Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/w7TefL1yT6PiyPCau3UoQQ1oj4s.roa
File: w7TefL1yT6PiyPCau3UoQQ1oj4s.roa (raw, json)
Hash identifier: TbE+hwN6k/2xL285htIx4a5VHL1wC8JFsrUQwp69V9k=
Subject key identifier: C3:B4:DE:7C:BD:72:4F:A3:E2:C8:F0:9A:BB:75:28:41:0D:68:8F:8B
Certificate issuer: /CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Certificate serial: 01994200
Authority key identifier: B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/w7TefL1yT6PiyPCau3UoQQ1oj4s.roa
Signing time: Fri 29 Apr 2022 09:44:15 +0000
ROA not before: Fri 29 Apr 2022 09:44:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211261
IP address blocks: 5.253.158.0/24 maxlen: 24
5.253.157.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26821120 (0x1994200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ddd07ccd9da3ad3e80a2a7ac34ac9666d7d3dd
Validity
Not Before: Apr 29 09:44:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3b4de7cbd724fa3e2c8f09abb7528410d688f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1c:42:58:31:72:84:2b:d3:ed:58:ee:31:96:
08:ba:56:35:a8:81:2a:5a:57:f5:8b:be:c3:27:91:
73:98:ae:e0:fb:0e:cf:37:9a:0f:74:3e:5d:4e:e5:
3b:91:a2:d9:e6:80:a6:fe:8d:89:63:e4:30:03:cf:
db:3f:5f:8b:47:19:d0:4c:9f:b8:ae:3f:f5:d8:fa:
4a:6c:ce:5c:50:ea:ec:59:dd:61:4e:a7:71:00:7b:
12:ae:da:0d:fe:6d:dd:c8:af:dc:8f:ec:48:fc:cd:
75:62:29:65:54:f6:57:f1:75:91:63:84:9c:0b:f0:
1d:71:b8:7d:b8:6c:58:4b:90:8d:2c:77:21:e0:9e:
85:ce:0e:39:cf:f5:a7:f7:db:8a:c2:81:7b:a7:c2:
18:36:50:81:ec:fb:2b:fd:9d:f2:62:56:29:33:b3:
cb:52:a6:52:97:b3:c1:56:ff:27:3b:55:62:71:c5:
7a:a2:61:06:02:65:4a:b9:ac:de:43:15:d5:68:38:
11:53:3d:4e:08:27:bc:06:b4:10:f9:35:49:54:54:
d4:e9:c9:6d:be:60:6c:3b:44:4a:ca:b1:e1:42:1e:
6d:e9:d4:59:60:71:22:b4:07:ca:f7:35:f9:45:68:
c0:e0:a1:ae:c7:4e:85:af:a8:df:33:c3:b2:ae:e8:
82:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B4:DE:7C:BD:72:4F:A3:E2:C8:F0:9A:BB:75:28:41:0D:68:8F:8B
X509v3 Authority Key Identifier:
keyid:B2:DD:D0:7C:CD:9D:A3:AD:3E:80:A2:A7:AC:34:AC:96:66:D7:D3:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st3QfM2do60-gKKnrDSslmbX090.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/w7TefL1yT6PiyPCau3UoQQ1oj4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/7dc9ce-9862-4277-823f-5e090a30f4dc/1/st3QfM2do60-gKKnrDSslmbX090.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.157.0-5.253.159.255
Signature Algorithm: sha256WithRSAEncryption
0f:84:ed:74:6e:55:1e:a7:90:ef:ec:a9:f4:fc:fa:5d:3f:86:
