Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/qDh2JY1h_xNgvgx5Db5sVmUy5ks.roa
File: qDh2JY1h_xNgvgx5Db5sVmUy5ks.roa (raw, json)
Hash identifier: I1r2aL4TOC/MGm5ShRW+1jSA/7hy7A6Iss+iJbXJ1A8=
Subject key identifier: A8:38:76:25:8D:61:FF:13:60:BE:0C:79:0D:BE:6C:56:65:32:E6:4B
Certificate issuer: /CN=822f5a6c0b95647f070350e6524e1220fba47fa3
Certificate serial: 01941FFA774D99931E265BB787DE978B2EBA
Authority key identifier: 82:2F:5A:6C:0B:95:64:7F:07:03:50:E6:52:4E:12:20:FB:A4:7F:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gi9abAuVZH8HA1DmUk4SIPukf6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/qDh2JY1h_xNgvgx5Db5sVmUy5ks.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212201
IP address blocks: 5.182.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:77:4d:99:93:1e:26:5b:b7:87:de:97:8b:2e:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822f5a6c0b95647f070350e6524e1220fba47fa3
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a83876258d61ff1360be0c790dbe6c566532e64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ac:8f:90:2c:7a:2e:9b:cd:62:fd:cc:ff:60:
3e:08:3d:c3:e7:16:d9:b5:7b:64:e4:6a:48:98:3a:
0c:05:a7:7c:79:c8:af:8e:d1:fd:d9:46:a3:8a:ca:
34:08:c3:67:e4:0d:a2:77:f2:dd:e7:34:3e:e3:27:
f5:c6:ae:6d:b8:26:45:c8:dc:06:3a:c2:a7:76:dc:
f3:16:84:b3:70:02:3e:5b:98:3a:ad:c2:6b:e1:08:
9e:75:b7:62:da:60:1c:ef:78:3b:05:a9:7e:de:f6:
b5:e0:ed:de:75:14:90:04:d8:07:9d:ce:c8:45:38:
e0:6a:70:0a:96:9e:f8:40:79:36:6d:4e:42:e2:7d:
61:12:10:c7:69:1e:28:1c:fb:d4:9b:57:d3:59:62:
86:10:14:b8:f5:fc:93:c7:c9:01:99:4f:c4:3b:dd:
bd:00:8d:d4:b8:81:eb:96:28:17:e0:ac:f0:e9:31:
d8:89:06:6d:9c:ed:a3:54:ca:1a:c8:81:2e:6c:bc:
ff:b3:65:e3:ab:b0:c8:94:be:08:b0:66:4a:dd:cb:
df:bb:79:59:68:8b:b1:29:47:f4:76:1f:d0:64:59:
23:0d:68:a9:1f:f0:eb:48:77:0c:f9:80:e4:b7:d6:
5d:eb:0d:93:3f:70:56:00:80:5f:b0:2f:57:0b:7c:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:38:76:25:8D:61:FF:13:60:BE:0C:79:0D:BE:6C:56:65:32:E6:4B
X509v3 Authority Key Identifier:
keyid:82:2F:5A:6C:0B:95:64:7F:07:03:50:E6:52:4E:12:20:FB:A4:7F:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gi9abAuVZH8HA1DmUk4SIPukf6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/qDh2JY1h_xNgvgx5Db5sVmUy5ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5df262-2e0b-4fb7-b0d3-5d0e09a0204f/1/gi9abAuVZH8HA1DmUk4SIPukf6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.251.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:41:b8:ce:2d:11:a8:ae:b9:67:57:b7:b6:a5:88:57:2c:b6:
