Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/5BciwgNYwMNFn5eFGl4Ow7HBSis.roa
File: 5BciwgNYwMNFn5eFGl4Ow7HBSis.roa (raw, json)
Hash identifier: 3UceDm6E5z2xuYBvrfaNWIIbAo66nrZeoQOIOFL2Trc=
Subject key identifier: E4:17:22:C2:03:58:C0:C3:45:9F:97:85:1A:5E:0E:C3:B1:C1:4A:2B
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 019425FC1FD9475602257EC834C5240FD026
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/5BciwgNYwMNFn5eFGl4Ow7HBSis.roa
Signing time: Thu 02 Jan 2025 07:47:47 +0000
ROA not before: Thu 02 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15525
IP address blocks: 158.162.120.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1f:d9:47:56:02:25:7e:c8:34:c5:24:0f:d0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e41722c20358c0c3459f97851a5e0ec3b1c14a2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:65:40:b0:e4:0c:da:84:9a:c5:7e:4b:1b:c0:
af:cb:09:4b:4f:ff:c0:96:51:5e:4c:8a:34:bb:84:
71:4a:7a:4d:9d:84:06:44:8e:0b:c6:6e:d1:67:f2:
14:e8:89:b8:5c:6c:b0:7e:8a:53:8e:f5:b7:76:f4:
c9:c7:b9:ef:3e:39:45:a1:09:cc:18:ca:64:f9:8d:
a5:3d:13:e5:93:23:9c:49:76:37:4a:c9:2d:dc:a4:
6e:41:f0:cb:41:53:00:08:e6:53:33:73:7a:9c:50:
9a:c3:91:42:cc:5b:da:e2:aa:1d:6e:fc:b9:21:3a:
1a:ce:29:6a:74:4b:f4:a5:4e:0f:a2:80:d3:a4:97:
db:b4:2b:65:ac:96:22:ea:62:4f:f9:6f:0b:cf:e2:
b3:7e:7e:66:1f:ac:a4:b5:bd:6f:ee:e7:b9:03:66:
dd:85:42:da:a9:b8:3b:fc:3a:b3:b4:81:7a:68:af:
7a:94:85:28:3f:4f:01:8f:6b:ab:eb:ca:cd:8a:e0:
8e:60:f1:b0:a3:f9:1a:e7:2d:32:15:d6:74:b9:fd:
c3:e7:d9:41:f4:d4:51:36:b2:04:8e:b6:96:3b:14:
5f:79:bf:dc:83:73:2a:0e:b6:fa:78:ca:24:a2:86:
70:80:d3:0e:be:3f:48:cf:8b:e4:4f:c3:fb:cb:b5:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:17:22:C2:03:58:C0:C3:45:9F:97:85:1A:5E:0E:C3:B1:C1:4A:2B
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/5BciwgNYwMNFn5eFGl4Ow7HBSis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.120.0/22
Signature Algorithm: sha256WithRSAEncryption
24:88:97:39:c4:e7:fd:de:5a:14:af:6f:60:24:8d:65:fb:81:
c7:47:ee:b9:e4:e7:2b:1e:17:c1:1f:fd:4d:71:99:73:94:56:
7c:88:1e:9d:b6:a8:ed:ef:9d:fa:c7:33:4d:dd:1f:f4:a4:a7:
f3:20:03:cf:c1:20:74:36:db:aa:92:34:d8:0e:93:c2:96:fc:
45:ac:8f:a2:cb:e4:ec:fd:53:51:2d:44:49:49:c8:0a:f2:b7:
de:41:5e:0c:a0:21:df:a0:68:a8:63:5b:d8:6b:95:11:e4:f3:
ce:3c:fc:93:e7:cc:51:33:e1:38:37:75:89:ae:bd:26:4a:3b:
8d:07:11:93:91:72:b7:dc:5f:7a:34:97:f0:72:5e:1b:d4:66:
88:b6:3c:88:0c:17:2c:5b:52:e3:ec:55:cd:d7:a4:77:3e:4d:
67:d7:35:17:7d:7c:82:ae:4c:24:85:64:b3:56:2d:c4:ab:f6:
13:0b:69:3d:6b:0f:a1:ad:ed:ca:83:10:ed:5a:f2:de:5b:6d:
50:4c:f7:6e:19:68:f9:57:0b:4b:89:0e:f1:1c:57:8f:1b:ac:
f5:75:84:cf:ff:d1:9a:dc:47:b9:05:f0:71:7b:cb:f5:f2:ef:
89:27:53:51:f9:19:6b:48:92:c4:88:bc:ff:e7:4b:3f:71:f4:
e1:a7:35:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/B/ZR1YCJX7INMUkD9AmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjUwMTAyMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE3MjJjMjAzNThjMGMzNDU5Zjk3ODUxYTVlMGVjM2IxYzE0YTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mVAsOQM2oSaxX5LG8CvywlLT//A
llFeTIo0u4RxSnpNnYQGRI4Lxm7RZ/IU6Im4XGywfopTjvW3dvTJx7nvPjlFoQnM
GMpk+Y2lPRPlkyOcSXY3Sskt3KRuQfDLQVMACOZTM3N6nFCaw5FCzFva4qodbvy5
IToazilqdEv0pU4PooDTpJfbtCtlrJYi6mJP+W8Lz+Kzfn5mH6yktb1v7ue5A2bd
hULaqbg7/DqztIF6aK96lIUoP08Bj2ur68rNiuCOYPGwo/ka5y0yFdZ0uf3D59lB
9NRRNrIEjraWOxRfeb/cg3MqDrb6eMokooZwgNMOvj9Iz4vkT8P7y7UllQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQXIsIDWMDDRZ+XhRpeDsOxwUorMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvNUJjaXdnTll3TU5GbjVlRkdsNE93N0hCU2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkiJc5xOf93loUr29gJI1l+4HHR+655OcrHhfBH/1N
cZlzlFZ8iB6dtqjt7536xzNN3R/0pKfzIAPPwSB0NtuqkjTYDpPClvxFrI+iy+Ts
/VNRLURJScgK8rfeQV4MoCHfoGioY1vYa5UR5PPOPPyT58xRM+E4N3WJrr0mSjuN
BxGTkXK33F96NJfwcl4b1GaItjyIDBcsW1Lj7FXN16R3Pk1n1zUXfXyCrkwkhWSz
Vi3Eq/YTC2k9aw+hre3KgxDtWvLeW21QTPduGWj5VwtLiQ7xHFePG6z1dYTP/9Ga
3Ee5BfBxe8v18u+JJ1NR+RlrSJLEiLz/50s/cfThpzXT
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:19:02 2025 by rpki-client