Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/5aygAvRHvqbLOoouc05NtgFPpPw.roa
File: 5aygAvRHvqbLOoouc05NtgFPpPw.roa (raw, json)
Hash identifier: nc/AUfAwizBzWy5VZJ5QLuJbsORBSE2Jd11+BO+dk20=
Subject key identifier: E5:AC:A0:02:F4:47:BE:A6:CB:3A:8A:2E:73:4E:4D:B6:01:4F:A4:FC
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 0194FB1B60C2C7453F07DE3186443B6C2343
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/5aygAvRHvqbLOoouc05NtgFPpPw.roa
Signing time: Wed 12 Feb 2025 17:01:02 +0000
ROA not before: Wed 12 Feb 2025 17:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 159.101.128.0/21 maxlen: 21
159.101.236.0/22 maxlen: 22
159.101.240.0/22 maxlen: 22
159.101.252.0/23 maxlen: 23
159.101.254.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fb:1b:60:c2:c7:45:3f:07:de:31:86:44:3b:6c:23:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Feb 12 17:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5aca002f447bea6cb3a8a2e734e4db6014fa4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2c:7f:91:20:a7:86:3c:c0:19:77:4b:7b:50:
e1:af:c8:84:38:23:11:52:86:16:f2:92:ee:c3:10:
d0:99:26:17:20:50:80:b7:55:d6:28:9c:d0:92:0b:
98:a3:9a:70:79:b9:37:1b:94:06:98:98:d0:d6:e3:
5e:5b:0f:f9:1f:91:e0:29:b8:b5:ae:98:77:bd:76:
c4:54:6b:12:f2:92:52:73:3d:17:58:ce:3b:61:3b:
54:8b:d3:71:95:95:3c:b0:c0:a6:94:52:fe:71:0f:
51:bc:f5:ec:ae:95:73:66:d1:52:db:35:81:09:ad:
6d:19:dc:64:17:a7:79:d5:8f:0b:4b:71:8a:a6:ef:
86:77:2e:68:70:08:79:c4:4c:75:b6:03:33:ad:23:
8c:17:af:d5:38:99:0f:1f:a5:55:35:63:01:0a:a1:
cf:95:8e:aa:6b:45:fd:d5:fa:45:7f:50:b2:e9:a4:
92:61:02:10:8f:60:32:74:6d:b5:8a:2e:52:7d:d6:
3e:a6:86:fe:0d:71:f1:7d:d4:37:ca:51:b3:96:a4:
b3:dd:2e:39:f3:bc:1e:f4:a1:29:94:12:a3:61:26:
c7:db:35:db:83:ba:b4:36:23:03:b9:13:ce:d1:05:
a7:3c:a4:bc:90:35:bf:04:cc:f6:7a:8b:79:ce:81:
3a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AC:A0:02:F4:47:BE:A6:CB:3A:8A:2E:73:4E:4D:B6:01:4F:A4:FC
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/5aygAvRHvqbLOoouc05NtgFPpPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.128.0/21
159.101.236.0-159.101.243.255
159.101.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:e3:dd:ee:0f:1d:4b:95:8a:34:43:7d:60:92:4a:8d:23:0d:
32:9b:76:a7:80:ed:32:fb:e6:e2:a3:72:51:65:c6:a0:35:7e:
4d:eb:56:0a:99:9c:d2:51:7c:05:79:c8:93:31:a2:6a:9e:e6:
c3:08:57:a8:c4:ee:85:97:67:d6:2d:65:82:44:3c:1f:02:96:
9f:28:07:eb:39:33:a1:be:bd:27:0d:08:7f:df:40:6b:c3:84:
a2:7b:8b:ca:ce:ef:d4:79:fe:49:cd:de:c7:c0:29:0e:63:b3:
17:0b:ee:b6:21:12:83:47:51:ec:3c:66:33:bc:e7:cb:59:90:
ca:b0:d8:b1:7d:67:c8:1e:f3:96:19:7d:d0:83:34:e3:ea:6a:
e8:aa:ec:43:fe:c6:eb:37:cb:3e:2c:67:55:e0:ec:df:1e:0a:
df:fa:9f:c3:e0:0c:cf:a7:c2:c9:55:89:bd:38:10:aa:20:c8:
94:49:41:c7:1c:7e:33:2e:55:75:5e:6e:5a:93:89:9e:68:1b:
18:c4:24:2c:0f:e4:d5:c6:3f:cb:20:1c:f9:8b:cd:81:83:a6:
10:a4:65:b2:d7:54:f7:37:e3:24:b2:ff:61:7e:28:d0:88:d6:
95:18:37:ed:4a:f5:9b:65:f0:cb:c4:72:cb:2e:04:88:a2:98:
94:19:95:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZT7G2DCx0U/B94xhkQ7bCNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjUwMjEyMTcwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFjYTAwMmY0NDdiZWE2Y2IzYThhMmU3MzRlNGRiNjAxNGZhNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyix/kSCnhjzAGXdLe1Dhr8iEOCMR
UoYW8pLuwxDQmSYXIFCAt1XWKJzQkguYo5pwebk3G5QGmJjQ1uNeWw/5H5HgKbi1
rph3vXbEVGsS8pJScz0XWM47YTtUi9NxlZU8sMCmlFL+cQ9RvPXsrpVzZtFS2zWB
Ca1tGdxkF6d51Y8LS3GKpu+Gdy5ocAh5xEx1tgMzrSOMF6/VOJkPH6VVNWMBCqHP
lY6qa0X91fpFf1Cy6aSSYQIQj2AydG21ii5SfdY+pob+DXHxfdQ3ylGzlqSz3S45
87we9KEplBKjYSbH2zXbg7q0NiMDuRPO0QWnPKS8kDW/BMz2eot5zoE6swIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOWsoAL0R76myzqKLnNOTbYBT6T8MB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvNWF5Z0F2Ukh2cWJMT29vdWMwNU50Z0ZQcFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDn2WAMAwD
BAKfZewDBAKfZfADBAKfZfwwDQYJKoZIhvcNAQELBQADggEBADvj3e4PHUuVijRD
fWCSSo0jDTKbdqeA7TL75uKjclFlxqA1fk3rVgqZnNJRfAV5yJMxomqe5sMIV6jE
7oWXZ9YtZYJEPB8Clp8oB+s5M6G+vScNCH/fQGvDhKJ7i8rO79R5/knN3sfAKQ5j
sxcL7rYhEoNHUew8ZjO858tZkMqw2LF9Z8ge85YZfdCDNOPqauiq7EP+xus3yz4s
Z1Xg7N8eCt/6n8PgDM+nwslVib04EKogyJRJQcccfjMuVXVeblqTiZ5oGxjEJCwP
5NXGP8sgHPmLzYGDphCkZbLXVPc34ySy/2F+KNCI1pUYN+1K9Ztl8MvEcssuBIii
mJQZlRA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:12 2025 by rpki-client