Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/393131-1743-48e5-ae54-a9bf3a769377/1/4QNIL4c6Gz_sxHoIV5bmO3J-yRY.roa
File: 4QNIL4c6Gz_sxHoIV5bmO3J-yRY.roa (raw, json)
Hash identifier: hUEgN9PKhux4KaNWV6X/MwNUuCaPOczFnXagh0lAR1c=
Subject key identifier: E1:03:48:2F:87:3A:1B:3F:EC:C4:7A:08:57:96:E6:3B:72:7E:C9:16
Certificate issuer: /CN=8d0b584f6035fe5a287c567f1e3854b8fbc2a0c2
Certificate serial: 019423D76D226338DCA9FF2152A7A1C5F734
Authority key identifier: 8D:0B:58:4F:60:35:FE:5A:28:7C:56:7F:1E:38:54:B8:FB:C2:A0:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jQtYT2A1_loofFZ_HjhUuPvCoMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/393131-1743-48e5-ae54-a9bf3a769377/1/4QNIL4c6Gz_sxHoIV5bmO3J-yRY.roa
Signing time: Wed 01 Jan 2025 21:48:28 +0000
ROA not before: Wed 01 Jan 2025 21:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15513
IP address blocks: 159.29.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6d:22:63:38:dc:a9:ff:21:52:a7:a1:c5:f7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d0b584f6035fe5a287c567f1e3854b8fbc2a0c2
Validity
Not Before: Jan 1 21:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e103482f873a1b3fecc47a085796e63b727ec916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:44:0c:11:bd:4b:fb:d6:b2:d6:13:64:67:34:
00:f2:9e:66:52:46:18:8b:76:d0:4d:b2:ca:dd:4f:
38:75:89:e4:4f:43:05:31:0e:89:49:41:6f:0f:6a:
0a:3e:49:2d:f7:5a:cb:e3:00:c9:74:65:a0:7d:1a:
f2:cc:b1:25:de:45:09:13:2e:cc:cf:a2:e1:91:dc:
f6:8c:a2:eb:15:a0:21:07:53:dd:78:63:59:ed:5f:
03:97:9c:63:46:58:d1:cc:1e:87:8b:16:ca:c2:63:
4e:b3:11:cf:23:a2:4e:e4:48:67:5d:a7:2d:41:ba:
55:56:b6:1b:72:71:70:07:c2:6d:ac:73:3b:0d:e7:
28:37:dd:f2:64:ac:be:14:aa:a9:15:10:b3:f7:ee:
1d:4d:74:46:21:ea:f7:58:76:1f:50:37:3f:a3:d9:
b4:e8:4a:1b:f4:c7:94:69:45:1c:d9:bf:7f:0c:0e:
64:d1:75:1c:8a:6e:ce:68:16:19:ab:51:f0:d7:d6:
29:9b:8d:f7:5f:fa:f0:98:80:b6:7a:83:e4:49:53:
f9:31:4e:bd:e8:f7:5b:19:d5:d7:5c:e0:d4:3c:56:
0c:5e:04:c1:75:26:e7:f7:8b:a6:aa:9c:90:27:ec:
37:6b:eb:ff:aa:ff:ee:69:c3:24:1f:57:0e:2b:67:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:03:48:2F:87:3A:1B:3F:EC:C4:7A:08:57:96:E6:3B:72:7E:C9:16
X509v3 Authority Key Identifier:
keyid:8D:0B:58:4F:60:35:FE:5A:28:7C:56:7F:1E:38:54:B8:FB:C2:A0:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jQtYT2A1_loofFZ_HjhUuPvCoMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/393131-1743-48e5-ae54-a9bf3a769377/1/4QNIL4c6Gz_sxHoIV5bmO3J-yRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/393131-1743-48e5-ae54-a9bf3a769377/1/jQtYT2A1_loofFZ_HjhUuPvCoMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.29.72.0/22
