Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/slyK1DAB4dbXemNXvoMVu6ZnABY.roa
File: slyK1DAB4dbXemNXvoMVu6ZnABY.roa (raw, json)
Hash identifier: Rc7vQ1K5O9MgP86008BcYYEvvo1tQ62QMOGFXd3ulqA=
Subject key identifier: B2:5C:8A:D4:30:01:E1:D6:D7:7A:63:57:BE:83:15:BB:A6:67:00:16
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 019425FD7C12836BE6D5FBB70C19DAEF71E7
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/slyK1DAB4dbXemNXvoMVu6ZnABY.roa
Signing time: Thu 02 Jan 2025 07:49:16 +0000
ROA not before: Thu 02 Jan 2025 07:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3308
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.243.0/24 maxlen: 24
158.233.244.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.246.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7c:12:83:6b:e6:d5:fb:b7:0c:19:da:ef:71:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 2 07:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b25c8ad43001e1d6d77a6357be8315bba6670016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3c:fb:a7:a8:d9:68:8f:ca:73:9c:53:ea:2c:
d8:17:47:ac:f7:a9:0a:0f:05:4b:e2:e4:0e:69:29:
ed:64:b9:dc:e8:d3:87:4f:5a:94:a4:c0:ac:ce:d4:
a1:f0:cf:9e:f0:6a:b6:e5:9a:a3:8c:b8:f2:af:19:
41:8d:82:4e:b0:f5:57:1d:10:d0:d3:2d:a8:57:ab:
b7:e0:d5:46:f4:a9:47:df:10:23:c2:34:88:fc:be:
fa:71:96:fa:3c:a3:59:b7:cb:29:bf:9f:7a:50:8d:
eb:59:10:33:40:f0:ec:05:c1:4f:a5:77:ab:9e:06:
e3:e9:ac:d7:e6:ed:c8:a5:b4:db:0d:9d:5f:6d:0d:
db:88:37:5e:e8:ad:fc:4c:45:50:47:64:1f:06:c6:
cf:f6:29:83:fd:0b:ff:b1:c0:2e:b4:c7:f2:27:eb:
ac:3b:c9:9d:06:cd:10:59:0e:83:40:c0:e6:8c:aa:
6d:19:90:b5:2d:4f:01:6f:a9:32:90:ae:25:61:2b:
12:08:68:7e:00:3a:40:d4:8c:c3:1d:08:fd:48:d4:
40:75:83:cf:a5:24:1a:70:8e:7d:d6:20:58:e8:7b:
0a:39:72:ab:e6:ce:ab:ce:27:14:b9:66:40:f1:79:
79:b1:c0:d4:d6:6a:c8:bd:5d:9e:c3:d3:15:bd:3f:
be:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5C:8A:D4:30:01:E1:D6:D7:7A:63:57:BE:83:15:BB:A6:67:00:16
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/slyK1DAB4dbXemNXvoMVu6ZnABY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.228.0/23
158.233.242.0-158.233.251.255
Signature Algorithm: sha256WithRSAEncryption
89:db:af:00:d8:cb:4a:c0:ac:0c:28:13:0d:54:d5:19:14:ad:
eb:3c:e5:97:58:63:73:60:78:c6:d0:31:1e:ad:e1:e8:42:ca:
f9:6b:8d:59:8f:ad:ff:37:a8:ea:ca:ae:b0:34:4a:4a:48:17:
23:af:39:a7:51:85:95:09:cb:92:e8:2d:26:c5:a1:2e:73:31:
b9:a4:0c:d8:48:4d:63:d5:16:4a:f5:de:1c:f6:d7:58:4b:a5:
9c:26:c7:a4:8d:c1:17:c7:5f:f7:25:f5:33:f5:a8:8a:07:f0:
93:5a:a5:5e:82:1d:69:b3:bf:79:a5:08:fe:f6:c3:21:4c:7a:
7e:21:91:84:7d:f1:d6:c5:6f:68:ed:b6:d9:84:91:2a:b7:fe:
2a:d4:ff:ec:62:72:ec:a5:3e:7e:99:08:f1:c8:a2:05:d9:61:
ce:5e:18:a2:bb:0a:ca:b8:64:18:34:45:77:e6:87:a8:86:35:
10:8f:43:2c:b8:d3:ef:5c:47:41:ae:f5:14:7e:97:8b:af:0f:
d2:88:93:f8:01:dc:20:ea:0a:82:bf:5c:cc:4e:50:82:70:7f:
e9:42:a3:07:43:1d:0d:9b:60:94:04:e3:91:e7:ab:e2:b5:a9:
05:af:ca:6e:73:94:50:da:d9:7e:4a:94:f4:e5:c6:c9:e6:8e:
77:7d:af:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/XwSg2vm1fu3DBna73HnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjUwMTAyMDc0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVjOGFkNDMwMDFlMWQ2ZDc3YTYzNTdiZTgzMTViYmE2NjcwMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDz7p6jZaI/Kc5xT6izYF0es96kK
DwVL4uQOaSntZLnc6NOHT1qUpMCsztSh8M+e8Gq25ZqjjLjyrxlBjYJOsPVXHRDQ
0y2oV6u34NVG9KlH3xAjwjSI/L76cZb6PKNZt8spv596UI3rWRAzQPDsBcFPpXer
ngbj6azX5u3IpbTbDZ1fbQ3biDde6K38TEVQR2QfBsbP9imD/Qv/scAutMfyJ+us
O8mdBs0QWQ6DQMDmjKptGZC1LU8Bb6kykK4lYSsSCGh+ADpA1IzDHQj9SNRAdYPP
pSQacI591iBY6HsKOXKr5s6rzicUuWZA8Xl5scDU1mrIvV2ew9MVvT++BQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLJcitQwAeHW13pjV76DFbumZwAWMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvc2x5SzFEQUI0ZGJYZW1OWHZvTVZ1NlpuQUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnunkMAwD
BAGe6fIDBAKe6fgwDQYJKoZIhvcNAQELBQADggEBAInbrwDYy0rArAwoEw1U1RkU
res85ZdYY3NgeMbQMR6t4ehCyvlrjVmPrf83qOrKrrA0SkpIFyOvOadRhZUJy5Lo
LSbFoS5zMbmkDNhITWPVFkr13hz211hLpZwmx6SNwRfHX/cl9TP1qIoH8JNapV6C
HWmzv3mlCP72wyFMen4hkYR98dbFb2jtttmEkSq3/irU/+xicuylPn6ZCPHIogXZ
Yc5eGKK7Csq4ZBg0RXfmh6iGNRCPQyy40+9cR0Gu9RR+l4uvD9KIk/gB3CDqCoK/
XMxOUIJwf+lCowdDHQ2bYJQE45Hnq+K1qQWvym5zlFDa2X5KlPTlxsnmjnd9r7M=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:59 2025 by rpki-client