Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/OPHuyxpO9PisbasiiAKtaHkvxVA.roa
File: OPHuyxpO9PisbasiiAKtaHkvxVA.roa (raw, json)
Hash identifier: x3Qa5U665mgT3yS3jj1UddNty1CV91Oaf8NDM/bZhaM=
Subject key identifier: 38:F1:EE:CB:1A:4E:F4:F8:AC:6D:AB:22:88:02:AD:68:79:2F:C5:50
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 019425FD5710473E8A211D278E0BDE145F9A
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/OPHuyxpO9PisbasiiAKtaHkvxVA.roa
Signing time: Thu 02 Jan 2025 07:49:07 +0000
ROA not before: Thu 02 Jan 2025 07:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56844
IP address blocks: 5.133.68.0/23 maxlen: 23
5.133.68.0/24 maxlen: 24
5.133.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:57:10:47:3e:8a:21:1d:27:8e:0b:de:14:5f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38f1eecb1a4ef4f8ac6dab228802ad68792fc550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:57:2f:c4:c1:dc:e4:44:35:ee:ab:cd:74:
c7:98:81:0a:49:e3:16:b6:39:a2:2f:c6:2d:fb:38:
47:07:d4:4f:c2:27:f1:79:78:77:02:7f:fd:6a:1b:
44:9b:94:2d:a3:e6:5a:05:44:a2:81:7a:d1:21:b8:
81:a2:c9:53:b5:4b:83:82:05:f2:f0:be:4f:20:6e:
38:e0:24:f1:8f:55:9f:05:b9:d4:b9:4a:e4:7c:c6:
bf:a9:8a:70:00:39:ce:43:e8:f8:b6:f0:e3:5c:14:
e5:cc:17:4b:59:ee:eb:df:fb:b8:17:8a:0e:7d:06:
72:3e:6b:0d:b2:04:56:d2:0f:19:25:f0:f4:00:20:
3e:2d:57:90:a8:ac:14:73:39:8b:5a:3d:c6:1f:05:
49:f3:73:7a:db:2c:c5:4d:ee:c8:83:8e:f4:25:62:
6f:59:31:0c:22:d0:62:63:79:09:01:8a:02:bc:39:
5b:7b:ca:b4:95:09:cb:31:69:98:22:c3:13:87:b0:
a7:fa:35:4f:a8:13:02:83:e2:25:20:ca:4b:e8:99:
20:82:83:d9:9b:1f:a3:51:72:53:31:cd:9c:a9:98:
43:30:fc:22:e1:a9:7c:d0:59:e0:57:b7:2b:08:73:
df:4b:b1:3f:91:15:a1:ba:e1:fb:8c:1b:16:0a:14:
a3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F1:EE:CB:1A:4E:F4:F8:AC:6D:AB:22:88:02:AD:68:79:2F:C5:50
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/OPHuyxpO9PisbasiiAKtaHkvxVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0-5.133.70.255
Signature Algorithm: sha256WithRSAEncryption
88:17:e4:21:ce:19:7a:45:4e:20:83:fa:51:54:ee:52:93:02:
3e:cb:61:3d:8a:d1:e3:90:1f:e6:8f:ec:30:8e:dd:75:83:b7:
d9:2a:54:65:e5:84:70:f9:70:c5:4b:ac:75:81:a7:8e:d6:80:
3e:e0:2d:6e:95:e9:19:12:67:de:29:d1:a2:e6:2e:f5:55:3f:
ac:a3:8b:74:98:10:35:32:f8:88:ee:51:ab:b8:61:cf:08:9e:
34:7f:04:bb:85:52:47:db:34:72:09:2b:ca:a3:da:06:e0:7c:
6a:f3:a2:90:56:13:c7:61:e3:b6:76:e3:6b:62:b5:a9:b9:2d:
e7:90:58:61:27:aa:16:f2:75:e4:bd:c3:40:34:b5:78:b0:ce:
e8:b0:58:30:ab:ed:a7:93:52:bd:3c:30:ed:e3:96:4c:0b:68:
fd:07:b9:b5:87:e2:61:1c:b5:fb:36:03:0d:92:2c:d1:4c:aa:
39:d0:5e:48:a7:f4:cc:ac:6c:48:72:b0:bd:ea:a8:d1:20:4a:
5a:3f:14:c4:bb:c2:7c:fb:22:6a:6b:f7:39:44:10:c4:ed:95:
c8:79:de:7a:a7:d2:68:92:82:49:31:9a:86:18:9e:d3:07:76:
e0:1e:f8:b1:77:0f:d3:b5:12:f0:c4:09:df:02:fa:84:42:d4:
d9:ae:2e:7a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/VcQRz6KIR0njgveFF+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwMTAyMDc0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGYxZWVjYjFhNGVmNGY4YWM2ZGFiMjI4ODAyYWQ2ODc5MmZjNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAympXL8TB3ORENe6rzXTHmIEKSeMW
tjmiL8Yt+zhHB9RPwifxeXh3An/9ahtEm5Qto+ZaBUSigXrRIbiBoslTtUuDggXy
8L5PIG444CTxj1WfBbnUuUrkfMa/qYpwADnOQ+j4tvDjXBTlzBdLWe7r3/u4F4oO
fQZyPmsNsgRW0g8ZJfD0ACA+LVeQqKwUczmLWj3GHwVJ83N62yzFTe7Ig470JWJv
WTEMItBiY3kJAYoCvDlbe8q0lQnLMWmYIsMTh7Cn+jVPqBMCg+IlIMpL6JkggoPZ
mx+jUXJTMc2cqZhDMPwi4al80FngV7crCHPfS7E/kRWhuuH7jBsWChSjgwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDjx7ssaTvT4rG2rIogCrWh5L8VQMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvT1BIdXl4cE85UGlzYmFzaWlBS3RhSGt2eFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIFhUQD
BAAFhUYwDQYJKoZIhvcNAQELBQADggEBAIgX5CHOGXpFTiCD+lFU7lKTAj7LYT2K
0eOQH+aP7DCO3XWDt9kqVGXlhHD5cMVLrHWBp47WgD7gLW6V6RkSZ94p0aLmLvVV
P6yji3SYEDUy+IjuUau4Yc8InjR/BLuFUkfbNHIJK8qj2gbgfGrzopBWE8dh47Z2
42titam5LeeQWGEnqhbydeS9w0A0tXiwzuiwWDCr7aeTUr08MO3jlkwLaP0HubWH
4mEctfs2Aw2SLNFMqjnQXkin9MysbEhysL3qqNEgSlo/FMS7wnz7Impr9zlEEMTt
lch53nqn0miSgkkxmoYYntMHduAe+LF3D9O1EvDECd8C+oRC1NmuLno=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:33 2025 by rpki-client on console.sobornost.net