51:f4:9e:62:47:02:8a:cb:b3:f6:49:a2:16:45:b8:75:35:d2:
92:3a:30:fb:52:e2:64:fb:c4:30:33:26:83:5d:91:f6:ac:0d:
fe:2c:d9:6d:cc:b3:46:f1:77:4e:42:d6:df:7e:7a:23:d6:1f:
3d:3b:e9:73:ce:83:0b:57:1c:46:45:2f:0c:5a:c1:36:dc:e1:
ab:41:f6:ba:4f:ca:9b:a1:c1:69:cf:e3:01:1e:af:9f:65:ac:
30:45:a1:55:08:49:80:20:bf:4c:d6:cf:54:f7:99:71:fe:21:
ea:e7:88:02:88:c0:de:b5:81:7a:63:32:88:49:34:4d:e3:05:
27:7d:63:3a:d4:7d:fb:e5:08:b3:6c:59:0c:88:9d:88:68:73:
63:ce:d4:bf:14:44:22:10:bb:ef:2e:f2:5f:2c:16:9d:d8:71:
87:e3:37:d8:a7:59:c9:c7:5d:94:83:38:70:dd:df:1d:1f:ac:
a8:df:9b:1c:fe:4e:24:7f:44:18:cd:60:fb:9b:07:80:84:38:
0b:fc:df:51:74:94:0c:47:1a:6d:c4:34:21:6e:d8:cc:ad:e7:
20:62:5f:9d:bc:1a:c4:08:15:61:8b:53:1b:88:3c:d2:56:6e:
df:29:bd:46
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAZlCADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmRkZDA3Y2NkOWRhM2FkM2U4MGEyYTdhYzM0YWM5NjY2ZDdkM2RkMB4XDTIyMDQy
OTA5NDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzNiNGRlN2NiZDcy
NGZhM2UyYzhmMDlhYmI3NTI4NDEwZDY4OGY4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0cQlgxcoQr0+1Y7jGWCLpWNaiBKlpX9Yu+wyeRc5iu4PsO
zzeaD3Q+XU7lO5Gi2eaApv6NiWPkMAPP2z9fi0cZ0EyfuK4/9dj6SmzOXFDq7Fnd
YU6ncQB7Eq7aDf5t3civ3I/sSPzNdWIpZVT2V/F1kWOEnAvwHXG4fbhsWEuQjSx3
IeCehc4OOc/1p/fbisKBe6fCGDZQgez7K/2d8mJWKTOzy1KmUpezwVb/JztVYnHF
eqJhBgJlSrms3kMV1Wg4EVM9TggnvAa0EPk1SVRU1OnJbb5gbDtESsqx4UIebenU
WWBxIrQHyvc1+UVowOChrsdOha+o3zPDsq7oglkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTDtN58vXJPo+LI8Jq7dShBDWiPizAfBgNVHSMEGDAWgBSy3dB8zZ2jrT6A
oqesNKyWZtfT3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N0M1FmTTJkbzYwLWdLS25yRFNzbG1iWDA5MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvN2RjOWNlLTk4NjItNDI3Ny04MjNmLTVlMDkwYTMwZjRkYy8x
L3c3VGVmTDF5VDZQaXlQQ2F1M1VvUVExb2o0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
N2RjOWNlLTk4NjItNDI3Ny04MjNmLTVlMDkwYTMwZjRkYy8xL3N0M1FmTTJkbzYw
LWdLS25yRFNzbG1iWDA5MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQABf2dAwQFBf2AMA0GCSqGSIb3
DQEBCwUAA4IBAQAPhO10blUep5Dv7Kn0/PpdP4ZR9J5iRwKKy7P2SaIWRbh1NdKS
OjD7UuJk+8QwMyaDXZH2rA3+LNltzLNG8XdOQtbffnoj1h89O+lzzoMLVxxGRS8M
WsE23OGrQfa6T8qbocFpz+MBHq+fZawwRaFVCEmAIL9M1s9U95lx/iHq54gCiMDe
tYF6YzKISTRN4wUnfWM61H375QizbFkMiJ2IaHNjztS/FEQiELvvLvJfLBad2HGH
4zfYp1nJx12Ugzhw3d8dH6yo35sc/k4kf0QYzWD7mweAhDgL/N9RdJQMRxptxDQh
btjMrecgYl+dvBrECBVhi1MbiDzSVm7fKb1G
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:02:33 2025 by rpki-client