Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/Y0Nk9tl-qCa8DorGiEDjwrSmX0s.roa
File: Y0Nk9tl-qCa8DorGiEDjwrSmX0s.roa (raw, json)
Hash identifier: mzQKn7Y6MiSFmMsypQQoGywZaZjgp8BP9HplYmIAhgw=
Subject key identifier: 63:43:64:F6:D9:7E:A8:26:BC:0E:8A:C6:88:40:E3:C2:B4:A6:5F:4B
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 0195AB51F41644209113A68E936E3D15BD41
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/Y0Nk9tl-qCa8DorGiEDjwrSmX0s.roa
Signing time: Tue 18 Mar 2025 22:13:49 +0000
ROA not before: Tue 18 Mar 2025 22:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 147.28.138.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.75.40.0/23 maxlen: 23
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ab:51:f4:16:44:20:91:13:a6:8e:93:6e:3d:15:bd:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: Mar 18 22:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634364f6d97ea826bc0e8ac68840e3c2b4a65f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e6:29:2b:70:58:03:44:29:ab:06:5d:54:94:
3b:52:2d:eb:3d:9f:4f:97:03:a1:69:ea:72:05:0b:
e4:88:a3:ba:89:8a:dc:c5:8e:e8:57:71:83:e6:4f:
c5:45:f0:70:68:3d:f6:ce:69:c6:1a:45:14:a4:5c:
84:dc:25:de:c4:9e:89:e7:80:0b:b3:ac:fe:ac:30:
dc:65:40:f0:46:22:8f:16:64:2e:c2:2d:09:93:90:
a4:cb:3b:88:8f:2d:24:13:cf:92:8e:e9:f7:3b:9b:
f9:87:5c:12:a7:80:9d:0b:44:70:d7:5b:97:34:52:
a7:09:08:e1:e5:e2:99:38:71:ad:b6:83:f4:14:f7:
08:ce:79:16:3d:51:e2:c4:06:e6:ce:38:62:fd:5b:
df:8b:44:f0:ef:da:c8:c0:11:c6:fe:4f:7a:de:14:
a6:e5:4c:7f:f4:d7:f7:72:cf:24:48:eb:2c:54:2a:
3b:27:b2:26:cb:4a:60:29:bc:45:13:c7:6c:e6:9d:
e7:ae:ee:5f:a8:d7:7e:de:9a:ba:8d:ea:51:1e:2c:
7b:5f:41:a9:c7:07:63:a3:2d:26:7f:ce:ff:2f:e2:
49:e5:91:3e:5a:51:64:af:06:91:99:6d:29:d0:b5:
2c:33:d6:6b:84:a7:99:fe:d1:96:3e:18:6b:30:80:
28:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:43:64:F6:D9:7E:A8:26:BC:0E:8A:C6:88:40:E3:C2:B4:A6:5F:4B
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/Y0Nk9tl-qCa8DorGiEDjwrSmX0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.138.0/23
147.28.176.0/23
147.75.40.0/23
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
22:b9:26:50:38:4f:4a:47:1b:75:c5:e7:19:1d:f5:81:92:c5:
5b:47:71:dd:c9:f4:d2:08:c2:9f:77:f2:4c:39:8b:07:85:cf:
dc:45:ee:47:16:7e:d2:8a:75:3e:07:9a:26:5c:5f:39:32:5d:
4c:eb:8f:c0:a5:1d:6d:d2:fd:ae:72:50:9e:f8:35:11:fa:bc:
ad:22:7d:6d:84:2e:fc:5a:9e:1a:dd:11:00:ee:d4:94:e9:19:
e1:62:4e:a0:00:25:4e:c6:8d:8b:d9:e7:cb:a2:d7:35:ba:cc:
b3:76:a4:0b:f3:b7:cf:16:90:02:76:e6:f2:ae:28:71:b9:ea:
01:ba:54:7f:65:9d:9e:44:8f:9d:f9:a2:58:16:34:3b:2d:c1:
aa:2b:8e:91:a9:87:88:37:85:aa:32:f2:2e:c6:41:60:b3:63:
94:aa:ec:5f:ab:cb:2b:82:5b:dc:9c:40:a1:c6:69:7d:6b:ea:
1d:24:e6:7a:9c:b9:d7:12:ca:bd:87:bb:ba:fc:e8:38:7f:98:
cf:7b:5e:00:79:8a:dd:85:01:a4:7d:e4:7d:81:d7:0f:84:81:
db:6a:8b:ba:ba:ec:cd:fc:61:88:53:06:c5:85:1a:9f:a8:c7:
77:de:ce:44:db:69:3b:5b:a9:05:1b:18:ae:ed:c9:84:a8:3c:
22:6b:70:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZWrUfQWRCCRE6aOk249Fb1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwMzE4MjIxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQzNjRmNmQ5N2VhODI2YmMwZThhYzY4ODQwZTNjMmI0YTY1ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOYpK3BYA0QpqwZdVJQ7Ui3rPZ9P
lwOhaepyBQvkiKO6iYrcxY7oV3GD5k/FRfBwaD32zmnGGkUUpFyE3CXexJ6J54AL
s6z+rDDcZUDwRiKPFmQuwi0Jk5CkyzuIjy0kE8+Sjun3O5v5h1wSp4CdC0Rw11uX
NFKnCQjh5eKZOHGttoP0FPcIznkWPVHixAbmzjhi/Vvfi0Tw79rIwBHG/k963hSm
5Ux/9Nf3cs8kSOssVCo7J7Imy0pgKbxFE8ds5p3nru5fqNd+3pq6jepRHix7X0Gp
xwdjoy0mf87/L+JJ5ZE+WlFkrwaRmW0p0LUsM9ZrhKeZ/tGWPhhrMIAo7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGNDZPbZfqgmvA6KxohA48K0pl9LMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvWTBOazl0bC1xQ2E4RG9yR2lFRGp3clNtWDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBkxyKAwQB
kxywAwQBk0soAwQBk0vOMA0GCSqGSIb3DQEBCwUAA4IBAQAiuSZQOE9KRxt1xecZ
HfWBksVbR3HdyfTSCMKfd/JMOYsHhc/cRe5HFn7SinU+B5omXF85Ml1M64/ApR1t
0v2uclCe+DUR+rytIn1thC78Wp4a3REA7tSU6RnhYk6gACVOxo2L2efLotc1usyz
dqQL87fPFpACdubyrihxueoBulR/ZZ2eRI+d+aJYFjQ7LcGqK46RqYeIN4WqMvIu
xkFgs2OUquxfq8srglvcnEChxml9a+odJOZ6nLnXEsq9h7u6/Og4f5jPe14AeYrd
hQGkfeR9gdcPhIHbaou6uuzN/GGIUwbFhRqfqMd33s5E22k7W6kFGxiu7cmEqDwi
a3Bc
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:15:37 2025 by rpki-client