Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/z183EFu1sPOo-y5sOOKBG0yXrp8.roa
File: z183EFu1sPOo-y5sOOKBG0yXrp8.roa (raw, json)
Hash identifier: 2s86trkawFwKZ7YJ1aIGcnl/nG7X/sIeZQp6cm6Vo74=
Subject key identifier: CF:5F:37:10:5B:B5:B0:F3:A8:FB:2E:6C:38:E2:81:1B:4C:97:AE:9F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B3039681D732AE8317A97472E30D44
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/z183EFu1sPOo-y5sOOKBG0yXrp8.roa
Signing time: Thu 02 Jan 2025 01:48:19 +0000
ROA not before: Thu 02 Jan 2025 01:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216464
IP address blocks: 159.148.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:03:96:81:d7:32:ae:83:17:a9:74:72:e3:0d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf5f37105bb5b0f3a8fb2e6c38e2811b4c97ae9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:a3:ec:49:7e:bf:67:ce:aa:1a:ab:ff:55:
d6:4c:a3:3a:b4:78:9b:8b:40:91:31:40:79:07:d9:
4b:77:4d:9c:fc:2a:a2:0b:9d:48:ce:8d:e6:33:02:
ed:44:fd:9b:25:c9:0d:9d:ac:ec:43:43:b6:02:ee:
9a:2b:0c:cc:48:f1:b7:21:e4:ed:d8:ab:30:3f:dc:
5a:57:48:35:7e:a0:ba:38:24:22:ba:81:c1:2e:a4:
1f:d1:c5:c5:33:ca:24:de:29:dc:21:6e:9e:92:01:
c1:2b:6b:00:3a:51:b8:5a:86:88:70:0e:54:51:84:
89:d0:23:ce:b7:12:f4:4d:22:12:d6:b5:7c:e9:55:
2a:f3:29:61:25:ad:e3:81:ae:5c:53:df:b6:17:20:
6f:fe:ee:a9:c9:e9:92:cc:18:4b:7c:c9:fa:c0:49:
28:34:f7:9e:bc:ad:fe:f6:85:e1:e9:85:68:e1:e4:
bb:1b:36:c3:f6:7e:15:3c:16:90:e6:c8:1e:91:60:
2e:d9:7e:4b:2f:e3:a0:20:f2:00:70:fe:df:25:45:
0f:d5:de:6c:f4:89:2d:06:1f:8a:a8:7a:8f:c0:6d:
45:bd:5c:f0:90:fa:10:58:49:4d:a0:3c:0f:0b:52:
fb:58:85:f0:7e:24:ba:6f:f7:10:4d:d0:54:e2:e7:
6c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5F:37:10:5B:B5:B0:F3:A8:FB:2E:6C:38:E2:81:1B:4C:97:AE:9F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/z183EFu1sPOo-y5sOOKBG0yXrp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.182.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:f3:6f:11:c8:23:25:96:5a:43:8e:e0:5b:f9:f3:b9:11:d6:
78:a0:8c:3e:d0:bf:21:b2:42:83:e9:53:eb:5c:de:a7:e2:d2:
4d:61:3f:0b:76:12:de:5c:f2:11:55:48:5f:6f:0e:a8:f9:30:
88:2b:f8:9a:28:5a:b6:20:a0:7d:6b:1a:98:72:33:33:d5:10:
a4:62:a7:90:a8:cf:b1:30:ef:b8:91:42:e9:61:44:a2:39:02:
fb:9b:24:a7:3f:50:ff:33:99:f9:aa:4d:60:cf:bf:4a:41:93:
c8:cf:c0:c3:56:a3:74:5f:b6:02:bf:c4:89:1b:d4:31:27:94:
b8:fb:f9:2b:b3:46:7b:6a:59:91:5f:a6:9a:b8:8f:18:e4:5f:
9b:3e:92:8f:53:ac:7a:02:ad:09:50:1b:b6:e2:38:ab:8c:50:
f7:a5:f9:c4:f5:09:83:d5:bb:23:58:47:07:a7:b7:a6:fa:cb:
2d:b1:28:b0:98:f8:42:16:e0:8a:46:c6:a1:28:8b:e9:e6:98:
f4:2a:cc:9d:0f:72:d7:e2:9f:23:65:c9:65:31:58:02:dc:60:
52:22:31:77:39:d5:2a:fa:7c:87:f9:50:9f:06:8d:d5:7c:8f:
b9:b8:51:0d:f5:29:fe:c2:b6:9b:6e:26:19:f9:dc:6a:70:e0:
71:a1:e6:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswOWgdcyroMXqXRy4w1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVmMzcxMDViYjViMGYzYThmYjJlNmMzOGUyODExYjRjOTdhZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIej7El+v2fOqhqr/1XWTKM6tHib
i0CRMUB5B9lLd02c/CqiC51Izo3mMwLtRP2bJckNnazsQ0O2Au6aKwzMSPG3IeTt
2KswP9xaV0g1fqC6OCQiuoHBLqQf0cXFM8ok3incIW6ekgHBK2sAOlG4WoaIcA5U
UYSJ0CPOtxL0TSIS1rV86VUq8ylhJa3jga5cU9+2FyBv/u6pyemSzBhLfMn6wEko
NPeevK3+9oXh6YVo4eS7GzbD9n4VPBaQ5sgekWAu2X5LL+OgIPIAcP7fJUUP1d5s
9IktBh+KqHqPwG1FvVzwkPoQWElNoDwPC1L7WIXwfiS6b/cQTdBU4uds7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9fNxBbtbDzqPsubDjigRtMl66fMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvejE4M0VGdTFzUE9vLXk1c09PS0JHMHlYcnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBn5S2MA0G
CSqGSIb3DQEBCwUAA4IBAQDH828RyCMlllpDjuBb+fO5EdZ4oIw+0L8hskKD6VPr
XN6n4tJNYT8LdhLeXPIRVUhfbw6o+TCIK/iaKFq2IKB9axqYcjMz1RCkYqeQqM+x
MO+4kULpYUSiOQL7mySnP1D/M5n5qk1gz79KQZPIz8DDVqN0X7YCv8SJG9QxJ5S4
+/krs0Z7almRX6aauI8Y5F+bPpKPU6x6Aq0JUBu24jirjFD3pfnE9QmD1bsjWEcH
p7em+sstsSiwmPhCFuCKRsahKIvp5pj0KsydD3LX4p8jZcllMVgC3GBSIjF3OdUq
+nyH+VCfBo3VfI+5uFEN9Sn+wrabbiYZ+dxqcOBxoeYu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:23 2025 by rpki-client