Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/tyPwFquST_QYpMOQ15p0kPwIfBE.roa
File: tyPwFquST_QYpMOQ15p0kPwIfBE.roa (raw, json)
Hash identifier: pgj4wMLIuT+JDsLGd7CH6ihopHeyqUjAH/pXaSBmiXw=
Subject key identifier: B7:23:F0:16:AB:92:4F:F4:18:A4:C3:90:D7:9A:74:90:FC:08:7C:11
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 0194221FD45768D968B990273BC12F6D5209
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/tyPwFquST_QYpMOQ15p0kPwIfBE.roa
Signing time: Wed 01 Jan 2025 13:48:18 +0000
ROA not before: Wed 01 Jan 2025 13:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56485
IP address blocks: 43.252.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d4:57:68:d9:68:b9:90:27:3b:c1:2f:6d:52:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Jan 1 13:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b723f016ab924ff418a4c390d79a7490fc087c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:95:f1:bb:3c:2a:5c:07:8c:04:95:49:4d:
80:25:98:86:22:aa:78:fe:59:1a:f6:f0:ef:28:11:
c6:71:52:4a:22:f3:9d:24:34:57:be:4f:12:1d:06:
f2:b4:f3:fb:d4:e3:de:7c:70:10:88:72:b8:6d:d4:
79:3b:70:e6:1f:16:47:4c:f0:b7:ac:39:35:be:4d:
70:70:e0:20:f6:2c:26:32:ae:d9:36:3c:d5:4a:c8:
6e:77:b9:ff:61:51:e4:47:fe:d1:5a:a3:ee:de:31:
2e:fe:b5:7b:be:d1:29:ac:9b:85:40:80:fa:d0:ba:
e3:dd:a2:0d:ee:e6:a9:92:16:a7:35:8e:89:ad:4d:
78:a1:95:55:ef:72:ec:dd:d6:4e:59:eb:32:ab:a0:
26:bc:b5:90:11:07:af:b4:58:7f:12:02:4b:87:3f:
84:42:a3:b4:0e:89:41:61:6a:0a:93:d6:06:bc:08:
bf:b2:1a:2c:79:92:68:54:c2:3e:a9:2e:c5:b6:b8:
70:30:36:92:de:6c:82:dd:dd:ff:f4:cf:f6:25:0c:
98:6b:e7:fc:86:4f:48:6d:3a:4e:da:fc:63:d4:d1:
ce:11:49:02:83:db:ba:e3:92:e7:6d:94:a0:ec:dc:
56:85:43:c7:ce:5c:97:c4:f6:f7:3b:44:ec:d9:41:
03:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:23:F0:16:AB:92:4F:F4:18:A4:C3:90:D7:9A:74:90:FC:08:7C:11
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/tyPwFquST_QYpMOQ15p0kPwIfBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.24.0/22
Signature Algorithm: sha256WithRSAEncryption
98:7b:01:71:4b:23:db:0e:36:28:06:55:7e:ae:62:f6:e2:5b:
8a:a7:07:cc:c8:e6:b5:7d:fd:47:2d:4c:63:16:4a:53:22:88:
62:25:4b:e9:b0:ea:98:a8:1e:e3:27:8c:4d:90:de:bc:f4:e4:
f4:ef:b0:22:25:d3:5d:96:81:45:16:89:f4:60:78:22:fc:22:
ba:9e:b1:32:32:66:b5:08:1e:c2:2a:cd:1d:0e:6f:68:2a:d0:
bb:55:8a:44:6a:0f:4a:7b:94:20:40:2a:f8:41:55:00:12:94:
70:7c:26:ea:de:57:cd:3e:c4:2e:82:36:97:2d:07:60:c4:88:
ee:cc:11:b8:ce:9b:c5:69:fd:04:c6:50:04:5c:b3:8c:02:ad:
30:6c:e4:93:89:4a:f5:25:a8:db:17:5d:f1:ca:8d:d5:bb:6f:
86:d1:8a:04:bc:0f:eb:c5:c2:31:7d:ba:23:c8:19:1d:91:00:
c6:0d:a0:56:a6:45:f4:97:24:74:49:5f:6a:ea:25:4a:a0:f4:
5f:6f:6a:14:49:d9:b2:66:82:8c:3e:ef:ad:18:3b:62:7b:63:
e8:af:ee:81:7a:44:ec:a4:16:5a:b8:da:2d:05:20:c2:fa:f5:
7e:2f:f5:24:d1:5f:9a:51:59:0d:79:58:c1:dd:50:e3:36:79:
27:de:17:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9RXaNlouZAnO8EvbVIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjUwMTAxMTM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIzZjAxNmFiOTI0ZmY0MThhNGMzOTBkNzlhNzQ5MGZjMDg3YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuqV8bs8KlwHjASVSU2AJZiGIqp4
/lka9vDvKBHGcVJKIvOdJDRXvk8SHQbytPP71OPefHAQiHK4bdR5O3DmHxZHTPC3
rDk1vk1wcOAg9iwmMq7ZNjzVSshud7n/YVHkR/7RWqPu3jEu/rV7vtEprJuFQID6
0Lrj3aIN7uapkhanNY6JrU14oZVV73Ls3dZOWesyq6AmvLWQEQevtFh/EgJLhz+E
QqO0DolBYWoKk9YGvAi/shoseZJoVMI+qS7FtrhwMDaS3myC3d3/9M/2JQyYa+f8
hk9IbTpO2vxj1NHOEUkCg9u645LnbZSg7NxWhUPHzlyXxPb3O0Ts2UEDzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcj8Barkk/0GKTDkNeadJD8CHwRMB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvdHlQd0ZxdVNUX1FZcE1PUTE1cDBrUHdJZkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/wYMA0G
CSqGSIb3DQEBCwUAA4IBAQCYewFxSyPbDjYoBlV+rmL24luKpwfMyOa1ff1HLUxj
FkpTIohiJUvpsOqYqB7jJ4xNkN689OT077AiJdNdloFFFon0YHgi/CK6nrEyMma1
CB7CKs0dDm9oKtC7VYpEag9Ke5QgQCr4QVUAEpRwfCbq3lfNPsQugjaXLQdgxIju
zBG4zpvFaf0ExlAEXLOMAq0wbOSTiUr1JajbF13xyo3Vu2+G0YoEvA/rxcIxfboj
yBkdkQDGDaBWpkX0lyR0SV9q6iVKoPRfb2oUSdmyZoKMPu+tGDtie2Por+6BekTs
pBZauNotBSDC+vV+L/Uk0V+aUVkNeVjB3VDjNnkn3hex
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:24:03 2025 by rpki-client