Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/yIqAKJ9ffBRI_JVyvb32ZGXo-Dk.roa
File: yIqAKJ9ffBRI_JVyvb32ZGXo-Dk.roa (raw, json)
Hash identifier: Ncm1UuYwpN7GicMBHimmdKJ9awoqjLXc5cMuP8gJQm4=
Subject key identifier: C8:8A:80:28:9F:5F:7C:14:48:FC:95:72:BD:BD:F6:64:65:E8:F8:39
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0194252166B54366A4F470DEA7E3D059914D
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/yIqAKJ9ffBRI_JVyvb32ZGXo-Dk.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28920
IP address blocks: 158.120.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:66:b5:43:66:a4:f4:70:de:a7:e3:d0:59:91:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c88a80289f5f7c1448fc9572bdbdf66465e8f839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bf:86:31:0d:81:4f:91:ad:5e:d7:8b:bd:1e:
dc:a3:e8:04:8b:f6:02:4f:88:10:ff:eb:af:2a:1b:
77:83:cd:32:26:5e:75:5d:39:86:8c:17:90:d3:d5:
91:f0:8b:75:94:7c:87:eb:09:4c:25:cf:e2:0d:c3:
36:58:c3:51:11:aa:77:dc:86:0b:50:bd:06:c4:b1:
38:3f:22:8e:b7:6b:e6:d5:39:d5:ac:ca:d5:cd:12:
24:34:9d:48:95:7c:87:e0:b1:b5:94:1f:43:a6:48:
f8:28:84:78:c0:b2:8e:7f:17:4b:ad:a2:85:13:79:
e1:76:fb:32:02:e8:8e:74:3a:b4:83:23:86:3f:26:
40:3a:60:32:1f:8a:5f:eb:01:b9:19:18:60:86:f7:
54:36:7f:d9:9e:c5:40:e7:6b:6e:53:10:ce:fb:ee:
2e:68:78:72:7d:88:54:a7:04:16:ca:9a:c5:1d:4d:
6d:30:1a:43:c1:ee:2e:3d:10:fc:2d:ad:ff:0e:6d:
be:ff:a5:f6:da:7d:2c:54:2b:f5:10:8d:23:b8:87:
13:20:4f:a9:59:c8:5c:4e:72:3c:e6:68:e1:94:84:
3c:6f:dd:a8:96:80:0d:c8:50:cc:16:2e:cd:23:4a:
2b:be:c0:5d:5a:ee:1d:40:84:4e:2f:bf:f5:31:46:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8A:80:28:9F:5F:7C:14:48:FC:95:72:BD:BD:F6:64:65:E8:F8:39
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/yIqAKJ9ffBRI_JVyvb32ZGXo-Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.72.0/23
Signature Algorithm: sha256WithRSAEncryption
59:b5:7d:90:ab:bd:08:b7:47:63:90:50:88:63:f7:06:22:ce:
23:9c:bb:c1:ea:bd:83:1d:69:16:c0:a2:89:95:94:b9:b8:88:
e7:fe:87:fe:fd:b3:8a:52:d5:b4:f3:f6:b8:c3:28:bd:98:5c:
62:16:81:d0:3b:a2:be:74:96:18:8a:05:de:90:55:49:04:fe:
89:b7:b1:ce:36:d1:51:8f:56:ab:88:b6:33:a9:22:29:bd:af:
4d:63:49:7b:14:f4:5b:b0:c7:c5:3a:b4:91:ce:90:27:b4:19:
17:79:e2:bb:73:5a:8b:7c:c8:a4:89:ff:d4:09:d9:ed:fe:b1:
63:4d:7b:e9:1a:16:32:41:5d:cd:a3:2f:1e:81:7f:66:68:91:
50:23:7d:df:a6:08:d3:9c:03:06:fa:e7:3b:d6:84:b6:a6:48:
c2:24:a7:c9:46:dd:db:3f:3c:79:09:6b:00:9f:d2:98:51:c7:
e6:49:47:43:92:99:7c:50:c4:b4:30:65:85:b3:5c:30:47:39:
24:77:45:07:0f:3d:6d:33:bb:7d:09:59:4b:90:f1:2e:de:01:
14:44:32:b1:1d:0c:76:79:64:af:72:89:1c:3c:2b:b5:9e:4c:
75:14:5e:a1:21:fd:46:a6:d5:7c:eb:0e:87:d7:ad:16:cf:19:
3c:fc:b6:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWa1Q2ak9HDep+PQWZFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODhhODAyODlmNWY3YzE0NDhmYzk1NzJiZGJkZjY2NDY1ZThmODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL+GMQ2BT5GtXteLvR7co+gEi/YC
T4gQ/+uvKht3g80yJl51XTmGjBeQ09WR8It1lHyH6wlMJc/iDcM2WMNREap33IYL
UL0GxLE4PyKOt2vm1TnVrMrVzRIkNJ1IlXyH4LG1lB9Dpkj4KIR4wLKOfxdLraKF
E3nhdvsyAuiOdDq0gyOGPyZAOmAyH4pf6wG5GRhghvdUNn/ZnsVA52tuUxDO++4u
aHhyfYhUpwQWyprFHU1tMBpDwe4uPRD8La3/Dm2+/6X22n0sVCv1EI0juIcTIE+p
WchcTnI85mjhlIQ8b92oloANyFDMFi7NI0orvsBdWu4dQIROL7/1MUYaowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMiKgCifX3wUSPyVcr299mRl6Pg5MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEveUlxQUtKOWZmQlJJX0pWeXZiMzJaR1hvLURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnnhIMA0G
CSqGSIb3DQEBCwUAA4IBAQBZtX2Qq70It0djkFCIY/cGIs4jnLvB6r2DHWkWwKKJ
lZS5uIjn/of+/bOKUtW08/a4wyi9mFxiFoHQO6K+dJYYigXekFVJBP6Jt7HONtFR
j1ariLYzqSIpva9NY0l7FPRbsMfFOrSRzpAntBkXeeK7c1qLfMikif/UCdnt/rFj
TXvpGhYyQV3Noy8egX9maJFQI33fpgjTnAMG+uc71oS2pkjCJKfJRt3bPzx5CWsA
n9KYUcfmSUdDkpl8UMS0MGWFs1wwRzkkd0UHDz1tM7t9CVlLkPEu3gEURDKxHQx2
eWSvcokcPCu1nkx1FF6hIf1GptV86w6H160Wzxk8/LYC
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:09 2025 by rpki-client