Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/J_GNQPWHaTopYauZz-X71VDCD30.roa
File: J_GNQPWHaTopYauZz-X71VDCD30.roa (raw, json)
Hash identifier: mYWNHSJ/8l+aWGMPXqK6gzDUsBDut0UQO9etVhI8z0E=
Subject key identifier: 27:F1:8D:40:F5:87:69:3A:29:61:AB:99:CF:E5:FB:D5:50:C2:0F:7D
Certificate issuer: /CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Certificate serial: 019427B59C6250A7F41FB2C2464F57F0769D
Authority key identifier: 09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/J_GNQPWHaTopYauZz-X71VDCD30.roa
Signing time: Thu 02 Jan 2025 15:50:00 +0000
ROA not before: Thu 02 Jan 2025 15:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198218
IP address blocks: 164.40.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:9c:62:50:a7:f4:1f:b2:c2:46:4f:57:f0:76:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f0dcceb74f1185acd97aeeaac25dda5e9b0936
Validity
Not Before: Jan 2 15:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27f18d40f587693a2961ab99cfe5fbd550c20f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:82:de:e5:51:93:8d:bc:9a:ad:d6:be:c7:
8e:71:c4:df:32:e8:1e:fe:ae:f5:4d:45:f9:5b:f5:
7e:63:28:11:32:0d:d3:7d:0d:a3:dc:22:e0:64:32:
ce:02:e8:2d:2c:58:ef:27:70:50:7e:6c:af:c8:40:
39:d1:30:f6:e1:9b:4a:9d:29:69:56:d2:cd:18:c8:
ec:8b:ca:8c:19:a1:c7:b0:2d:b4:77:0c:d3:b1:8b:
e2:2d:aa:76:23:f3:ab:47:b9:d9:76:83:65:74:11:
00:90:61:68:11:7c:d9:f1:7e:d2:62:33:1c:5e:d5:
e3:58:0f:99:86:1d:95:49:3e:00:72:31:a7:2c:65:
3e:e6:b8:35:24:7a:d4:8d:23:cc:fe:a2:d3:bd:7b:
7e:65:16:91:24:e5:4e:a7:d4:ca:39:f9:3a:64:46:
53:88:c2:14:f8:95:01:e2:e3:11:6a:f8:ef:b8:bf:
73:e7:94:5c:ae:cd:96:e1:ba:49:30:85:2b:20:26:
52:6d:19:79:28:3d:41:6a:14:d2:a5:49:9f:65:d1:
e1:1f:92:56:af:e7:d1:17:38:59:21:41:89:4f:7d:
8a:d0:1e:66:98:7f:01:85:e3:12:60:37:b3:d7:c3:
c4:c4:f6:c7:9a:1b:01:49:42:f7:ba:02:fb:4e:61:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F1:8D:40:F5:87:69:3A:29:61:AB:99:CF:E5:FB:D5:50:C2:0F:7D
X509v3 Authority Key Identifier:
keyid:09:F0:DC:CE:B7:4F:11:85:AC:D9:7A:EE:AA:C2:5D:DA:5E:9B:09:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CfDczrdPEYWs2XruqsJd2l6bCTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/J_GNQPWHaTopYauZz-X71VDCD30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/45ac0f-383a-4eb4-b188-996189f9ce14/1/CfDczrdPEYWs2XruqsJd2l6bCTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.160.0/21
