Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/1EwyZRDcQyTRVY6iPJ0NBAgTU8g.roa
File: 1EwyZRDcQyTRVY6iPJ0NBAgTU8g.roa (raw, json)
Hash identifier: 6dDSvoTsrkVWn/fHWcBpwXwgcxWy/qwkka+mYdQoFmg=
Subject key identifier: D4:4C:32:65:10:DC:43:24:D1:55:8E:A2:3C:9D:0D:04:08:13:53:C8
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 01941F8C9858660E65EAD575EB1D3B19EADD
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/1EwyZRDcQyTRVY6iPJ0NBAgTU8g.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204666
IP address blocks: 5.59.102.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:98:58:66:0e:65:ea:d5:75:eb:1d:3b:19:ea:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d44c326510dc4324d1558ea23c9d0d04081353c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b1:16:b2:cd:77:11:a1:1e:e7:d5:82:92:2b:
05:a0:34:73:14:38:3a:d3:b0:a6:03:80:81:5a:a4:
41:26:3b:5b:8a:9c:a7:8e:83:2d:a8:72:0f:a9:5b:
58:fe:7a:d2:05:2b:a9:78:44:95:92:bf:fc:bf:38:
9d:cb:08:6e:f5:46:42:c1:c9:0b:ed:8b:90:0e:57:
fa:9f:bf:48:5a:93:36:b6:d6:13:14:1e:a4:33:d1:
21:22:a6:1c:52:a2:39:fa:6e:63:08:2f:ff:4a:92:
7e:b8:42:29:a2:94:d9:bb:17:25:56:e2:12:73:62:
e3:f1:57:a8:9a:43:2a:84:78:3a:f4:41:e6:ae:83:
40:1c:27:22:8b:3a:34:b2:3e:a3:e6:d4:a5:0f:12:
62:9d:bb:74:df:f2:df:d5:5c:eb:5a:20:15:ba:51:
b3:10:19:d8:db:bc:b4:cc:bc:77:18:a7:1b:fe:87:
dd:b9:19:25:66:6a:5c:f6:36:55:74:b8:73:2e:13:
0c:13:14:7a:56:a5:28:94:97:15:a5:ed:c9:a8:46:
bc:51:ae:5a:e3:41:d7:60:51:da:93:2d:0d:5a:b6:
f2:94:dc:ee:94:89:f5:0b:ca:32:89:0e:f6:30:20:
cf:0b:5f:e3:1d:9e:b0:b5:a7:73:b3:4d:da:68:15:
ab:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:4C:32:65:10:DC:43:24:D1:55:8E:A2:3C:9D:0D:04:08:13:53:C8
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/1EwyZRDcQyTRVY6iPJ0NBAgTU8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.102.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:4c:50:3d:9a:0a:d0:26:79:8e:5d:6f:83:8c:5d:a3:35:28:
e2:a4:5c:48:66:af:24:e9:d4:0e:63:fd:76:2c:a0:12:82:18:
ca:59:44:52:e4:b4:e5:02:65:a4:01:07:ff:f7:1a:21:e9:7c:
ff:a7:66:15:f7:a4:2e:3c:9c:1d:c8:2e:28:3b:79:4b:e9:c6:
a0:66:ee:21:49:1a:03:30:16:d6:2e:18:4b:e2:df:39:ea:f3:
af:b9:32:62:67:40:6d:fe:1a:b6:66:5d:ec:26:7c:9d:46:44:
6f:06:13:d6:37:c3:a8:91:2c:e7:75:1b:7c:ac:9b:05:d2:94:
2f:5e:ec:65:d5:40:6c:98:d6:b3:9b:9f:3e:a8:6a:ae:04:34:
86:1d:60:c4:04:7b:da:f5:ef:23:bf:12:0a:82:ba:bc:25:4e:
96:00:11:0b:38:13:1e:cf:b6:e9:86:e4:92:7e:6b:e6:ff:0b:
96:9a:b5:ad:a5:ab:8a:dd:d4:47:c0:d9:a5:ce:d7:c9:6d:8f:
cf:d2:14:28:3b:33:38:04:74:1d:8a:70:df:0b:63:44:cc:a6:
5b:21:d0:bb:69:f3:69:bb:9d:51:d3:eb:d5:9b:ea:1c:0b:2f:
d3:50:3d:8a:ea:7e:1b:e1:72:40:21:e7:c6:60:1e:af:48:26:
4f:f2:99:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJhYZg5l6tV16x07GerdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDRjMzI2NTEwZGM0MzI0ZDE1NThlYTIzYzlkMGQwNDA4MTM1M2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7EWss13EaEe59WCkisFoDRzFDg6
07CmA4CBWqRBJjtbipynjoMtqHIPqVtY/nrSBSupeESVkr/8vzidywhu9UZCwckL
7YuQDlf6n79IWpM2ttYTFB6kM9EhIqYcUqI5+m5jCC//SpJ+uEIpopTZuxclVuIS
c2Lj8VeomkMqhHg69EHmroNAHCciizo0sj6j5tSlDxJinbt03/Lf1VzrWiAVulGz
EBnY27y0zLx3GKcb/ofduRklZmpc9jZVdLhzLhMMExR6VqUolJcVpe3JqEa8Ua5a
40HXYFHaky0NWrbylNzulIn1C8oyiQ72MCDPC1/jHZ6wtadzs03aaBWrwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRMMmUQ3EMk0VWOojydDQQIE1PIMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvMUV3eVpSRGNReVRSVlk2aVBKME5CQWdUVThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBTtmMA0G
CSqGSIb3DQEBCwUAA4IBAQB7TFA9mgrQJnmOXW+DjF2jNSjipFxIZq8k6dQOY/12
LKASghjKWURS5LTlAmWkAQf/9xoh6Xz/p2YV96QuPJwdyC4oO3lL6cagZu4hSRoD
MBbWLhhL4t856vOvuTJiZ0Bt/hq2Zl3sJnydRkRvBhPWN8OokSzndRt8rJsF0pQv
Xuxl1UBsmNazm58+qGquBDSGHWDEBHva9e8jvxIKgrq8JU6WABELOBMez7bphuSS
fmvm/wuWmrWtpauK3dRHwNmlztfJbY/P0hQoOzM4BHQdinDfC2NEzKZbIdC7afNp
u51R0+vVm+ocCy/TUD2K6n4b4XJAIefGYB6vSCZP8pmF
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:19 2025 by rpki-client