Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/h7aMZY4rs8JTQ1CJz5QbU9M1OvM.roa
File: h7aMZY4rs8JTQ1CJz5QbU9M1OvM.roa (raw, json)
Hash identifier: KFfDZ9dh2Ge3x0fBy92J3uTwn6FSGd+/h28pAkysnlM=
Subject key identifier: 87:B6:8C:65:8E:2B:B3:C2:53:43:50:89:CF:94:1B:53:D3:35:3A:F3
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 019423D6A51319EF803E0A32254453ABEC0D
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/h7aMZY4rs8JTQ1CJz5QbU9M1OvM.roa
Signing time: Wed 01 Jan 2025 21:47:36 +0000
ROA not before: Wed 01 Jan 2025 21:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16589
IP address blocks: 159.197.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a5:13:19:ef:80:3e:0a:32:25:44:53:ab:ec:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Jan 1 21:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87b68c658e2bb3c253435089cf941b53d3353af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d4:0f:c5:72:cb:1a:2d:f2:0b:3f:ec:b1:13:
d0:84:b2:76:d9:2d:1a:5a:a6:b7:52:27:b4:60:58:
96:61:28:f1:0e:b1:4b:18:32:7a:a4:e0:8d:80:d4:
4a:91:b7:c0:75:aa:43:13:a6:c4:fb:20:c6:60:e0:
10:35:c9:e2:25:80:6a:c9:39:bd:b7:b2:86:1a:61:
9b:82:1b:83:55:cb:a7:57:ce:25:b5:c3:05:e4:40:
22:30:17:66:69:4d:e1:86:8c:9c:56:1f:3c:1a:78:
82:83:f8:f4:2b:fa:89:33:05:eb:7d:2e:96:f3:6c:
3f:a5:22:d2:8f:40:0e:e9:8c:e7:fb:b6:5f:87:b8:
4f:56:db:2a:39:4e:a8:7f:39:72:a2:2a:a4:10:60:
5b:9f:fc:8c:75:4e:df:fc:cc:85:a7:6a:72:0e:62:
48:80:54:ee:5f:39:69:15:fd:86:bf:3e:cb:30:f6:
ad:c4:3b:7e:2d:a3:61:df:37:e8:c0:5a:03:46:8d:
73:ad:ea:c0:8e:09:3f:01:79:e4:fd:0e:ff:db:ed:
c3:7a:85:31:3a:7f:0f:a8:40:c7:81:4b:82:e3:4f:
e9:59:9e:0c:34:5d:b8:68:08:fb:02:f2:d6:12:d0:
41:1e:d4:0d:07:da:d6:4e:39:6c:3b:d3:38:75:b2:
03:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B6:8C:65:8E:2B:B3:C2:53:43:50:89:CF:94:1B:53:D3:35:3A:F3
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/h7aMZY4rs8JTQ1CJz5QbU9M1OvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:ed:c0:ec:f2:e5:84:74:44:c2:9b:5d:33:ee:8f:b0:2e:00:
7c:4e:0d:2c:ee:84:87:8a:d1:d8:d6:06:9e:41:15:de:ae:d1:
59:17:63:c5:dc:4d:bc:f7:dc:79:4f:7b:fe:92:52:c1:73:0e:
de:66:83:0d:54:aa:a0:0a:d9:d8:86:55:54:20:57:73:93:31:
be:5f:78:c4:06:b4:d8:12:bf:ef:1d:08:b9:ce:cc:52:06:1d:
52:5b:a6:49:89:62:b8:25:0f:fa:ee:f5:ae:b1:34:75:44:b7:
40:f4:43:98:49:0c:25:a9:d8:96:0e:15:d3:82:d5:e1:a1:40:
09:3f:c9:84:57:d8:82:64:a4:b6:b6:5d:8a:d5:0b:b1:bf:7a:
af:b8:d8:08:6a:d6:3e:dc:09:c1:38:1f:a6:63:3b:6a:85:0b:
ac:5e:7c:24:0f:4b:99:d9:ef:bf:e2:95:c2:fc:16:65:f7:13:
2f:d5:45:54:71:26:6e:af:c3:4b:42:5c:06:a6:18:f9:98:fd:
d6:15:32:fa:f3:03:b3:b0:a9:a5:7d:94:45:1c:c5:2a:e3:46:
04:fa:b8:b6:64:a2:d1:c6:7b:04:72:8e:df:0d:7d:d0:84:ac:
5d:fa:97:44:3d:f7:25:05:4e:e9:7e:b4:3f:c4:21:0b:b9:fb:
cb:fc:3f:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1qUTGe+APgoyJURTq+wNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjUwMTAxMjE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2I2OGM2NThlMmJiM2MyNTM0MzUwODljZjk0MWI1M2QzMzUzYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdQPxXLLGi3yCz/ssRPQhLJ22S0a
Wqa3Uie0YFiWYSjxDrFLGDJ6pOCNgNRKkbfAdapDE6bE+yDGYOAQNcniJYBqyTm9
t7KGGmGbghuDVcunV84ltcMF5EAiMBdmaU3hhoycVh88GniCg/j0K/qJMwXrfS6W
82w/pSLSj0AO6Yzn+7Zfh7hPVtsqOU6ofzlyoiqkEGBbn/yMdU7f/MyFp2pyDmJI
gFTuXzlpFf2Gvz7LMPatxDt+LaNh3zfowFoDRo1zrerAjgk/AXnk/Q7/2+3DeoUx
On8PqEDHgUuC40/pWZ4MNF24aAj7AvLWEtBBHtQNB9rWTjlsO9M4dbIDLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe2jGWOK7PCU0NQic+UG1PTNTrzMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvaDdhTVpZNHJzOEpUUTFDSno1UWJVOU0xT3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFn8XgMA0G
CSqGSIb3DQEBCwUAA4IBAQAu7cDs8uWEdETCm10z7o+wLgB8Tg0s7oSHitHY1gae
QRXertFZF2PF3E2899x5T3v+klLBcw7eZoMNVKqgCtnYhlVUIFdzkzG+X3jEBrTY
Er/vHQi5zsxSBh1SW6ZJiWK4JQ/67vWusTR1RLdA9EOYSQwlqdiWDhXTgtXhoUAJ
P8mEV9iCZKS2tl2K1Quxv3qvuNgIatY+3AnBOB+mYztqhQusXnwkD0uZ2e+/4pXC
/BZl9xMv1UVUcSZur8NLQlwGphj5mP3WFTL68wOzsKmlfZRFHMUq40YE+ri2ZKLR
xnsEco7fDX3QhKxd+pdEPfclBU7pfrQ/xCELufvL/D91
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:49 2025 by rpki-client