Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/cgZ6WBJvxmkAMdxkhP2wkgGEdL0.roa
File: cgZ6WBJvxmkAMdxkhP2wkgGEdL0.roa (raw, json)
Hash identifier: Ll3C8wRu25Vic+LtIEvKcAwf1QS+GIVy+0ziubvLeB4=
Subject key identifier: 72:06:7A:58:12:6F:C6:69:00:31:DC:64:84:FD:B0:92:01:84:74:BD
Certificate issuer: /CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Certificate serial: 019422FC3D7350DC79A8549AB2AA818F26D0
Authority key identifier: 0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/cgZ6WBJvxmkAMdxkhP2wkgGEdL0.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204512
IP address blocks: 157.97.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3d:73:50:dc:79:a8:54:9a:b2:aa:81:8f:26:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72067a58126fc6690031dc6484fdb092018474bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:0a:9a:5b:1f:40:bc:85:51:08:dd:26:86:
86:4c:a3:20:d7:3d:2d:74:7e:e3:e3:2f:e8:48:b2:
58:50:a7:c9:6b:75:0e:d7:37:18:4f:5d:f1:b3:c5:
2c:40:87:01:68:ca:c5:38:cd:01:be:bb:10:30:e7:
f3:f0:09:0d:6f:06:cf:b8:3d:0c:b5:7b:43:f8:a4:
b7:9d:d5:da:80:df:a4:3a:9d:39:76:10:2a:be:c1:
f3:27:77:1f:15:a9:f7:dc:b4:55:59:1c:c9:09:90:
ef:41:6c:8c:90:d6:24:1e:ab:91:d0:7f:bc:ab:fb:
15:26:b5:6b:8a:05:69:07:64:4a:f8:ae:15:11:2e:
d4:45:b3:2a:c4:2c:5b:a7:60:98:ed:2e:f1:9a:eb:
4b:01:e6:16:0e:6b:6a:59:a0:61:ca:0d:7f:d6:b7:
09:48:60:1e:50:24:24:9a:57:92:75:ec:ff:87:8b:
fa:35:4c:33:73:6a:36:bf:fc:db:f7:cc:d9:9e:e6:
9e:38:b1:81:b4:5a:62:9d:ed:e9:6d:e6:30:ca:07:
b8:c2:37:b5:30:bf:e6:62:a5:73:24:b3:7b:bb:43:
9d:9f:36:04:aa:7e:3a:e0:8d:84:28:be:2f:99:32:
c6:0b:8b:7a:db:2d:7e:e4:d6:3c:4f:eb:fe:e3:07:
c2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:06:7A:58:12:6F:C6:69:00:31:DC:64:84:FD:B0:92:01:84:74:BD
X509v3 Authority Key Identifier:
keyid:0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/cgZ6WBJvxmkAMdxkhP2wkgGEdL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.75.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:cd:9d:e3:75:94:92:3d:b3:5e:59:60:92:60:55:bf:58:77:
81:6f:e9:7b:31:ed:9b:2f:00:b8:73:d8:4c:66:6d:8f:24:68:
01:6c:33:ed:84:1a:29:2a:1f:e7:b1:9c:07:72:f2:ae:27:58:
33:e8:42:5c:42:e8:70:2e:84:7e:9a:17:61:ea:98:de:cb:98:
16:c1:09:ec:a6:6e:d8:54:86:c2:df:32:54:cb:82:78:ca:a7:
f9:f5:7c:60:ee:b5:44:3b:af:c6:50:8c:20:f2:5c:bb:ec:37:
83:8d:8f:69:14:87:39:82:61:b4:7e:55:c6:da:7f:38:ea:eb:
5d:9b:a3:17:ce:cb:ed:96:5e:5e:5d:50:47:e1:0b:56:01:9f:
83:0c:25:ad:87:0a:9d:3c:bf:1a:06:8e:35:6b:1f:9a:4b:c8:
91:d3:d4:c7:2b:43:28:31:54:fb:81:5e:a3:68:e8:aa:32:42:
52:20:be:13:e2:40:85:4a:5e:84:88:bd:cf:36:27:5b:3b:cc:
ce:2f:a1:be:5f:31:b1:d9:2b:63:17:2a:b5:8c:f0:6c:4f:17:
43:45:b4:f7:11:03:7e:0c:1c:db:da:d6:1d:bb:df:d5:3e:0d:
1a:07:2b:52:55:36:77:5e:c4:1f:26:15:6d:ad:e4:f5:bf:af:
36:41:af:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/D1zUNx5qFSasqqBjybQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGNiZWU1MTk5MGYxZTA1YTlkMWRjMGMyZjJmM2E4YTM0
NzBjMTMwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA2N2E1ODEyNmZjNjY5MDAzMWRjNjQ4NGZkYjA5MjAxODQ3NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRkKmlsfQLyFUQjdJoaGTKMg1z0t
dH7j4y/oSLJYUKfJa3UO1zcYT13xs8UsQIcBaMrFOM0BvrsQMOfz8AkNbwbPuD0M
tXtD+KS3ndXagN+kOp05dhAqvsHzJ3cfFan33LRVWRzJCZDvQWyMkNYkHquR0H+8
q/sVJrVrigVpB2RK+K4VES7URbMqxCxbp2CY7S7xmutLAeYWDmtqWaBhyg1/1rcJ
SGAeUCQkmleSdez/h4v6NUwzc2o2v/zb98zZnuaeOLGBtFpine3pbeYwyge4wje1
ML/mYqVzJLN7u0OdnzYEqn464I2EKL4vmTLGC4t62y1+5NY8T+v+4wfCrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIGelgSb8ZpADHcZIT9sJIBhHS9MB8GA1UdIwQY
MBaAFA2MvuUZkPHgWp0dwMLy86ijRwwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWIt
MWIxZTc4Y2JiYjA5LzEvY2daNldCSnZ4bWtBTWR4a2hQMndrZ0dFZEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWItMWIxZTc4Y2JiYjA5
LzEvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnWFLMA0G
CSqGSIb3DQEBCwUAA4IBAQCLzZ3jdZSSPbNeWWCSYFW/WHeBb+l7Me2bLwC4c9hM
Zm2PJGgBbDPthBopKh/nsZwHcvKuJ1gz6EJcQuhwLoR+mhdh6pjey5gWwQnspm7Y
VIbC3zJUy4J4yqf59Xxg7rVEO6/GUIwg8ly77DeDjY9pFIc5gmG0flXG2n846utd
m6MXzsvtll5eXVBH4QtWAZ+DDCWthwqdPL8aBo41ax+aS8iR09THK0MoMVT7gV6j
aOiqMkJSIL4T4kCFSl6EiL3PNidbO8zOL6G+XzGx2StjFyq1jPBsTxdDRbT3EQN+
DBzb2tYdu9/VPg0aBytSVTZ3XsQfJhVtreT1v682Qa83
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:36:25 2025 by rpki-client