Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/wQk6P3JazTtfJ7Qbak1iF7pmDzU.roa
File: wQk6P3JazTtfJ7Qbak1iF7pmDzU.roa (raw, json)
Hash identifier: yyhyj8+uWZT4ObCsZinsPoUAt/nN+0r3AmItPKtF2y8=
Subject key identifier: C1:09:3A:3F:72:5A:CD:3B:5F:27:B4:1B:6A:4D:62:17:BA:66:0F:35
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 0194221F624D271BAB0FD433949173AA7EDD
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/wQk6P3JazTtfJ7Qbak1iF7pmDzU.roa
Signing time: Wed 01 Jan 2025 13:47:49 +0000
ROA not before: Wed 01 Jan 2025 13:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209459
IP address blocks: 5.253.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:62:4d:27:1b:ab:0f:d4:33:94:91:73:aa:7e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 1 13:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1093a3f725acd3b5f27b41b6a4d6217ba660f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:31:41:4e:a1:b5:c8:a4:8e:32:8e:23:42:31:
d4:e2:4e:e7:a4:5c:6d:45:6d:97:4b:81:3c:34:5f:
79:ac:18:78:e8:f6:70:99:0f:56:b4:0f:27:11:67:
32:9a:06:9d:05:cd:c6:ac:59:2a:8f:43:1b:44:16:
4f:0e:20:cc:64:f2:19:cf:20:5d:0e:dd:c5:30:4b:
17:6a:53:a3:78:8c:cb:5e:a7:cb:93:0a:43:a7:ac:
c6:67:57:3b:df:a5:47:bc:b1:f4:12:00:a1:ef:46:
a0:67:2d:9a:29:7b:31:32:7e:e4:5a:b5:01:97:19:
87:b3:6e:c8:5a:a7:23:4d:73:3a:23:71:67:11:93:
85:86:53:ad:1e:b2:0a:80:1c:67:bb:a5:c1:9a:d7:
85:b7:bc:af:f2:cc:8d:da:49:80:88:91:ff:ba:34:
93:90:44:dd:97:b9:cd:3e:d6:25:c7:80:fc:d6:47:
e7:91:d8:a1:86:f7:dd:b4:60:84:5f:d5:b5:37:41:
a1:f5:ec:fa:d7:a0:e1:9f:df:9f:06:8c:33:e1:af:
68:28:b4:44:5e:28:ff:4d:3d:04:ee:b9:2b:a2:10:
7e:ab:53:fb:c7:2a:1a:e0:e9:39:8d:c2:30:9f:45:
cc:17:93:7a:23:e8:05:47:cc:38:7f:ad:ff:a0:df:
8c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:09:3A:3F:72:5A:CD:3B:5F:27:B4:1B:6A:4D:62:17:BA:66:0F:35
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/wQk6P3JazTtfJ7Qbak1iF7pmDzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:8a:76:d5:ff:57:30:78:d4:91:cf:d7:b0:6c:9e:13:a1:24:
5f:1f:9d:f4:8c:70:25:6c:80:89:b6:aa:0d:2e:30:73:d1:f3:
71:8a:ea:22:fb:70:b8:6c:76:46:87:e1:7f:56:42:76:6d:c7:
f6:b8:58:ff:69:03:16:87:ca:2d:33:34:f7:87:e1:df:2d:b9:
cb:91:da:62:c4:8f:bf:6b:0f:86:d5:c2:29:5a:31:88:2b:2b:
eb:f7:09:34:78:ec:d2:18:f3:6a:ec:51:0a:54:7c:ab:63:41:
c2:7b:62:07:30:43:81:05:89:92:6b:40:8f:58:19:63:3a:7f:
81:83:65:63:26:b5:d9:68:d8:eb:5f:1c:03:45:b2:4b:30:4a:
e0:6c:d7:e5:d4:cd:07:f1:ff:89:8e:59:cd:cc:f6:4d:b8:dd:
2c:ed:a8:df:c8:9b:6e:e2:cc:a0:69:02:4e:08:5e:c3:f2:dd:
ae:02:49:09:01:22:4f:1b:80:fe:c1:bc:63:c9:f5:10:2a:bc:
4c:f7:23:5d:24:22:8d:9a:58:0d:75:d8:e3:8c:93:19:17:7b:
2e:6a:4f:81:b9:20:d1:d5:c2:c5:e3:97:54:25:ff:ce:96:b0:
07:a1:73:fa:92:78:1b:97:73:56:8a:31:7e:0e:00:10:73:d0:
9f:f8:69:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH2JNJxurD9QzlJFzqn7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjUwMTAxMTM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA5M2EzZjcyNWFjZDNiNWYyN2I0MWI2YTRkNjIxN2JhNjYwZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzFBTqG1yKSOMo4jQjHU4k7npFxt
RW2XS4E8NF95rBh46PZwmQ9WtA8nEWcymgadBc3GrFkqj0MbRBZPDiDMZPIZzyBd
Dt3FMEsXalOjeIzLXqfLkwpDp6zGZ1c736VHvLH0EgCh70agZy2aKXsxMn7kWrUB
lxmHs27IWqcjTXM6I3FnEZOFhlOtHrIKgBxnu6XBmteFt7yv8syN2kmAiJH/ujST
kETdl7nNPtYlx4D81kfnkdihhvfdtGCEX9W1N0Gh9ez616Dhn9+fBowz4a9oKLRE
Xij/TT0E7rkrohB+q1P7xyoa4Ok5jcIwn0XMF5N6I+gFR8w4f63/oN+MzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMEJOj9yWs07Xye0G2pNYhe6Zg81MB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvd1FrNlAzSmF6VHRmSjdRYmFrMWlGN3BtRHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQAfinbV/1cweNSRz9ewbJ4ToSRfH530jHAlbICJtqoN
LjBz0fNxiuoi+3C4bHZGh+F/VkJ2bcf2uFj/aQMWh8otMzT3h+HfLbnLkdpixI+/
aw+G1cIpWjGIKyvr9wk0eOzSGPNq7FEKVHyrY0HCe2IHMEOBBYmSa0CPWBljOn+B
g2VjJrXZaNjrXxwDRbJLMErgbNfl1M0H8f+JjlnNzPZNuN0s7ajfyJtu4sygaQJO
CF7D8t2uAkkJASJPG4D+wbxjyfUQKrxM9yNdJCKNmlgNddjjjJMZF3suak+BuSDR
1cLF45dUJf/OlrAHoXP6kngbl3NWijF+DgAQc9Cf+Gmd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:58 2025 by rpki-client on console.sobornost.net