Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e243d0-19fe-4da3-a20a-e6effd3cef32/1/pa3jfF65O1LeusJmZP9_Hq2CHUA.roa
File: pa3jfF65O1LeusJmZP9_Hq2CHUA.roa (raw, json)
Hash identifier: DB5zR9clFk0B3PVw7uwrAY7t9bq1MxHbsRq/+LHkr9E=
Subject key identifier: A5:AD:E3:7C:5E:B9:3B:52:DE:BA:C2:66:64:FF:7F:1E:AD:82:1D:40
Certificate issuer: /CN=06c3b8b5f37e21068250571f4db83b4714468a2c
Certificate serial: 019420D61264BE1D36048FEEF00414096D5F
Authority key identifier: 06:C3:B8:B5:F3:7E:21:06:82:50:57:1F:4D:B8:3B:47:14:46:8A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsO4tfN-IQaCUFcfTbg7RxRGiiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e243d0-19fe-4da3-a20a-e6effd3cef32/1/pa3jfF65O1LeusJmZP9_Hq2CHUA.roa
Signing time: Wed 01 Jan 2025 07:48:07 +0000
ROA not before: Wed 01 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59695
IP address blocks: 5.152.248.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:12:64:be:1d:36:04:8f:ee:f0:04:14:09:6d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c3b8b5f37e21068250571f4db83b4714468a2c
Validity
Not Before: Jan 1 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5ade37c5eb93b52debac26664ff7f1ead821d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:89:b2:8c:0f:1e:eb:c7:9d:7b:37:d3:9d:
bb:16:f1:df:33:ff:99:23:65:9a:b2:eb:19:0e:2d:
9b:62:38:81:e9:e8:0b:c1:19:4a:0d:af:cd:46:e6:
5b:39:4d:67:23:93:38:73:f4:b6:c2:4c:b8:3d:13:
5c:27:9a:ac:15:fb:58:64:ec:eb:fc:4f:c5:91:b5:
ae:27:9c:41:1e:48:93:98:29:1c:9d:b8:be:4d:f8:
cb:17:da:16:70:b3:02:ad:c4:df:0d:96:ac:97:61:
12:ee:6e:9c:02:be:cd:08:92:f3:af:eb:42:71:d9:
5a:84:08:2a:9a:e1:7c:ac:bc:26:8a:33:3e:f5:ce:
7e:30:97:99:c5:4e:fa:b0:4c:10:5d:a5:d3:a9:33:
f5:34:ac:b5:fb:b8:ef:cf:de:05:58:d8:85:24:21:
96:7f:6c:f9:88:aa:6b:69:3e:0c:eb:43:51:e3:3a:
88:d0:2c:20:f7:46:8e:67:60:e1:5a:7b:cc:11:59:
cc:52:b7:fd:cd:27:ca:a6:c7:2e:fe:a4:f6:b5:e9:
01:fe:19:17:4d:ab:cf:b3:f2:db:a1:1b:39:bc:99:
84:6b:9c:30:eb:8c:72:6c:09:f6:75:98:a1:44:da:
0c:30:2e:01:3d:eb:a4:c9:f5:37:3d:5c:f6:d7:9c:
b4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:E3:7C:5E:B9:3B:52:DE:BA:C2:66:64:FF:7F:1E:AD:82:1D:40
X509v3 Authority Key Identifier:
keyid:06:C3:B8:B5:F3:7E:21:06:82:50:57:1F:4D:B8:3B:47:14:46:8A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsO4tfN-IQaCUFcfTbg7RxRGiiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e243d0-19fe-4da3-a20a-e6effd3cef32/1/pa3jfF65O1LeusJmZP9_Hq2CHUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e243d0-19fe-4da3-a20a-e6effd3cef32/1/BsO4tfN-IQaCUFcfTbg7RxRGiiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.248.0/21
