Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/ig3YUnf06jRQJy2W3dYiO6rsejs.roa
File: ig3YUnf06jRQJy2W3dYiO6rsejs.roa (raw, json)
Hash identifier: iYGiR2ToZxGUekv5mS+Li0t2IVpNRi9TVFKQBK+2Rl8=
Subject key identifier: 8A:0D:D8:52:77:F4:EA:34:50:27:2D:96:DD:D6:22:3B:AA:EC:7A:3B
Certificate issuer: /CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Certificate serial: 01942067E6C7DD55CC1755D434CAF7A1B352
Authority key identifier: BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/ig3YUnf06jRQJy2W3dYiO6rsejs.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198608
IP address blocks: 5.57.48.0/21 maxlen: 21
185.168.244.0/22 maxlen: 22
2a01:4c40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e6:c7:dd:55:cc:17:55:d4:34:ca:f7:a1:b3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a0dd85277f4ea3450272d96ddd6223baaec7a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:75:4c:cf:75:e0:7f:d3:08:bd:7e:94:16:
34:3b:f1:c1:45:2e:1c:b4:cb:ef:22:f3:82:3a:9d:
05:a6:30:75:f7:95:ce:ae:1b:1b:56:54:43:7a:48:
a4:5c:c6:1f:e4:95:b6:72:b7:da:f6:ae:87:1f:d6:
a6:d7:5f:e7:65:5c:80:5b:ab:36:f5:45:7b:94:9e:
b0:d5:30:c2:db:b3:cf:4c:24:33:cf:a5:eb:76:02:
ec:99:d3:0e:aa:87:0d:e8:61:68:de:29:f6:5b:01:
34:f7:8c:4f:0a:40:b2:05:42:96:d0:5f:b1:aa:a6:
3d:c5:8c:de:09:21:5f:7b:1f:ad:3a:3b:12:95:51:
43:91:e0:ee:f3:5a:92:3f:67:e9:6f:cc:68:d9:84:
e2:dc:6f:43:29:1a:76:a5:69:03:55:98:ca:06:5a:
bf:a0:1a:ea:fd:4d:52:22:26:4a:df:e9:28:93:a5:
d1:8f:b1:33:d0:2c:7c:ce:0b:7b:2b:ad:cb:17:46:
e4:8b:b9:21:29:a1:d4:55:73:95:05:3d:f2:46:c2:
38:09:bf:77:24:d3:38:d1:65:e5:6f:00:ca:5f:c6:
49:77:dc:62:fe:bf:0c:02:bc:a4:80:9b:d8:38:5f:
58:59:ee:11:70:a9:20:c0:9d:e2:1c:2d:2f:74:3a:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0D:D8:52:77:F4:EA:34:50:27:2D:96:DD:D6:22:3B:AA:EC:7A:3B
X509v3 Authority Key Identifier:
keyid:BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/ig3YUnf06jRQJy2W3dYiO6rsejs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/vGY2Z5cyOLGE2e79NrvzgQukttk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.48.0/21
185.168.244.0/22
IPv6:
2a01:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
71:da:31:3c:4a:f2:20:44:47:8b:e6:5c:c2:85:93:ff:93:03:
f1:9c:83:7c:9e:b4:4d:2b:e5:c1:35:67:87:ac:10:65:2b:84:
f1:a6:40:47:8b:b6:06:ff:6c:2b:8a:45:f2:f6:c6:ca:13:2f:
35:3f:46:52:c2:98:98:d3:aa:53:4f:58:94:16:52:ef:d1:e0:
85:51:97:49:e8:4f:33:72:4e:c5:f1:02:9d:e1:f8:d2:d2:45:
96:c1:1a:96:13:b6:fd:d6:07:ce:a1:1f:cf:b7:d7:24:49:8d:
e6:17:dc:b3:e7:b3:a2:4b:87:98:f7:75:0b:c1:ce:3a:b5:d1:
33:5f:83:8b:00:49:3a:89:b2:e5:8e:cd:26:d8:6e:c9:df:36:
80:a0:40:a7:3a:a4:71:16:e3:fb:29:16:75:82:28:dc:ab:e8:
70:cc:d9:70:99:38:ff:94:7e:bc:af:ee:61:32:34:8f:40:5d:
9d:5d:c7:0f:b0:d8:f9:d5:6e:b2:df:3b:8a:70:39:db:6b:e1:
2f:37:43:86:18:58:fc:9a:a7:29:f9:ea:cd:21:7b:4c:61:b2:
45:be:b3:54:c3:52:05:e5:20:c9:f8:fc:cb:e7:4f:8f:e1:d6:
bb:36:09:e8:1c:3b:0e:d3:d8:b8:d5:2f:b6:0f:e6:35:25:03:
d8:cd:2e:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ+bH3VXMF1XUNMr3obNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjYzNjY3OTczMjM4YjE4NGQ5ZWVmZDM2YmJmMzgxMGJh
NGI2ZDkwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBkZDg1Mjc3ZjRlYTM0NTAyNzJkOTZkZGQ2MjIzYmFhZWM3YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDF1TM914H/TCL1+lBY0O/HBRS4c
tMvvIvOCOp0FpjB195XOrhsbVlRDekikXMYf5JW2crfa9q6HH9am11/nZVyAW6s2
9UV7lJ6w1TDC27PPTCQzz6XrdgLsmdMOqocN6GFo3in2WwE094xPCkCyBUKW0F+x
qqY9xYzeCSFfex+tOjsSlVFDkeDu81qSP2fpb8xo2YTi3G9DKRp2pWkDVZjKBlq/
oBrq/U1SIiZK3+kok6XRj7Ez0Cx8zgt7K63LF0bki7khKaHUVXOVBT3yRsI4Cb93
JNM40WXlbwDKX8ZJd9xi/r8MArykgJvYOF9YWe4RcKkgwJ3iHC0vdDrGDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIoN2FJ39Oo0UCctlt3WIjuq7Ho7MB8GA1UdIwQY
MBaAFLxmNmeXMjixhNnu/Ta784ELpLbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQt
OWYwMGM3MjYyMGY2LzEvaWczWVVuZjA2alJRSnkyVzNkWWlPNnJzZWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQtOWYwMGM3MjYyMGY2
LzEvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkwAwQC
uaj0MA0EAgACMAcDBQAqAUxAMA0GCSqGSIb3DQEBCwUAA4IBAQBx2jE8SvIgREeL
5lzChZP/kwPxnIN8nrRNK+XBNWeHrBBlK4TxpkBHi7YG/2wrikXy9sbKEy81P0ZS
wpiY06pTT1iUFlLv0eCFUZdJ6E8zck7F8QKd4fjS0kWWwRqWE7b91gfOoR/Pt9ck
SY3mF9yz57OiS4eY93ULwc46tdEzX4OLAEk6ibLljs0m2G7J3zaAoECnOqRxFuP7
KRZ1gijcq+hwzNlwmTj/lH68r+5hMjSPQF2dXccPsNj51W6y3zuKcDnba+EvN0OG
GFj8mqcp+erNIXtMYbJFvrNUw1IF5SDJ+PzL50+P4da7NgnoHDsO09i41S+2D+Y1
JQPYzS6f
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:28:05 2025 by rpki-client