Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/5JjBIrQjK_ab0VfofX2xcaNmR1M.roa
File: 5JjBIrQjK_ab0VfofX2xcaNmR1M.roa (raw, json)
Hash identifier: 1EBdf/AU3KpugSqcVymASK0QvUzpUg9hdvyE6GGwf9w=
Subject key identifier: E4:98:C1:22:B4:23:2B:F6:9B:D1:57:E8:7D:7D:B1:71:A3:66:47:53
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 01948A4A34EDDE08251A1BF833211EDDAB31
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/5JjBIrQjK_ab0VfofX2xcaNmR1M.roa
Signing time: Tue 21 Jan 2025 19:15:06 +0000
ROA not before: Tue 21 Jan 2025 19:15:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60751
IP address blocks: 185.24.233.0/24 maxlen: 24
185.104.216.0/22 maxlen: 24
2a04:2e00::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8a:4a:34:ed:de:08:25:1a:1b:f8:33:21:1e:dd:ab:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Jan 21 19:15:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e498c122b4232bf69bd157e87d7db171a3664753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:8a:07:79:33:c9:4a:64:0d:8b:67:03:a6:00:
3d:4a:a0:71:be:7a:38:75:ee:26:ea:ef:0d:7f:07:
06:1a:c5:28:85:a1:00:90:da:3a:08:d4:e6:bb:3a:
0e:b3:03:64:b8:df:f5:03:38:b7:fa:7a:2d:52:05:
82:a5:09:72:e7:34:98:a7:70:35:1d:22:a3:d1:b9:
6d:83:d4:5f:bb:00:6c:d1:f2:1e:8c:57:a6:dc:0e:
4d:3a:06:f9:0d:cf:e5:fc:6a:c9:3f:d9:b9:a7:b1:
69:af:20:a6:f5:9e:e9:5a:da:b6:3b:40:1c:a4:9f:
7c:53:9f:10:56:c1:7a:fa:78:e6:83:48:0a:8d:4c:
46:ad:3e:28:fa:ac:4d:e7:a0:e2:85:cb:17:2a:6f:
28:e7:c9:ec:97:f9:a0:81:89:f0:3f:89:2c:7c:96:
94:6b:c1:69:6a:9a:1b:50:7c:26:76:61:dd:94:e2:
eb:10:47:71:43:50:ca:00:84:69:bc:3a:34:11:32:
ea:dd:b9:31:d5:0f:1b:ab:e0:89:c0:db:81:a5:cc:
4f:2b:99:93:54:4e:6f:24:83:a2:0d:d0:6d:28:95:
5b:86:dc:30:c8:47:6f:71:44:ad:bb:17:44:da:07:
2a:be:c0:d2:b1:c0:d2:13:9a:b9:ed:2c:51:15:6a:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:98:C1:22:B4:23:2B:F6:9B:D1:57:E8:7D:7D:B1:71:A3:66:47:53
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/5JjBIrQjK_ab0VfofX2xcaNmR1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.233.0/24
185.104.216.0/22
IPv6:
2a04:2e00::/32
Signature Algorithm: sha256WithRSAEncryption
5d:32:94:e3:b5:2b:51:8f:49:2a:8f:f5:c6:91:69:b8:4e:fe:
56:66:8c:8a:d3:9f:eb:f6:a4:52:b7:b4:cc:95:2a:99:c7:d0:
54:2f:61:b3:7f:15:ce:6c:75:61:4c:41:a1:10:85:40:95:e6:
9d:c2:74:a2:6f:c9:9f:06:10:9a:11:a4:ce:09:6f:85:8c:b8:
2c:92:45:67:4e:24:62:de:15:c0:e4:8d:ca:fc:91:f7:f6:71:
b0:74:c8:ba:ea:a2:cd:79:52:45:66:07:f8:23:60:45:d6:e1:
03:b7:c6:d1:bd:40:cb:48:77:06:37:02:4f:d8:75:85:f6:1d:
73:bb:7b:6b:ec:7a:52:b8:3e:91:9a:eb:d4:53:45:39:eb:83:
75:e1:d6:4f:9a:a5:27:96:d9:51:90:04:b5:29:95:a4:2e:51:
6d:4f:e7:13:6d:77:de:08:bc:dc:d9:61:93:d0:db:d4:a5:8b:
61:65:52:02:45:34:b9:bd:b7:91:74:37:dd:a1:d9:8b:70:b2:
99:d2:fa:3d:50:2d:a8:be:93:2c:70:51:f1:4f:c2:5b:16:96:
50:a4:e7:3c:5e:62:c0:f0:9e:e5:f5:0b:92:36:51:51:5b:77:
5f:de:02:d8:2d:65:fb:bf:d9:04:73:7d:fb:b8:d3:8b:b5:16:
b5:87:94:ec
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZSKSjTt3gglGhv4MyEe3asxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjUwMTIxMTkxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDk4YzEyMmI0MjMyYmY2OWJkMTU3ZTg3ZDdkYjE3MWEzNjY0NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+YoHeTPJSmQNi2cDpgA9SqBxvno4
de4m6u8NfwcGGsUohaEAkNo6CNTmuzoOswNkuN/1Azi3+notUgWCpQly5zSYp3A1
HSKj0bltg9RfuwBs0fIejFem3A5NOgb5Dc/l/GrJP9m5p7FpryCm9Z7pWtq2O0Ac
pJ98U58QVsF6+njmg0gKjUxGrT4o+qxN56DihcsXKm8o58nsl/mggYnwP4ksfJaU
a8FpapobUHwmdmHdlOLrEEdxQ1DKAIRpvDo0ETLq3bkx1Q8bq+CJwNuBpcxPK5mT
VE5vJIOiDdBtKJVbhtwwyEdvcUStuxdE2gcqvsDSscDSE5q57SxRFWoMJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOSYwSK0Iyv2m9FX6H19sXGjZkdTMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvNUpqQklyUWpLX2FiMFZmb2ZYMnhjYU5tUjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuRjpAwQC
uWjYMA0EAgACMAcDBQAqBC4AMA0GCSqGSIb3DQEBCwUAA4IBAQBdMpTjtStRj0kq
j/XGkWm4Tv5WZoyK05/r9qRSt7TMlSqZx9BUL2GzfxXObHVhTEGhEIVAleadwnSi
b8mfBhCaEaTOCW+FjLgskkVnTiRi3hXA5I3K/JH39nGwdMi66qLNeVJFZgf4I2BF
1uEDt8bRvUDLSHcGNwJP2HWF9h1zu3tr7HpSuD6RmuvUU0U564N14dZPmqUnltlR
kAS1KZWkLlFtT+cTbXfeCLzc2WGT0NvUpYthZVICRTS5vbeRdDfdodmLcLKZ0vo9
UC2ovpMscFHxT8JbFpZQpOc8XmLA8J7l9QuSNlFRW3df3gLYLWX7v9kEc337uNOL
tRa1h5Ts
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:29:58 2025 by rpki-client