Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cCAi-yLWOl7KTLvjcgv4I9u3nD8.roa
File: cCAi-yLWOl7KTLvjcgv4I9u3nD8.roa (raw, json)
Hash identifier: pzgBJKQlY+wSbZatuzP8YX/UnGaDdO5COchDt+eC4hU=
Subject key identifier: 70:20:22:FB:22:D6:3A:5E:CA:4C:BB:E3:72:0B:F8:23:DB:B7:9C:3F
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 0195199AFE1E73709EA30B9941934019B339
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cCAi-yLWOl7KTLvjcgv4I9u3nD8.roa
Signing time: Tue 18 Feb 2025 15:09:02 +0000
ROA not before: Tue 18 Feb 2025 15:09:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7474
IP address blocks: 159.151.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:9a:fe:1e:73:70:9e:a3:0b:99:41:93:40:19:b3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Feb 18 15:09:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=702022fb22d63a5eca4cbbe3720bf823dbb79c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b9:0d:fd:ac:2a:46:0f:fc:c7:e0:86:04:c0:
b3:d2:17:26:b3:55:26:25:dd:b7:30:75:f5:70:05:
48:b7:03:9f:a0:74:3a:e3:71:ba:2f:d6:e9:90:26:
ff:64:cd:4c:9d:54:3d:dc:b7:fc:05:02:43:dc:fb:
3a:4c:54:ae:13:fb:91:2f:73:2a:ee:c0:4a:57:c4:
46:f2:22:6d:6e:68:2d:41:73:90:c2:b6:97:d7:eb:
ed:17:b2:44:72:4b:72:19:6f:0c:09:98:e2:90:62:
6a:d7:de:7d:96:ef:e4:c3:5f:18:83:25:b7:58:74:
7c:cd:5a:25:02:74:e1:70:e8:41:df:d4:53:9d:24:
88:d7:7b:4c:fd:ca:30:8a:83:80:14:f7:99:74:c4:
3f:1e:c3:9c:fc:35:3c:d8:d3:16:90:4e:d0:a8:52:
b0:33:59:9d:06:c4:be:d1:ca:02:97:13:34:80:11:
80:61:1b:4c:e9:45:5f:78:85:4d:04:a7:9a:f2:b3:
38:2a:c7:09:be:17:33:e2:9f:2c:3c:27:b8:28:f1:
a1:c7:3f:8b:45:f4:34:c2:a1:cb:80:9a:65:8f:33:
15:3b:23:05:84:2d:7a:0e:a4:49:3a:4c:6c:d8:71:
83:bd:f1:97:3f:cd:36:bf:7d:f6:c5:68:b6:69:a6:
ab:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:20:22:FB:22:D6:3A:5E:CA:4C:BB:E3:72:0B:F8:23:DB:B7:9C:3F
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cCAi-yLWOl7KTLvjcgv4I9u3nD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.192.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c2:d9:3c:c4:10:9d:ac:fe:5f:d1:e8:43:61:02:2b:50:77:
b2:19:7e:e6:8f:a1:c4:a7:c4:6d:ea:e3:e0:77:22:36:52:1e:
3f:35:13:23:44:1e:b1:36:01:20:31:52:af:fd:ea:76:13:43:
7a:e5:0b:7d:44:6d:ba:c1:cf:d6:74:84:11:89:bf:ce:3c:51:
5f:e2:8c:a7:1c:2b:1f:01:e2:db:95:ef:3b:1f:52:a7:02:37:
94:e7:a5:dd:d7:29:aa:51:a2:5c:42:25:d2:29:d7:73:d3:cc:
eb:c7:a2:84:4e:a1:81:6b:b4:42:fd:ee:6b:ad:f4:53:8b:cd:
0c:e1:af:65:5b:1b:36:bf:0a:e6:59:36:34:f6:01:fb:99:fe:
67:84:76:31:bf:34:b5:99:ad:d2:f3:84:bc:d7:66:c2:57:5d:
bd:8a:5d:30:1e:00:f8:82:00:58:3a:2f:71:d1:74:9c:d7:02:
fb:69:30:27:e9:4b:b5:74:5a:f9:38:a1:91:14:1f:35:ee:ac:
5c:d5:28:da:3a:a1:95:f7:ce:8b:ad:4d:68:37:c2:89:fa:97:
72:01:0e:08:fe:ea:43:54:34:9f:13:a7:16:7a:c8:ae:4e:73:
b9:d2:ca:7c:c9:dc:bf:e1:04:a6:bd:96:f6:ad:1c:f2:81:2b:
f5:11:5f:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUZmv4ec3CeowuZQZNAGbM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjUwMjE4MTUwOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIwMjJmYjIyZDYzYTVlY2E0Y2JiZTM3MjBiZjgyM2RiYjc5YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7kN/awqRg/8x+CGBMCz0hcms1Um
Jd23MHX1cAVItwOfoHQ643G6L9bpkCb/ZM1MnVQ93Lf8BQJD3Ps6TFSuE/uRL3Mq
7sBKV8RG8iJtbmgtQXOQwraX1+vtF7JEcktyGW8MCZjikGJq1959lu/kw18YgyW3
WHR8zVolAnThcOhB39RTnSSI13tM/cowioOAFPeZdMQ/HsOc/DU82NMWkE7QqFKw
M1mdBsS+0coClxM0gBGAYRtM6UVfeIVNBKea8rM4KscJvhcz4p8sPCe4KPGhxz+L
RfQ0wqHLgJpljzMVOyMFhC16DqRJOkxs2HGDvfGXP802v332xWi2aaargQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAgIvsi1jpeyky743IL+CPbt5w/MB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvY0NBaS15TFdPbDdLVEx2amNndjRJOXUzbkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5fAMA0G
CSqGSIb3DQEBCwUAA4IBAQB0wtk8xBCdrP5f0ehDYQIrUHeyGX7mj6HEp8Rt6uPg
dyI2Uh4/NRMjRB6xNgEgMVKv/ep2E0N65Qt9RG26wc/WdIQRib/OPFFf4oynHCsf
AeLble87H1KnAjeU56Xd1ymqUaJcQiXSKddz08zrx6KETqGBa7RC/e5rrfRTi80M
4a9lWxs2vwrmWTY09gH7mf5nhHYxvzS1ma3S84S812bCV129il0wHgD4ggBYOi9x
0XSc1wL7aTAn6Uu1dFr5OKGRFB817qxc1SjaOqGV986LrU1oN8KJ+pdyAQ4I/upD
VDSfE6cWesiuTnO50sp8ydy/4QSmvZb2rRzygSv1EV/R
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:58:07 2025 by rpki-client