Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/VrRfHZaFE59JerEdrE9HS5N8zaQ.roa
File: VrRfHZaFE59JerEdrE9HS5N8zaQ.roa (raw, json)
Hash identifier: evRW8lq6AXOrc8c+PnWQcg5urTMP86ar7OuL2tlE8gc=
Subject key identifier: 56:B4:5F:1D:96:85:13:9F:49:7A:B1:1D:AC:4F:47:4B:93:7C:CD:A4
Certificate issuer: /CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Certificate serial: 019425FC0E56F9D0752BBFBA1FFE316BF614
Authority key identifier: 7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/VrRfHZaFE59JerEdrE9HS5N8zaQ.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 116.199.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0e:56:f9:d0:75:2b:bf:ba:1f:fe:31:6b:f6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56b45f1d9685139f497ab11dac4f474b937ccda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c8:24:ca:96:88:eb:d0:e3:e4:25:cb:8e:4a:
db:83:88:9c:d5:96:bf:25:49:01:94:ec:a9:40:63:
ef:f1:01:72:1f:80:e4:f8:5a:9d:cf:0f:7e:de:e6:
fb:6a:6c:98:54:33:19:a0:8e:51:2c:57:fe:48:e5:
ef:10:02:5a:f5:c9:fe:51:21:8e:9b:fe:a2:cc:7a:
65:cc:30:ae:2f:0f:90:9c:4c:15:e9:df:18:92:ef:
66:38:71:a1:d5:b8:81:b2:6b:93:c0:d9:c3:39:d6:
93:11:05:1f:38:47:fe:d5:bc:87:03:31:43:20:ec:
10:50:42:61:98:6c:70:69:ab:8a:44:2f:7b:05:2a:
67:dd:d9:38:17:00:dc:13:4e:19:69:d5:39:8f:a4:
14:23:f0:59:43:e4:4f:15:b7:88:0f:f9:d8:05:03:
3d:80:50:fe:4c:e8:3b:22:0d:59:1d:35:a7:ca:54:
f0:56:35:00:cf:70:5f:e5:fd:50:43:4d:d2:55:41:
79:f4:08:27:43:54:55:1f:ed:95:58:b0:e5:db:98:
51:d0:a8:97:c1:fd:7d:aa:6c:19:de:87:9f:76:bd:
8c:36:e8:3e:81:5e:c1:53:9a:27:f4:3e:02:48:6e:
77:f0:21:47:19:2a:7a:41:da:3e:e4:a8:dc:97:1a:
c3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B4:5F:1D:96:85:13:9F:49:7A:B1:1D:AC:4F:47:4B:93:7C:CD:A4
X509v3 Authority Key Identifier:
keyid:7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/VrRfHZaFE59JerEdrE9HS5N8zaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/evtUQdjvjkGqKN1Rzd6SWUOu9_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.199.224.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:a7:89:a8:6f:0e:51:41:57:be:d1:07:d0:19:d6:25:4a:43:
70:6f:cc:ab:ae:30:d1:eb:44:b1:11:e2:0c:5a:24:7e:9d:7b:
18:47:66:37:bf:b9:05:ab:ee:e8:86:e3:a9:aa:af:a2:b9:34:
6c:dd:30:8e:fc:e6:01:b1:53:2f:4d:ee:a6:c5:0c:51:08:b0:
c6:c0:f0:22:3b:ec:ed:62:50:e9:3a:33:ae:24:09:b1:69:ba:
b3:f6:64:c4:eb:e7:e9:f8:ee:0b:b8:96:b4:a9:3f:f4:78:80:
1c:90:13:36:59:16:70:5b:b4:49:78:11:e3:85:75:6a:49:55:
38:12:43:0e:cc:dd:96:24:2d:f9:53:e5:82:ae:cd:53:fb:ed:
38:bf:00:40:f1:6e:e3:67:2b:8e:1e:55:9a:a2:98:bf:75:17:
e0:39:99:d1:0b:3b:69:83:79:51:63:f8:b6:8b:1b:c0:fc:dc:
de:ef:b2:70:42:ec:69:dc:44:2e:53:c1:56:17:fc:db:f4:ec:
01:95:48:66:93:d2:15:30:14:7a:0d:0c:0e:97:4c:86:a5:a4:
2a:ce:d9:e5:8d:41:5a:9a:9e:29:c7:c4:0c:bb:81:5b:fa:5b:
1d:34:5e:bd:66:4b:48:c3:9d:b2:30:6e:9f:84:dc:3e:73:ef:
94:e1:3f:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/A5W+dB1K7+6H/4xa/YUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmI1NDQxZDhlZjhlNDFhYTI4ZGQ1MWNkZGU5MjU5NDNh
ZWY3ZmEwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI0NWYxZDk2ODUxMzlmNDk3YWIxMWRhYzRmNDc0YjkzN2NjZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MgkypaI69Dj5CXLjkrbg4ic1Za/
JUkBlOypQGPv8QFyH4Dk+Fqdzw9+3ub7amyYVDMZoI5RLFf+SOXvEAJa9cn+USGO
m/6izHplzDCuLw+QnEwV6d8Yku9mOHGh1biBsmuTwNnDOdaTEQUfOEf+1byHAzFD
IOwQUEJhmGxwaauKRC97BSpn3dk4FwDcE04ZadU5j6QUI/BZQ+RPFbeID/nYBQM9
gFD+TOg7Ig1ZHTWnylTwVjUAz3Bf5f1QQ03SVUF59AgnQ1RVH+2VWLDl25hR0KiX
wf19qmwZ3oefdr2MNug+gV7BU5on9D4CSG538CFHGSp6Qdo+5KjclxrDhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFa0Xx2WhROfSXqxHaxPR0uTfM2kMB8GA1UdIwQY
MBaAFHr7VEHY745BqijdUc3ekllDrvf6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTIt
ZDg5NzNhY2FmNDFkLzEvVnJSZkhaYUZFNTlKZXJFZHJFOUhTNU44emFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTItZDg5NzNhY2FmNDFk
LzEvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDdMfgMA0G
CSqGSIb3DQEBCwUAA4IBAQBOp4mobw5RQVe+0QfQGdYlSkNwb8yrrjDR60SxEeIM
WiR+nXsYR2Y3v7kFq+7ohuOpqq+iuTRs3TCO/OYBsVMvTe6mxQxRCLDGwPAiO+zt
YlDpOjOuJAmxabqz9mTE6+fp+O4LuJa0qT/0eIAckBM2WRZwW7RJeBHjhXVqSVU4
EkMOzN2WJC35U+WCrs1T++04vwBA8W7jZyuOHlWaopi/dRfgOZnRCztpg3lRY/i2
ixvA/Nze77JwQuxp3EQuU8FWF/zb9OwBlUhmk9IVMBR6DQwOl0yGpaQqztnljUFa
mp4px8QMu4Fb+lsdNF69ZktIw52yMG6fhNw+c++U4T9I
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:18:14 2025 by rpki-client