Signature Algorithm: sha256WithRSAEncryption
30:98:e6:8c:ab:a3:cf:4f:36:86:4e:3b:c1:9e:37:8b:1b:fc:
e3:27:0f:b9:d2:24:e6:4f:52:9e:26:fc:52:e7:74:5e:62:55:
75:f4:dd:f1:5f:66:83:0e:6e:99:d8:54:ad:6e:50:4d:c9:86:
ac:21:fa:11:db:64:5b:4b:a5:db:1a:16:07:13:a7:45:0d:c6:
24:87:57:02:55:4f:30:b7:99:32:60:5c:a9:f3:54:a2:9e:1b:
16:d5:0c:07:48:6b:e2:93:91:3c:82:44:0e:f6:46:98:f5:38:
1d:ca:ac:76:2e:32:b4:6b:3d:ae:bf:25:41:3a:7d:c3:37:60:
e1:1e:1c:02:03:de:e9:41:d0:c6:56:0b:81:3b:b4:5f:0f:16:
77:3d:41:78:30:a5:cc:80:3a:99:c6:a8:5c:f4:5f:18:f7:0b:
f2:78:0e:6a:3b:a2:e3:40:f7:91:9e:ef:39:c5:4a:80:cb:a0:
16:4c:95:6c:f6:c8:01:8c:c3:63:7f:54:bb:7f:38:b3:19:5d:
83:80:eb:42:8f:c8:e9:d5:2b:7d:e9:04:61:9e:36:ae:43:9c:
52:88:c6:71:1c:13:4b:23:52:4d:53:d7:25:53:bf:40:39:17:
87:40:5d:04:87:59:3d:ef:76:78:39:00:1f:02:d7:3f:37:b2:
62:6f:47:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj120iYzjcqf8hUqehxfc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMGI1ODRmNjAzNWZlNWEyODdjNTY3ZjFlMzg1NGI4ZmJj
MmEwYzIwHhcNMjUwMTAxMjE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTAzNDgyZjg3M2ExYjNmZWNjNDdhMDg1Nzk2ZTYzYjcyN2VjOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUQMEb1L+9ay1hNkZzQA8p5mUkYY
i3bQTbLK3U84dYnkT0MFMQ6JSUFvD2oKPkkt91rL4wDJdGWgfRryzLEl3kUJEy7M
z6Lhkdz2jKLrFaAhB1PdeGNZ7V8Dl5xjRljRzB6HixbKwmNOsxHPI6JO5EhnXact
QbpVVrYbcnFwB8JtrHM7DecoN93yZKy+FKqpFRCz9+4dTXRGIer3WHYfUDc/o9m0
6Eob9MeUaUUc2b9/DA5k0XUcim7OaBYZq1Hw19Ypm433X/rwmIC2eoPkSVP5MU69
6PdbGdXXXODUPFYMXgTBdSbn94umqpyQJ+w3a+v/qv/uacMkH1cOK2e6UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEDSC+HOhs/7MR6CFeW5jtyfskWMB8GA1UdIwQY
MBaAFI0LWE9gNf5aKHxWfx44VLj7wqDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalF0WVQyQTFfbG9vZkZaX0hqaFV1UHZDb01JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8zOTMxMzEtMTc0My00OGU1LWFlNTQt
YTliZjNhNzY5Mzc3LzEvNFFOSUw0YzZHel9zeEhvSVY1Ym1PM0oteVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8zOTMxMzEtMTc0My00OGU1LWFlNTQtYTliZjNhNzY5Mzc3
LzEvalF0WVQyQTFfbG9vZkZaX0hqaFV1UHZDb01JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnx1IMA0G
CSqGSIb3DQEBCwUAA4IBAQAwmOaMq6PPTzaGTjvBnjeLG/zjJw+50iTmT1KeJvxS
53ReYlV19N3xX2aDDm6Z2FStblBNyYasIfoR22RbS6XbGhYHE6dFDcYkh1cCVU8w
t5kyYFyp81SinhsW1QwHSGvik5E8gkQO9kaY9Tgdyqx2LjK0az2uvyVBOn3DN2Dh
HhwCA97pQdDGVguBO7RfDxZ3PUF4MKXMgDqZxqhc9F8Y9wvyeA5qO6LjQPeRnu85
xUqAy6AWTJVs9sgBjMNjf1S7fzizGV2DgOtCj8jp1St96QRhnjauQ5xSiMZxHBNL
I1JNU9clU79AOReHQF0Eh1k973Z4OQAfAtc/N7Jib0cP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:26 2025 by rpki-client