Signature Algorithm: sha256WithRSAEncryption
31:01:11:f2:c6:00:c0:bb:ae:f8:95:19:3d:df:f6:bc:c8:ff:
1d:a0:3b:ed:f9:82:68:30:7c:b2:41:97:c6:46:3b:69:3e:80:
82:4e:ee:34:a2:57:fb:d8:a4:5b:2b:92:54:fa:80:e6:92:63:
e2:ac:e7:0d:dd:e9:8e:fa:e9:5c:f8:51:ce:89:72:aa:90:37:
eb:8d:3a:a9:17:af:80:21:e6:a6:18:14:6b:fa:d9:e1:8a:bf:
78:ba:ea:bf:ea:b0:ff:c5:e7:dc:2e:92:f9:d5:73:05:79:f1:
94:68:0f:40:95:36:c5:cf:9e:fc:7e:58:ce:10:9c:fb:99:3a:
55:02:1c:46:c5:f6:80:1e:a9:de:e9:32:c6:30:ea:ba:66:5a:
b1:7a:e1:23:0f:26:15:02:15:e7:fc:1c:2b:4d:6c:26:a2:b9:
82:a5:7e:ad:5c:7e:8a:be:e0:6c:57:05:97:10:5a:6c:bd:3b:
a5:5e:f2:06:19:5a:05:dc:58:d1:d3:55:25:a5:fc:56:30:69:
b4:6e:57:47:ad:07:2e:0b:b7:7a:7b:21:17:6d:35:f5:3a:6b:
d6:ff:53:e0:6c:5c:50:c5:65:5a:c9:56:5d:7b:2d:92:af:f3:
32:31:87:49:aa:8d:d7:7d:97:2b:38:2e:7d:3c:f5:51:64:97:
d2:c5:f4:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntZxiUKf0H7LCRk9X8HadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjBkY2NlYjc0ZjExODVhY2Q5N2FlZWFhYzI1ZGRhNWU5
YjA5MzYwHhcNMjUwMTAyMTU1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2YxOGQ0MGY1ODc2OTNhMjk2MWFiOTljZmU1ZmJkNTUwYzIwZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp+C3uVRk428mq3WvseOccTfMuge
/q71TUX5W/V+YygRMg3TfQ2j3CLgZDLOAugtLFjvJ3BQfmyvyEA50TD24ZtKnSlp
VtLNGMjsi8qMGaHHsC20dwzTsYviLap2I/OrR7nZdoNldBEAkGFoEXzZ8X7SYjMc
XtXjWA+Zhh2VST4AcjGnLGU+5rg1JHrUjSPM/qLTvXt+ZRaRJOVOp9TKOfk6ZEZT
iMIU+JUB4uMRavjvuL9z55Rcrs2W4bpJMIUrICZSbRl5KD1BahTSpUmfZdHhH5JW
r+fRFzhZIUGJT32K0B5mmH8BheMSYDez18PExPbHmhsBSUL3ugL7TmG9cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfxjUD1h2k6KWGrmc/l+9VQwg99MB8GA1UdIwQY
MBaAFAnw3M63TxGFrNl67qrCXdpemwk2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgt
OTk2MTg5ZjljZTE0LzEvSl9HTlFQV0hhVG9wWWF1WnotWDcxVkRDRDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi80NWFjMGYtMzgzYS00ZWI0LWIxODgtOTk2MTg5ZjljZTE0
LzEvQ2ZEY3pyZFBFWVdzMlhydXFzSmQybDZiQ1RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDpCigMA0G
CSqGSIb3DQEBCwUAA4IBAQAxARHyxgDAu674lRk93/a8yP8doDvt+YJoMHyyQZfG
RjtpPoCCTu40olf72KRbK5JU+oDmkmPirOcN3emO+ulc+FHOiXKqkDfrjTqpF6+A
IeamGBRr+tnhir94uuq/6rD/xefcLpL51XMFefGUaA9AlTbFz578fljOEJz7mTpV
AhxGxfaAHqne6TLGMOq6ZlqxeuEjDyYVAhXn/BwrTWwmormCpX6tXH6KvuBsVwWX
EFpsvTulXvIGGVoF3FjR01UlpfxWMGm0bldHrQcuC7d6eyEXbTX1OmvW/1PgbFxQ
xWVayVZdey2Sr/MyMYdJqo3XfZcrOC59PPVRZJfSxfQF
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:54:27 2025 by rpki-client