Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/foZeHIwLujdlY8Z9L88C79OdbL4.roa
File: foZeHIwLujdlY8Z9L88C79OdbL4.roa (raw, json)
Hash identifier: kBji60S+DjYJ/bgY7+g+22RM5gAKkLkkfayTk1h8AIo=
Subject key identifier: 7E:86:5E:1C:8C:0B:BA:37:65:63:C6:7D:2F:CF:02:EF:D3:9D:6C:BE
Certificate issuer: /CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Certificate serial: 0194221FA6F104C7924CE337C6DD074D4DD8
Authority key identifier: 20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/foZeHIwLujdlY8Z9L88C79OdbL4.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60951
IP address blocks: 152.89.224.0/22 maxlen: 22
152.89.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a6:f1:04:c7:92:4c:e3:37:c6:dd:07:4d:4d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e865e1c8c0bba376563c67d2fcf02efd39d6cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:fb:92:30:bf:2e:89:80:15:a3:cc:d0:89:f3:
53:32:13:48:0c:05:72:1e:2b:32:87:1a:99:89:84:
cf:dd:7f:23:05:5c:01:b8:e2:68:fe:03:94:1d:8c:
29:0d:fb:87:a8:c5:72:74:d3:ca:df:b4:90:6a:32:
a6:79:61:54:31:9a:6b:10:13:84:c4:f0:26:2b:a7:
f3:56:9e:38:8d:84:97:4c:8b:f6:d1:df:44:3d:5c:
06:8e:30:87:d8:5d:09:84:c0:74:e8:97:6a:dc:fd:
c7:1e:1b:fc:bf:1c:96:68:79:88:f3:a1:12:61:89:
d1:a9:a5:34:ba:6c:e1:b3:47:27:95:3a:d8:1b:b6:
fd:7d:fa:ea:8f:fb:e3:1c:95:31:ee:77:9b:bf:13:
99:b9:c4:29:21:f2:45:94:2c:d1:12:6b:21:de:24:
29:c5:92:ef:9a:24:ed:ec:6f:35:17:23:83:38:dc:
68:4f:d7:dc:f9:1c:f3:ae:19:49:29:09:f7:b1:8f:
f4:f5:87:b6:d1:6b:fa:49:62:96:cd:b9:c1:a8:b5:
79:e1:6f:0c:f8:52:3d:eb:dd:6d:7f:5d:25:8a:bd:
ce:d2:a9:8a:15:4d:07:21:90:74:f6:34:e4:66:0a:
50:71:07:06:50:0c:d6:74:50:15:46:ab:d7:20:18:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:86:5E:1C:8C:0B:BA:37:65:63:C6:7D:2F:CF:02:EF:D3:9D:6C:BE
X509v3 Authority Key Identifier:
keyid:20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/foZeHIwLujdlY8Z9L88C79OdbL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/IAsV4Hg_4A8bile9FP29BpJLiDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.224.0/22
Signature Algorithm: sha256WithRSAEncryption
78:d3:1c:00:2e:e5:0d:23:57:8e:e4:0f:3d:fc:74:bd:75:f5:
5b:54:6b:6b:22:81:e1:13:7e:ce:e4:14:59:18:d6:30:ea:9d:
32:28:2f:0a:e8:85:83:eb:6b:1a:2f:41:79:53:d1:6b:97:73:
3e:45:15:f4:83:a7:69:68:0a:10:a7:0f:11:1e:91:78:ce:fc:
c2:cc:f9:0e:07:f4:a7:6d:ea:7b:0f:dd:92:22:c8:a2:53:2d:
95:8a:95:60:55:cf:8c:5f:c8:5a:aa:cf:d2:27:55:4a:68:81:
97:9d:1d:a5:d1:7a:a6:22:19:73:c2:75:77:eb:b7:c9:8f:12:
df:81:26:c2:77:e0:58:b1:a6:22:f9:ad:43:f6:0b:55:5c:5d:
03:5b:5d:5b:c1:19:e9:52:60:40:5a:9e:a6:5c:f4:55:02:00:
20:d1:64:8f:16:ab:20:fd:6d:f2:ba:85:d0:75:f5:2a:97:ad:
49:92:3c:44:b7:8d:b4:0d:1d:fa:36:88:4a:49:29:e2:37:d0:
b3:f3:1a:b2:9b:bc:d3:40:10:3d:5c:dc:e7:fc:a4:dc:e9:cf:
35:9d:14:40:bf:a4:b2:bd:55:39:63:39:a0:23:83:a6:00:79:
21:3d:c7:74:6d:54:ad:16:84:fd:36:6b:4b:34:38:a1:98:f4:
aa:c8:3a:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH6bxBMeSTOM3xt0HTU3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGIxNWUwNzgzZmUwMGYxYjhhNTdiZDE0ZmRiZDA2OTI0
Yjg4MzIwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg2NWUxYzhjMGJiYTM3NjU2M2M2N2QyZmNmMDJlZmQzOWQ2Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PuSML8uiYAVo8zQifNTMhNIDAVy
HisyhxqZiYTP3X8jBVwBuOJo/gOUHYwpDfuHqMVydNPK37SQajKmeWFUMZprEBOE
xPAmK6fzVp44jYSXTIv20d9EPVwGjjCH2F0JhMB06Jdq3P3HHhv8vxyWaHmI86ES
YYnRqaU0umzhs0cnlTrYG7b9ffrqj/vjHJUx7nebvxOZucQpIfJFlCzREmsh3iQp
xZLvmiTt7G81FyODONxoT9fc+RzzrhlJKQn3sY/09Ye20Wv6SWKWzbnBqLV54W8M
+FI9691tf10lir3O0qmKFU0HIZB09jTkZgpQcQcGUAzWdFAVRqvXIBj4PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6GXhyMC7o3ZWPGfS/PAu/TnWy+MB8GA1UdIwQY
MBaAFCALFeB4P+APG4pXvRT9vQaSS4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEt
M2ZlN2FlYTllMmUwLzEvZm9aZUhJd0x1amRsWThaOUw4OEM3OU9kYkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEtM2ZlN2FlYTllMmUw
LzEvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFngMA0G
CSqGSIb3DQEBCwUAA4IBAQB40xwALuUNI1eO5A89/HS9dfVbVGtrIoHhE37O5BRZ
GNYw6p0yKC8K6IWD62saL0F5U9Frl3M+RRX0g6dpaAoQpw8RHpF4zvzCzPkOB/Sn
bep7D92SIsiiUy2VipVgVc+MX8haqs/SJ1VKaIGXnR2l0XqmIhlzwnV367fJjxLf
gSbCd+BYsaYi+a1D9gtVXF0DW11bwRnpUmBAWp6mXPRVAgAg0WSPFqsg/W3yuoXQ
dfUql61JkjxEt420DR36NohKSSniN9Cz8xqym7zTQBA9XNzn/KTc6c81nRRAv6Sy
vVU5YzmgI4OmAHkhPcd0bVStFoT9NmtLNDihmPSqyDqt
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:03 2025 by rpki-client