Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/ebqyf5BiDM6j62bVjaE6r-bdVhw.roa
File: ebqyf5BiDM6j62bVjaE6r-bdVhw.roa (raw, json)
Hash identifier: +MzGy+AsjXhbDBl5ZXZ0wbyW9k0Dlt1wZj2p77zu+Lc=
Subject key identifier: 79:BA:B2:7F:90:62:0C:CE:A3:EB:66:D5:8D:A1:3A:AF:E6:DD:56:1C
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 019425FC1F0589EE84333A462B5320D4F575
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/ebqyf5BiDM6j62bVjaE6r-bdVhw.roa
Signing time: Thu 02 Jan 2025 07:47:47 +0000
ROA not before: Thu 02 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8609
IP address blocks: 158.162.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1f:05:89:ee:84:33:3a:46:2b:53:20:d4:f5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79bab27f90620ccea3eb66d58da13aafe6dd561c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:54:eb:6e:e0:1c:7f:97:31:53:20:07:8e:8f:
84:92:84:c0:65:9a:b8:97:f5:5d:74:a9:68:b3:3f:
0c:ba:94:0e:3e:9e:db:cd:96:bd:c4:74:67:49:5d:
bc:76:70:35:37:f4:c0:fa:6d:7c:a3:25:8d:27:01:
ed:9f:cf:91:9c:1d:a4:01:1d:6d:4d:94:29:de:b6:
6c:61:24:2b:f8:75:4e:8a:95:35:bb:5f:dc:40:b4:
fb:37:77:ea:d4:75:12:9e:6b:cb:e0:2a:4b:d8:47:
a6:5e:a8:3f:20:05:50:63:3a:ca:cc:ca:2d:de:84:
0f:c8:f1:dd:cd:20:ad:59:4c:4a:3d:3c:b3:b2:83:
85:3e:cb:45:2e:37:23:cf:b0:bb:07:19:0d:f9:dc:
eb:46:9d:92:74:59:63:db:08:77:42:65:0f:ff:55:
b8:be:2b:e4:83:e7:95:1c:02:e3:e6:fc:fd:a6:f2:
df:e6:d7:b8:b8:b6:e4:80:42:32:58:b7:94:db:18:
6b:e6:48:16:ba:1f:e1:4c:f5:48:e6:7e:c3:6a:7f:
84:d9:cd:da:e3:fb:2d:a8:22:72:0c:39:af:b4:7f:
31:5a:7f:c1:76:63:53:18:a6:6b:3e:b2:dd:fe:a1:
c1:08:1b:ad:37:c9:5e:2c:5c:82:b4:84:fe:1a:63:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:BA:B2:7F:90:62:0C:CE:A3:EB:66:D5:8D:A1:3A:AF:E6:DD:56:1C
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/ebqyf5BiDM6j62bVjaE6r-bdVhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.124.0/22
Signature Algorithm: sha256WithRSAEncryption
42:17:eb:1d:e4:4a:c1:e4:15:0c:a6:33:98:1e:00:92:f6:52:
b3:cf:34:31:52:f2:19:24:d0:a8:62:c2:2f:f0:c6:d8:26:7e:
eb:0b:14:2c:ed:31:c8:e9:28:90:d2:8f:4b:52:2f:ec:71:2d:
c6:db:ef:5b:ef:06:fa:bc:0b:42:bb:71:fb:76:d2:d8:24:24:
da:6d:8d:cb:40:57:4b:7c:ad:53:b6:ea:10:d2:42:09:93:7f:
45:47:a1:9b:55:bf:7a:dc:f8:43:06:15:e8:b1:dd:32:f5:bc:
88:3b:8c:4e:bd:0b:2c:65:44:47:ff:de:05:6c:21:9d:a4:ff:
26:5f:50:6f:3b:75:b7:13:a8:cd:22:47:c9:1e:c8:6a:0d:f7:
a0:6c:75:10:d1:c9:b8:79:49:dc:70:1e:c9:49:2e:3c:db:29:
1e:20:40:25:a1:94:2d:ab:a1:24:41:69:df:1d:41:70:ee:ad:
c5:5f:fe:12:30:b6:41:41:f2:31:a8:37:1e:43:a3:c0:2b:5c:
9a:b9:0b:a8:b2:c4:57:71:a0:b7:64:e9:8a:79:3b:7d:b9:67:
1b:94:a9:b2:2b:09:08:22:0e:1a:69:b4:e0:4a:dd:a2:23:0e:
56:de:4e:49:06:3a:09:93:3e:f8:ac:0a:10:93:66:a4:2a:1e:
af:79:23:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/B8Fie6EMzpGK1Mg1PV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjUwMTAyMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWJhYjI3ZjkwNjIwY2NlYTNlYjY2ZDU4ZGExM2FhZmU2ZGQ1NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FTrbuAcf5cxUyAHjo+EkoTAZZq4
l/VddKlosz8MupQOPp7bzZa9xHRnSV28dnA1N/TA+m18oyWNJwHtn8+RnB2kAR1t
TZQp3rZsYSQr+HVOipU1u1/cQLT7N3fq1HUSnmvL4CpL2EemXqg/IAVQYzrKzMot
3oQPyPHdzSCtWUxKPTyzsoOFPstFLjcjz7C7BxkN+dzrRp2SdFlj2wh3QmUP/1W4
vivkg+eVHALj5vz9pvLf5te4uLbkgEIyWLeU2xhr5kgWuh/hTPVI5n7Dan+E2c3a
4/stqCJyDDmvtH8xWn/BdmNTGKZrPrLd/qHBCButN8leLFyCtIT+GmORwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHm6sn+QYgzOo+tm1Y2hOq/m3VYcMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvZWJxeWY1QmlETTZqNjJiVmphRTZyLWJkVmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBCF+sd5ErB5BUMpjOYHgCS9lKzzzQxUvIZJNCoYsIv
8MbYJn7rCxQs7THI6SiQ0o9LUi/scS3G2+9b7wb6vAtCu3H7dtLYJCTabY3LQFdL
fK1TtuoQ0kIJk39FR6GbVb963PhDBhXosd0y9byIO4xOvQssZURH/94FbCGdpP8m
X1BvO3W3E6jNIkfJHshqDfegbHUQ0cm4eUnccB7JSS482ykeIEAloZQtq6EkQWnf
HUFw7q3FX/4SMLZBQfIxqDceQ6PAK1yauQuossRXcaC3ZOmKeTt9uWcblKmyKwkI
Ig4aabTgSt2iIw5W3k5JBjoJkz74rAoQk2akKh6veSNz
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:56:26 2025 by rpki-client