63:17:17:64:37:7a:d5:ee:6c:c3:20:e7:a7:f6:c3:53:4d:67:
f0:b6:a7:a1:14:3d:ae:8b:60:17:8b:97:37:48:45:3c:35:9e:
7e:db:8a:be:ec:8f:8d:88:2f:dc:d7:74:35:50:61:fd:6c:91:
e1:87:4a:62:6b:a3:1d:24:57:fb:c9:80:2f:85:2f:72:66:a3:
08:5a:24:96:a6:88:01:30:ca:e3:4c:ac:61:6e:3c:80:70:b5:
fa:6d:a9:23:5c:fc:f0:1d:af:b7:69:66:a2:42:35:c9:c2:8d:
a9:6d:e2:c9:d3:a9:a6:e5:d8:56:0a:90:06:d5:fc:f2:b8:13:
01:ba:10:2c:cf:80:ce:47:bf:c3:fe:91:0c:8f:73:c9:7f:d4:
52:b8:da:b9:08:92:c5:3e:15:f0:98:fb:7f:88:47:39:e7:00:
46:d1:d0:42:1f:6c:22:5b:05:8a:c1:27:3a:1a:45:e5:12:da:
3a:e0:6b:d4:c2:49:ef:59:b7:24:68:c9:21:76:bd:e1:25:33:
15:53:64:1b:18:56:30:f5:35:b9:7e:51:4d:28:b6:5a:7c:b9:
26:22:c3:18:cc:cd:d4:35:82:6f:b1:d7:fa:cd:ce:e5:9f:e6:
b1:87:f8:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ndNmZMeJlu3h96Xiy66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmY1YTZjMGI5NTY0N2YwNzAzNTBlNjUyNGUxMjIwZmJh
NDdmYTMwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM4NzYyNThkNjFmZjEzNjBiZTBjNzkwZGJlNmM1NjY1MzJlNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqyPkCx6LpvNYv3M/2A+CD3D5xbZ
tXtk5GpImDoMBad8ecivjtH92Uajiso0CMNn5A2id/Ld5zQ+4yf1xq5tuCZFyNwG
OsKndtzzFoSzcAI+W5g6rcJr4Qiedbdi2mAc73g7Bal+3va14O3edRSQBNgHnc7I
RTjganAKlp74QHk2bU5C4n1hEhDHaR4oHPvUm1fTWWKGEBS49fyTx8kBmU/EO929
AI3UuIHrligX4Kzw6THYiQZtnO2jVMoayIEubLz/s2Xjq7DIlL4IsGZK3cvfu3lZ
aIuxKUf0dh/QZFkjDWipH/DrSHcM+YDkt9Zd6w2TP3BWAIBfsC9XC3zHhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKg4diWNYf8TYL4MeQ2+bFZlMuZLMB8GA1UdIwQY
MBaAFIIvWmwLlWR/BwNQ5lJOEiD7pH+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2k5YWJBdVZaSDhIQTFEbVVrNFNJUHVrZjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZGYyNjItMmUwYi00ZmI3LWIwZDMt
NWQwZTA5YTAyMDRmLzEvcURoMkpZMWhfeE5ndmd4NURiNXNWbVV5NWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZGYyNjItMmUwYi00ZmI3LWIwZDMtNWQwZTA5YTAyMDRm
LzEvZ2k5YWJBdVZaSDhIQTFEbVVrNFNJUHVrZjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbb7MA0G
CSqGSIb3DQEBCwUAA4IBAQCKQbjOLRGorrlnV7e2pYhXLLZjFxdkN3rV7mzDIOen
9sNTTWfwtqehFD2ui2AXi5c3SEU8NZ5+24q+7I+NiC/c13Q1UGH9bJHhh0pia6Md
JFf7yYAvhS9yZqMIWiSWpogBMMrjTKxhbjyAcLX6bakjXPzwHa+3aWaiQjXJwo2p
beLJ06mm5dhWCpAG1fzyuBMBuhAsz4DOR7/D/pEMj3PJf9RSuNq5CJLFPhXwmPt/
iEc55wBG0dBCH2wiWwWKwSc6GkXlEto64GvUwknvWbckaMkhdr3hJTMVU2QbGFYw
9TW5flFNKLZafLkmIsMYzM3UNYJvsdf6zc7ln+axh/iC
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:11:47 2025 by rpki-client