Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/5C3OBNWJVX0XYEPy1WMxBH9P3fA.roa
File: 5C3OBNWJVX0XYEPy1WMxBH9P3fA.roa (raw, json)
Hash identifier: paK6hyOcqXDBN745vkYjBiywiYBVzqMBn2uUtBINBBA=
Subject key identifier: E4:2D:CE:04:D5:89:55:7D:17:60:43:F2:D5:63:31:04:7F:4F:DD:F0
Certificate issuer: /CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
Certificate serial: 019420684980EC37F5227040849A4D579D79
Authority key identifier: 0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/5C3OBNWJVX0XYEPy1WMxBH9P3fA.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13209
IP address blocks: 91.217.82.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:49:80:ec:37:f5:22:70:40:84:9a:4d:57:9d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e42dce04d589557d176043f2d56331047f4fddf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1f:1b:a8:44:0c:f3:93:f4:cb:fa:38:96:5d:
d1:c8:83:e2:2b:65:2c:40:fd:0d:87:6f:69:b6:45:
4d:94:6e:f8:fc:6f:fb:17:b4:a4:8d:d3:1b:3d:0a:
8e:a5:49:34:a1:fc:76:64:82:1c:68:0c:57:18:5e:
66:50:d5:cf:b0:a9:03:17:72:7f:63:11:26:33:9b:
02:42:d1:15:5f:65:35:0f:ed:a1:f6:f7:84:d6:4d:
4b:ed:1d:e2:7d:24:7f:c3:5b:bd:c7:38:4a:00:19:
bc:6b:1b:c0:07:9a:b8:4c:33:3b:35:6e:ce:2b:34:
a4:1a:ee:34:40:85:10:57:0a:95:55:92:29:3e:8b:
ee:53:0c:56:b0:a6:9f:a5:b7:f6:0a:fb:d7:ee:39:
e6:c8:0a:a4:29:52:f4:47:50:65:38:11:a0:85:86:
c3:8b:52:5d:77:4a:52:f8:84:4b:ab:45:c3:88:26:
1d:f5:99:c9:6e:c4:63:b3:4c:f3:e1:ec:1c:8f:89:
71:73:42:22:6f:19:49:c8:8f:91:61:a4:36:8f:fa:
7b:d5:26:a2:53:4e:d1:ba:73:a2:91:f3:02:09:c3:
30:f3:ac:be:57:44:e2:fe:47:24:24:89:fa:79:1d:
95:ad:01:d5:7f:af:f1:95:9c:ef:1b:c0:5e:fb:c5:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:2D:CE:04:D5:89:55:7D:17:60:43:F2:D5:63:31:04:7F:4F:DD:F0
X509v3 Authority Key Identifier:
keyid:0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/5C3OBNWJVX0XYEPy1WMxBH9P3fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.82.0/23
Signature Algorithm: sha256WithRSAEncryption
97:b7:07:ec:88:6b:61:c3:33:1a:1f:82:2a:e9:62:06:8a:62:
c5:9c:d3:ff:a8:e6:63:66:20:85:c4:85:b3:8f:70:b0:d7:bd:
95:1e:21:ed:10:81:1e:c6:d0:60:35:d6:3a:31:36:f8:04:15:
d5:7d:f4:70:1c:2f:3a:f4:4a:6e:6e:f3:ef:fc:dc:a7:f0:ab:
9a:53:fc:3c:42:2f:9e:4e:bf:fc:2d:71:35:4b:54:3e:1b:d3:
02:39:db:76:bf:25:90:b7:38:f8:65:cd:f8:4a:3d:5a:c3:91:
02:b9:c9:5c:d2:97:11:76:c6:99:8e:a3:fa:2d:5e:6b:de:7b:
be:3a:a3:3d:6e:3b:56:e5:ef:73:d1:03:c2:f9:6b:e9:ed:95:
38:54:2c:80:12:58:31:cc:61:14:8d:ba:63:b8:b2:a7:1b:42:
27:9d:ca:4f:48:bf:b7:a7:cb:19:ab:0a:de:74:95:5e:ef:2f:
a3:30:95:ed:3d:9e:a6:22:d5:7c:55:fb:57:38:82:63:91:32:
4f:f8:5c:d5:9b:0f:07:29:f6:8e:63:54:b1:ca:6a:3c:63:a9:
c5:b1:e9:55:e2:4c:99:cb:81:67:bd:be:04:2a:c8:39:a0:7d:
24:9f:1b:97:15:19:60:6e:1a:75:89:a6:8f:f5:ba:5b:4f:72:
c6:48:fb:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaEmA7Df1InBAhJpNV515MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDJmOGUwZGVhMTM4N2RhZjkwMzVkMmNkZjRlYjhjOTNh
ZDg5Y2MwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDJkY2UwNGQ1ODk1NTdkMTc2MDQzZjJkNTYzMzEwNDdmNGZkZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h8bqEQM85P0y/o4ll3RyIPiK2Us
QP0Nh29ptkVNlG74/G/7F7SkjdMbPQqOpUk0ofx2ZIIcaAxXGF5mUNXPsKkDF3J/
YxEmM5sCQtEVX2U1D+2h9veE1k1L7R3ifSR/w1u9xzhKABm8axvAB5q4TDM7NW7O
KzSkGu40QIUQVwqVVZIpPovuUwxWsKafpbf2CvvX7jnmyAqkKVL0R1BlOBGghYbD
i1Jdd0pS+IRLq0XDiCYd9ZnJbsRjs0zz4ewcj4lxc0IibxlJyI+RYaQ2j/p71Sai
U07RunOikfMCCcMw86y+V0Ti/kckJIn6eR2VrQHVf6/xlZzvG8Be+8WPXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQtzgTViVV9F2BD8tVjMQR/T93wMB8GA1UdIwQY
MBaAFA3S+ODeoTh9r5A10s3064yTrYnMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAt
YWE4NDg1Y2YzMDY4LzEvNUMzT0JOV0pWWDBYWUVQeTFXTXhCSDlQM2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAtYWE4NDg1Y2YzMDY4
LzEvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9lSMA0G
CSqGSIb3DQEBCwUAA4IBAQCXtwfsiGthwzMaH4Iq6WIGimLFnNP/qOZjZiCFxIWz
j3Cw172VHiHtEIEextBgNdY6MTb4BBXVffRwHC869EpubvPv/Nyn8KuaU/w8Qi+e
Tr/8LXE1S1Q+G9MCOdt2vyWQtzj4Zc34Sj1aw5ECuclc0pcRdsaZjqP6LV5r3nu+
OqM9bjtW5e9z0QPC+Wvp7ZU4VCyAElgxzGEUjbpjuLKnG0InncpPSL+3p8sZqwre
dJVe7y+jMJXtPZ6mItV8VftXOIJjkTJP+FzVmw8HKfaOY1Sxymo8Y6nFselV4kyZ
y4Fnvb4EKsg5oH0knxuXFRlgbhp1iaaP9bpbT3LGSPuJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:43:21 2025 by rpki-client