP3nMeNf-8zyzCBLS0.roa
File: g-5hPmoz7dP3nMeNf-8zyzCBLS0.roa (raw, json)
Hash identifier: 3ADI/JnmU2jWCSq5Oyp3ZfW9QGg96OokVA1qdrppkBI=
Subject key identifier: 83:EE:61:3E:6A:33:ED:D3:F7:9C:C7:8D:7F:EF:33:CB:30:81:2D:2D
Certificate issuer: /CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Certificate serial: 01942745CB38A69A1B448AD4734F8D8ED379
Authority key identifier: 53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/g-5hPmoz7dP3nMeNf-8zyzCBLS0.roa
Signing time: Thu 02 Jan 2025 13:47:52 +0000
ROA not before: Thu 02 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58051
IP address blocks: 185.221.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:cb:38:a6:9a:1b:44:8a:d4:73:4f:8d:8e:d3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Validity
Not Before: Jan 2 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83ee613e6a33edd3f79cc78d7fef33cb30812d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:79:00:fe:4c:e8:cf:85:34:e6:ed:6d:b9:
c7:d3:e0:e6:2f:73:a2:ff:36:5f:13:15:b8:70:0a:
85:1a:82:2b:d4:c9:89:e1:d1:b8:12:00:fd:21:f9:
fb:e3:66:c7:1d:24:89:be:d0:3a:db:96:ae:6a:33:
f2:89:cc:0b:1c:05:11:42:f4:68:bf:2d:b7:34:55:
64:7e:a0:75:62:56:6e:5d:d7:64:28:48:fd:23:f0:
be:c5:2e:27:5a:45:84:a7:bf:cd:50:04:a8:b6:d3:
89:8f:6a:5b:3d:6a:f9:ae:b4:e4:5f:c0:50:89:18:
d2:39:3e:d7:46:20:ad:e3:ef:ce:7e:67:1c:d3:61:
0f:1a:58:c9:45:2a:7d:cc:ac:5b:27:31:15:19:88:
a8:0b:db:c0:65:a1:0a:02:7c:29:b2:fe:65:ae:eb:
2c:61:81:c1:77:6b:3c:3d:dd:7e:dc:de:a2:6c:c5:
bd:6b:3f:60:e3:fa:bf:e9:51:eb:57:82:10:b1:e1:
44:bd:40:18:65:54:39:f0:5c:2c:c3:18:e3:1e:c5:
9c:5b:d2:29:34:60:f1:d6:24:1d:b3:f0:82:48:a1:
35:c3:93:25:90:bf:ed:2e:e6:9b:49:81:c9:a0:d7:
5e:8d:b3:cd:f8:2e:87:64:11:d2:95:41:d3:44:6d:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EE:61:3E:6A:33:ED:D3:F7:9C:C7:8D:7F:EF:33:CB:30:81:2D:2D
X509v3 Authority Key Identifier:
keyid:53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/g-5hPmoz7dP3nMeNf-8zyzCBLS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.63.0/24
Signature Algorithm: sha256WithRSAEncryption
16:cf:55:3d:c9:0b:c2:c6:12:a2:80:5a:cb:84:e1:cd:ca:f2:
74:96:78:8f:4d:51:71:96:a2:4f:ab:5c:a5:6a:1b:08:7e:36:
80:d1:b4:5e:a0:ba:c9:77:e5:9e:2f:7a:63:d7:06:da:e9:5d:
ab:16:d9:82:d6:cf:b4:43:cc:ed:ee:5a:dc:62:5f:1a:83:78:
ac:94:cd:89:62:6a:7e:60:0f:89:ae:7d:51:a2:f6:49:72:b0:
73:3f:2e:11:da:f9:be:8e:ee:fc:6b:7d:14:bd:ab:32:c4:3e:
d6:ba:81:98:fd:15:00:c9:77:9f:99:e6:fa:69:84:52:c5:c6:
8d:c4:e8:63:6b:90:92:1a:71:d6:af:10:ca:cf:5c:20:df:83:
b8:e7:ea:e2:e6:67:4b:8c:76:ce:fa:82:6a:ea:a6:11:b7:ea:
b6:4d:75:ad:96:13:c7:84:68:d9:e4:7d:65:e5:ba:42:03:c5:
6d:51:77:8c:67:41:e4:3c:90:1d:26:43:2a:ff:76:fc:a4:74:
3a:c5:6b:0a:38:4b:2d:45:60:e6:41:c9:df:3e:16:0e:32:72:
c1:70:f2:20:b5:bc:12:c3:cb:fc:2e:ce:20:65:59:fc:4b:af:
32:7d:8d:9d:c1:99:8b:51:e3:29:94:a6:47:3f:8b:b5:22:6d:
af:86:38:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRcs4ppobRIrUc0+NjtN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjQ3YTcyNWM3NjhkNGRlNzhmYjMxYmI0MGZlMTZlYmEx
OWYyMGQwHhcNMjUwMTAyMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2VlNjEzZTZhMzNlZGQzZjc5Y2M3OGQ3ZmVmMzNjYjMwODEyZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSN5AP5M6M+FNObtbbnH0+DmL3Oi
/zZfExW4cAqFGoIr1MmJ4dG4EgD9Ifn742bHHSSJvtA625auajPyicwLHAURQvRo
vy23NFVkfqB1YlZuXddkKEj9I/C+xS4nWkWEp7/NUASottOJj2pbPWr5rrTkX8BQ
iRjSOT7XRiCt4+/Ofmcc02EPGljJRSp9zKxbJzEVGYioC9vAZaEKAnwpsv5lruss
YYHBd2s8Pd1+3N6ibMW9az9g4/q/6VHrV4IQseFEvUAYZVQ58FwswxjjHsWcW9Ip
NGDx1iQds/CCSKE1w5MlkL/tLuabSYHJoNdejbPN+C6HZBHSlUHTRG1CLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPuYT5qM+3T95zHjX/vM8swgS0tMB8GA1UdIwQY
MBaAFFP0enJcdo1N54+zG7QP4W66GfINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMt
NTc0NzEzODQ1ZGJjLzEvZy01aFBtb3o3ZFAzbk1lTmYtOHp5ekNCTFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMtNTc0NzEzODQ1ZGJj
LzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud0/MA0G
CSqGSIb3DQEBCwUAA4IBAQAWz1U9yQvCxhKigFrLhOHNyvJ0lniPTVFxlqJPq1yl
ahsIfjaA0bReoLrJd+WeL3pj1wba6V2rFtmC1s+0Q8zt7lrcYl8ag3islM2JYmp+
YA+Jrn1RovZJcrBzPy4R2vm+ju78a30UvasyxD7WuoGY/RUAyXefmeb6aYRSxcaN
xOhja5CSGnHWrxDKz1wg34O45+ri5mdLjHbO+oJq6qYRt+q2TXWtlhPHhGjZ5H1l
5bpCA8VtUXeMZ0HkPJAdJkMq/3b8pHQ6xWsKOEstRWDmQcnfPhYOMnLBcPIgtbwS
w8v8Ls4gZVn8S68yfY2dwZmLUeMplKZHP4u1Im2vhjhS
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:28:58 2025 by rpki-client