Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/tKMdNv1uVGpN6rjCrEpKREP1DL4.roa
File: tKMdNv1uVGpN6rjCrEpKREP1DL4.roa (raw, json)
Hash identifier: z16EJSqZB1g6ZVPnC73LMXgT7v30+vreH9t45xE0HBI=
Subject key identifier: B4:A3:1D:36:FD:6E:54:6A:4D:EA:B8:C2:AC:4A:4A:44:43:F5:0C:BE
Certificate issuer: /CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Certificate serial: 01942445762EC7FDD7AB612EDD43A9EA0E55
Authority key identifier: 72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/tKMdNv1uVGpN6rjCrEpKREP1DL4.roa
Signing time: Wed 01 Jan 2025 23:48:39 +0000
ROA not before: Wed 01 Jan 2025 23:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207357
IP address blocks: 5.182.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:76:2e:c7:fd:d7:ab:61:2e:dd:43:a9:ea:0e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Validity
Not Before: Jan 1 23:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4a31d36fd6e546a4deab8c2ac4a4a4443f50cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:7d:80:56:2a:0b:30:ab:77:86:a4:d4:3b:
3a:57:57:ff:3a:1b:f5:53:a8:69:3b:b8:b9:87:c2:
e7:cf:52:c5:12:04:ef:b8:f5:3b:26:cd:41:55:27:
6e:c9:4f:31:db:c5:a7:a7:2a:7a:ce:b3:f4:79:e0:
e6:75:fd:90:df:74:d9:a8:b9:cc:72:d0:9f:30:03:
57:8d:31:39:79:9d:4b:d6:c4:b2:99:e9:e0:4a:39:
49:b7:2d:d9:fd:22:13:2d:3d:3f:d1:e7:05:2e:fd:
3f:e1:4b:69:05:e6:b3:d5:50:99:73:03:93:3f:c0:
b1:25:ba:bf:61:10:c2:56:00:74:57:4e:0f:dd:07:
b2:1a:f0:81:61:5a:fe:38:15:73:b0:e5:de:fd:38:
a0:7c:ad:ca:d9:2f:b9:18:fc:c2:83:86:21:d2:02:
0a:02:2f:08:45:05:d9:61:e9:91:8a:e0:26:d2:9d:
ed:f5:b6:9f:29:46:77:13:c2:bd:40:25:b6:32:a1:
be:3a:95:8e:52:5a:14:1e:b7:b4:41:16:64:f8:8b:
f6:13:35:39:aa:8a:15:79:32:5c:55:67:2f:89:7d:
39:a1:29:d5:85:90:dd:38:7e:05:c4:c1:6f:71:4b:
5b:b2:88:ce:9c:47:1e:3e:a5:8e:26:fe:80:7f:42:
58:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A3:1D:36:FD:6E:54:6A:4D:EA:B8:C2:AC:4A:4A:44:43:F5:0C:BE
X509v3 Authority Key Identifier:
keyid:72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/tKMdNv1uVGpN6rjCrEpKREP1DL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a8:68:83:1d:d2:8c:47:49:eb:63:c3:56:e1:e5:dc:a0:d7:
7d:24:e1:f7:a2:c7:07:40:21:a4:9a:29:41:0c:fa:dd:52:a7:
d5:8a:b7:0e:bd:e3:cb:17:47:44:9b:13:cb:b9:3f:69:93:96:
6b:69:65:01:f0:82:18:d9:d3:db:a3:2d:c3:03:a0:d4:13:27:
c9:41:72:1e:55:8c:97:3f:96:0c:ae:00:8b:d0:cb:c2:64:82:
4e:4e:51:8c:12:7b:8c:b5:e3:e6:aa:02:f3:9f:fd:2e:2d:6e:
a3:57:ee:c3:8d:98:50:fc:56:b7:4c:59:f2:48:f3:88:08:70:
b0:fb:99:bf:a1:65:e1:89:44:76:43:72:91:ec:41:a8:70:1d:
15:1d:f4:61:f8:4c:bf:fd:bc:c8:79:ed:e9:ff:b4:49:ae:a9:
86:1b:45:98:b1:93:3d:25:a1:57:ad:0e:70:7e:61:94:a9:d5:
de:c0:84:61:57:9a:60:e8:5c:e7:d2:9f:b4:43:de:ff:98:e8:
ca:91:d6:a3:7a:31:4b:8d:71:8c:15:98:fe:e9:66:4a:b6:8f:
f1:cf:11:0a:d7:f8:55:a5:25:c9:3c:84:3e:79:d4:52:89:89:
b5:90:83:56:46:7c:cd:a7:2b:0b:c9:ca:73:de:f2:3e:41:7b:
0a:ed:82:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXYux/3Xq2Eu3UOp6g5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOGMyYmZkNmJiNTAzYTAxZDAxODYwMmJkYTE1MmQ3MzRl
ZDU2ZjAwHhcNMjUwMTAxMjM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGEzMWQzNmZkNmU1NDZhNGRlYWI4YzJhYzRhNGE0NDQzZjUwY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lB9gFYqCzCrd4ak1Ds6V1f/Ohv1
U6hpO7i5h8Lnz1LFEgTvuPU7Js1BVSduyU8x28Wnpyp6zrP0eeDmdf2Q33TZqLnM
ctCfMANXjTE5eZ1L1sSymengSjlJty3Z/SITLT0/0ecFLv0/4UtpBeaz1VCZcwOT
P8CxJbq/YRDCVgB0V04P3QeyGvCBYVr+OBVzsOXe/TigfK3K2S+5GPzCg4Yh0gIK
Ai8IRQXZYemRiuAm0p3t9bafKUZ3E8K9QCW2MqG+OpWOUloUHre0QRZk+Iv2EzU5
qooVeTJcVWcviX05oSnVhZDdOH4FxMFvcUtbsojOnEcePqWOJv6Af0JYGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSjHTb9blRqTeq4wqxKSkRD9Qy+MB8GA1UdIwQY
MBaAFHKMK/1rtQOgHQGGAr2hUtc07VbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDIt
OTM0OWYxMGEyNjQ5LzEvdEtNZE52MXVWR3BONnJqQ3JFcEtSRVAxREw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDItOTM0OWYxMGEyNjQ5
LzEvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABba9MA0G
CSqGSIb3DQEBCwUAA4IBAQAvqGiDHdKMR0nrY8NW4eXcoNd9JOH3oscHQCGkmilB
DPrdUqfVircOvePLF0dEmxPLuT9pk5ZraWUB8IIY2dPboy3DA6DUEyfJQXIeVYyX
P5YMrgCL0MvCZIJOTlGMEnuMtePmqgLzn/0uLW6jV+7DjZhQ/Fa3TFnySPOICHCw
+5m/oWXhiUR2Q3KR7EGocB0VHfRh+Ey//bzIee3p/7RJrqmGG0WYsZM9JaFXrQ5w
fmGUqdXewIRhV5pg6Fzn0p+0Q97/mOjKkdajejFLjXGMFZj+6WZKto/xzxEK1/hV
pSXJPIQ+edRSiYm1kINWRnzNpysLycpz3vI+QXsK7YLT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:10 2025 by rpki-client on console.sobornost.net