Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/84db03xfYelGerORYCPaE18sIuY.roa
File: 84db03xfYelGerORYCPaE18sIuY.roa (raw, json)
Hash identifier: mGsmynBl7jLseJdNkmqKYTcle2kapG2/B7E0rIACZPM=
Subject key identifier: F3:87:5B:D3:7C:5F:61:E9:46:7A:B3:91:60:23:DA:13:5F:2C:22:E6
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 0194236964370835DF0B4B378E9F261500BC
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/84db03xfYelGerORYCPaE18sIuY.roa
Signing time: Wed 01 Jan 2025 19:48:16 +0000
ROA not before: Wed 01 Jan 2025 19:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 159.100.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:64:37:08:35:df:0b:4b:37:8e:9f:26:15:00:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 19:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3875bd37c5f61e9467ab3916023da135f2c22e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:91:a9:bb:fa:29:b3:93:8f:00:e6:4c:10:
4a:33:cb:fe:fa:16:56:d0:eb:9a:9d:18:b4:23:35:
34:03:20:9e:d8:32:20:3f:b2:65:87:24:6d:b1:17:
05:b3:e7:6f:da:fb:80:35:d0:ae:29:53:36:f0:56:
88:15:5b:4e:7c:e2:fd:ce:cf:ed:1c:d4:a1:c9:41:
d8:2d:bc:e9:87:73:27:f1:db:e0:53:69:96:b0:8a:
bd:47:70:73:57:9a:de:5f:c0:93:82:8f:05:d5:9f:
c9:b2:2d:f5:21:4a:6b:c7:4b:51:85:98:03:b5:7d:
c6:48:b4:6c:04:4d:7d:c4:f9:17:71:56:0a:1b:b6:
60:04:88:07:35:e1:db:d7:46:a4:a4:02:5f:42:8a:
7d:e4:9c:97:b6:39:cf:8b:c5:49:3c:70:ad:9e:ac:
e6:c0:dd:e0:5f:45:9f:e7:88:da:b2:50:79:9c:7a:
e3:18:5b:11:a3:8f:4b:1b:3f:7c:eb:7e:9c:7d:35:
12:af:4e:a0:91:7a:25:f6:29:e8:a2:8c:9c:30:7f:
75:6b:ca:9d:b1:d5:77:d2:00:85:a7:ff:f5:51:b8:
06:b9:2f:d2:7a:47:a0:01:b5:d1:9c:32:25:17:09:
96:35:4c:88:98:55:27:6f:90:57:a4:4d:a9:3b:39:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:87:5B:D3:7C:5F:61:E9:46:7A:B3:91:60:23:DA:13:5F:2C:22:E6
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/84db03xfYelGerORYCPaE18sIuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.100.60.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:16:f9:e7:d2:0d:96:e3:ed:47:4b:8e:31:d9:b5:98:fc:9e:
c1:a9:e0:0e:64:e0:3c:7d:9c:6c:8f:6b:f0:0f:1a:b3:95:10:
80:7c:c3:0e:51:fd:e0:04:1b:65:bc:6a:2a:aa:c7:bf:b6:31:
8c:00:ec:52:92:b0:f6:83:50:3d:1c:4e:dd:c8:ff:f9:37:3a:
fd:46:c1:7f:25:c0:23:53:3e:31:cb:ac:bd:3b:c8:f9:37:92:
5f:b8:3d:3b:e6:3d:2c:82:93:d5:17:27:aa:d9:28:e6:a2:3e:
bf:3f:bd:4a:1d:50:5d:c5:54:04:b5:0e:c0:8a:41:94:6f:c8:
50:1a:02:53:25:51:ea:d0:6a:be:c9:b4:72:cc:b7:4a:6e:ed:
60:6d:0d:50:b1:ea:35:43:35:df:4a:58:e5:e8:1a:a0:65:85:
74:3b:28:78:92:32:37:50:57:7c:1c:9b:5b:68:82:bc:18:ec:
0d:1f:b0:07:38:a2:6e:95:b9:c5:db:ed:71:0a:45:4f:64:45:
56:50:6f:8c:36:03:5f:c2:a9:1f:f8:71:77:3b:4b:e2:b6:7f:
cd:7a:b1:da:ce:14:be:98:29:73:d0:a7:ff:09:73:32:e6:ef:
e3:f7:49:4b:7a:4c:99:4f:39:e6:be:d5:fb:23:c8:fa:f4:f8:
60:71:ac:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaWQ3CDXfC0s3jp8mFQC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjUwMTAxMTk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg3NWJkMzdjNWY2MWU5NDY3YWIzOTE2MDIzZGExMzVmMmMyMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX2Rqbv6KbOTjwDmTBBKM8v++hZW
0OuanRi0IzU0AyCe2DIgP7JlhyRtsRcFs+dv2vuANdCuKVM28FaIFVtOfOL9zs/t
HNShyUHYLbzph3Mn8dvgU2mWsIq9R3BzV5reX8CTgo8F1Z/Jsi31IUprx0tRhZgD
tX3GSLRsBE19xPkXcVYKG7ZgBIgHNeHb10akpAJfQop95JyXtjnPi8VJPHCtnqzm
wN3gX0Wf54jaslB5nHrjGFsRo49LGz98636cfTUSr06gkXol9inoooycMH91a8qd
sdV30gCFp//1UbgGuS/SekegAbXRnDIlFwmWNUyImFUnb5BXpE2pOzlmsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOHW9N8X2HpRnqzkWAj2hNfLCLmMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvODRkYjAzeGZZZWxHZXJPUllDUGFFMThzSXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCn2Q8MA0G
CSqGSIb3DQEBCwUAA4IBAQC1Fvnn0g2W4+1HS44x2bWY/J7BqeAOZOA8fZxsj2vw
DxqzlRCAfMMOUf3gBBtlvGoqqse/tjGMAOxSkrD2g1A9HE7dyP/5Nzr9RsF/JcAj
Uz4xy6y9O8j5N5JfuD075j0sgpPVFyeq2Sjmoj6/P71KHVBdxVQEtQ7AikGUb8hQ
GgJTJVHq0Gq+ybRyzLdKbu1gbQ1Qseo1QzXfSljl6BqgZYV0Oyh4kjI3UFd8HJtb
aIK8GOwNH7AHOKJulbnF2+1xCkVPZEVWUG+MNgNfwqkf+HF3O0vitn/NerHazhS+
mClz0Kf/CXMy5u/j90lLekyZTznmvtX7I8j69PhgcayI
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:35 2025 by rpki-client