Signature Algorithm: sha256WithRSAEncryption
86:3b:a8:c2:01:53:5b:ac:5c:fd:da:04:59:6f:d5:71:51:c2:
09:a3:94:7d:e9:f8:57:0c:41:08:b3:86:0b:94:ef:29:20:32:
99:5e:91:e4:89:6f:94:6f:1b:b6:b9:80:1b:0c:5c:2c:17:db:
5b:94:b9:22:d1:ae:22:82:40:33:6d:e9:23:10:2e:cf:ea:58:
72:f5:27:fd:69:d5:ca:61:5d:01:c5:61:85:e1:ec:4c:42:36:
d9:be:08:54:d5:f5:c2:de:13:35:59:5d:7f:f9:fc:0a:ff:07:
d2:c9:8d:97:f5:cd:55:5b:92:fb:e5:0b:15:5c:8f:05:9b:8d:
c0:1b:54:b0:19:28:a0:62:84:57:f2:87:d4:df:6f:8d:f8:32:
6b:2a:3e:8f:b0:98:b2:0c:9d:b7:52:96:47:d9:1e:08:5b:0c:
45:c4:f9:1a:0b:ca:e1:cd:15:7b:0e:21:ae:0d:71:2b:b5:f2:
58:92:63:18:4d:66:51:5d:88:eb:0b:e5:4e:f5:e4:c9:d2:fa:
63:9f:08:aa:f5:e6:4c:57:43:dd:df:c9:5f:fb:77:2f:22:c8:
e7:0c:ff:f2:5d:44:c5:35:ae:12:aa:8b:3f:a9:d2:58:f7:a1:
79:ce:1c:86:1c:0a:b8:94:2b:65:08:04:78:bd:55:cb:2f:f6:
9e:4f:57:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1hJkvh02BI/u8AQUCW1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzNiOGI1ZjM3ZTIxMDY4MjUwNTcxZjRkYjgzYjQ3MTQ0
NjhhMmMwHhcNMjUwMTAxMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFkZTM3YzVlYjkzYjUyZGViYWMyNjY2NGZmN2YxZWFkODIxZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs46JsowPHuvHnXs30527FvHfM/+Z
I2WasusZDi2bYjiB6egLwRlKDa/NRuZbOU1nI5M4c/S2wky4PRNcJ5qsFftYZOzr
/E/FkbWuJ5xBHkiTmCkcnbi+TfjLF9oWcLMCrcTfDZasl2ES7m6cAr7NCJLzr+tC
cdlahAgqmuF8rLwmijM+9c5+MJeZxU76sEwQXaXTqTP1NKy1+7jvz94FWNiFJCGW
f2z5iKpraT4M60NR4zqI0Cwg90aOZ2DhWnvMEVnMUrf9zSfKpscu/qT2tekB/hkX
TavPs/LboRs5vJmEa5ww64xybAn2dZihRNoMMC4BPeukyfU3PVz215y04QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWt43xeuTtS3rrCZmT/fx6tgh1AMB8GA1UdIwQY
MBaAFAbDuLXzfiEGglBXH024O0cURoosMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNPNHRmTi1JUWFDVUZjZlRiZzdSeFJHaWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMjQzZDAtMTlmZS00ZGEzLWEyMGEt
ZTZlZmZkM2NlZjMyLzEvcGEzamZGNjVPMUxldXNKbVpQOV9IcTJDSFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9lMjQzZDAtMTlmZS00ZGEzLWEyMGEtZTZlZmZkM2NlZjMy
LzEvQnNPNHRmTi1JUWFDVUZjZlRiZzdSeFJHaWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBZj4MA0G
CSqGSIb3DQEBCwUAA4IBAQCGO6jCAVNbrFz92gRZb9VxUcIJo5R96fhXDEEIs4YL
lO8pIDKZXpHkiW+Ubxu2uYAbDFwsF9tblLki0a4igkAzbekjEC7P6lhy9Sf9adXK
YV0BxWGF4exMQjbZvghU1fXC3hM1WV1/+fwK/wfSyY2X9c1VW5L75QsVXI8Fm43A
G1SwGSigYoRX8ofU32+N+DJrKj6PsJiyDJ23UpZH2R4IWwxFxPkaC8rhzRV7DiGu
DXErtfJYkmMYTWZRXYjrC+VO9eTJ0vpjnwiq9eZMV0Pd38lf+3cvIsjnDP/yXUTF
Na4Sqos/qdJY96F5zhyGHAq4lCtlCAR4vVXLL/aeT1fX
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net