Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/szEuog0QzjoBQW1CQcU6MA8xPCY.roa
File: szEuog0QzjoBQW1CQcU6MA8xPCY.roa (raw, json)
Hash identifier: LsMXxa5IeE1fxcnMKQjYIuPdJ91pJvkbpdujugd5olw=
Subject key identifier: B3:31:2E:A2:0D:10:CE:3A:01:41:6D:42:41:C5:3A:30:0F:31:3C:26
Certificate issuer: /CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Certificate serial: 0194221FA6578B023FCB1785250C9ACFFE9F
Authority key identifier: 20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/szEuog0QzjoBQW1CQcU6MA8xPCY.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47692
IP address blocks: 152.89.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a6:57:8b:02:3f:cb:17:85:25:0c:9a:cf:fe:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3312ea20d10ce3a01416d4241c53a300f313c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3a:2b:76:6c:cf:87:6c:61:a9:5e:69:08:de:
ea:b9:13:a1:ac:c1:4f:3c:86:74:05:3a:46:b3:67:
de:4b:97:b8:c6:b0:68:a2:be:3e:8c:67:85:20:0e:
7d:24:6e:78:80:80:29:2a:33:a1:f7:ed:84:41:1e:
60:d1:ea:09:0a:72:b6:ca:bb:27:ad:de:fe:b9:73:
e8:cb:a6:94:be:ae:c7:25:b7:39:88:29:c8:32:20:
40:df:02:51:77:2e:4b:5c:82:2f:f8:bb:b0:8d:f0:
6b:0b:e3:11:c4:e5:d9:e3:dc:68:ba:ec:72:7f:1a:
33:98:dc:77:14:81:70:7a:96:14:5e:8d:df:de:e4:
97:68:9f:e7:ec:05:d5:f2:71:81:90:35:80:9f:87:
8e:24:e2:82:54:30:2a:24:09:31:ee:7c:1f:ee:0f:
d5:15:7f:e1:0f:d5:96:64:c6:78:19:0b:b3:56:06:
b1:b6:9b:3a:f7:b5:98:96:7c:ed:8b:c4:f8:58:45:
99:73:7a:79:63:b9:a9:a7:19:e7:e6:93:37:0b:14:
08:ad:c3:77:6d:41:1b:12:a5:6c:0e:2f:94:d5:49:
f4:ab:07:8a:d7:6c:99:e1:fa:5b:d4:d4:52:7b:21:
ae:58:18:ca:66:90:b2:24:fb:c4:0b:e3:38:1b:ec:
db:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:31:2E:A2:0D:10:CE:3A:01:41:6D:42:41:C5:3A:30:0F:31:3C:26
X509v3 Authority Key Identifier:
keyid:20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/szEuog0QzjoBQW1CQcU6MA8xPCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/IAsV4Hg_4A8bile9FP29BpJLiDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.225.0/24
Signature Algorithm: sha256WithRSAEncryption
67:40:18:8a:b6:65:dd:ba:2d:fc:23:f5:d2:9b:9a:fc:84:4e:
3e:4f:20:4d:16:bd:dd:e7:8c:52:b7:d2:0d:e7:ef:a7:19:fa:
29:85:0a:3f:68:22:2f:4f:87:d1:6d:51:13:84:fc:fb:a8:86:
5b:9a:a9:1d:8a:81:c8:8f:9d:5d:f7:44:66:ba:88:7e:36:27:
f9:8e:35:56:e2:80:05:de:a8:fd:98:33:72:1d:ef:1e:96:42:
b9:0f:98:c0:b0:72:47:2e:27:bd:7b:9a:3e:4d:02:b4:f2:a9:
d8:fc:62:88:2a:00:c3:5e:42:03:b8:95:25:3c:30:46:57:c4:
f6:15:18:57:03:53:43:a6:7f:56:0a:99:0f:c3:cf:bb:67:de:
41:89:c9:7f:05:0c:f7:19:71:49:b4:71:c6:56:55:c7:9b:35:
e2:5f:12:65:64:67:c6:62:58:e3:6c:5a:ff:82:9b:01:89:ec:
f5:78:03:f7:72:05:1a:f8:f4:df:a4:b7:7a:ce:91:87:7b:bb:
7c:b5:89:e3:75:f1:cf:cb:1c:f4:18:49:1c:36:b5:f9:8f:48:
d2:f6:5d:09:e9:80:57:c5:f3:54:49:52:06:11:64:43:be:8a:
23:46:3e:c9:18:de:01:5b:e9:6e:60:15:d8:c4:f0:23:65:19:
10:c5:f5:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH6ZXiwI/yxeFJQyaz/6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGIxNWUwNzgzZmUwMGYxYjhhNTdiZDE0ZmRiZDA2OTI0
Yjg4MzIwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMxMmVhMjBkMTBjZTNhMDE0MTZkNDI0MWM1M2EzMDBmMzEzYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TordmzPh2xhqV5pCN7quROhrMFP
PIZ0BTpGs2feS5e4xrBoor4+jGeFIA59JG54gIApKjOh9+2EQR5g0eoJCnK2yrsn
rd7+uXPoy6aUvq7HJbc5iCnIMiBA3wJRdy5LXIIv+LuwjfBrC+MRxOXZ49xouuxy
fxozmNx3FIFwepYUXo3f3uSXaJ/n7AXV8nGBkDWAn4eOJOKCVDAqJAkx7nwf7g/V
FX/hD9WWZMZ4GQuzVgaxtps697WYlnzti8T4WEWZc3p5Y7mppxnn5pM3CxQIrcN3
bUEbEqVsDi+U1Un0qweK12yZ4fpb1NRSeyGuWBjKZpCyJPvEC+M4G+zbxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMxLqINEM46AUFtQkHFOjAPMTwmMB8GA1UdIwQY
MBaAFCALFeB4P+APG4pXvRT9vQaSS4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEt
M2ZlN2FlYTllMmUwLzEvc3pFdW9nMFF6am9CUVcxQ1FjVTZNQTh4UENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9mMGE2N2MtYmQ0Zi00ZGRjLThjNjEtM2ZlN2FlYTllMmUw
LzEvSUFzVjRIZ180QThiaWxlOUZQMjlCcEpMaURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnhMA0G
CSqGSIb3DQEBCwUAA4IBAQBnQBiKtmXdui38I/XSm5r8hE4+TyBNFr3d54xSt9IN
5++nGfophQo/aCIvT4fRbVEThPz7qIZbmqkdioHIj51d90Rmuoh+Nif5jjVW4oAF
3qj9mDNyHe8elkK5D5jAsHJHLie9e5o+TQK08qnY/GKIKgDDXkIDuJUlPDBGV8T2
FRhXA1NDpn9WCpkPw8+7Z95Bicl/BQz3GXFJtHHGVlXHmzXiXxJlZGfGYljjbFr/
gpsBiez1eAP3cgUa+PTfpLd6zpGHe7t8tYnjdfHPyxz0GEkcNrX5j0jS9l0J6YBX
xfNUSVIGEWRDvoojRj7JGN4BW+luYBXYxPAjZRkQxfWE
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:43 2025 by rpki-client