Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Dc1SxW96IAQ3f2snIBmens7GV0U.roa
File: Dc1SxW96IAQ3f2snIBmens7GV0U.roa (raw, json)
Hash identifier: A68NloNFUVZ/1yLMaTnJ5sUcnw8LpIIqTLsAe9oPGuQ=
Subject key identifier: 0D:CD:52:C5:6F:7A:20:04:37:7F:6B:27:20:19:9E:9E:CE:C6:57:45
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 01941FFA304A8A14D389A3450019389FB37C
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Dc1SxW96IAQ3f2snIBmens7GV0U.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29884
IP address blocks: 137.174.128.0/21 maxlen: 21
155.204.144.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:30:4a:8a:14:d3:89:a3:45:00:19:38:9f:b3:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dcd52c56f7a2004377f6b2720199e9ecec65745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:92:af:09:a1:34:21:7b:eb:75:c7:b9:e4:
99:6e:75:ee:e2:ec:92:58:ef:72:eb:4d:f4:cc:47:
ec:a6:31:58:7c:09:a9:a1:87:26:e1:31:df:be:23:
62:fb:f2:e4:23:a8:fa:78:8a:d8:96:14:d5:e2:12:
d2:65:c3:26:80:04:38:30:e6:3b:8b:c2:55:c3:eb:
4e:e5:18:39:96:bf:76:b6:a4:41:67:e7:f5:81:c5:
58:7e:d1:24:98:e3:f7:d4:4a:31:93:cf:bf:13:b1:
47:e8:72:86:89:cf:a3:b6:f4:b5:3d:ba:3c:30:41:
5c:9d:f3:66:51:24:49:86:da:6e:45:fd:d6:0f:45:
84:f2:fa:d7:89:a9:af:16:1b:f3:57:4c:da:83:54:
aa:ac:a1:5f:0b:e2:c3:e5:b3:b7:a2:a2:99:4a:b9:
b5:07:e8:5b:02:59:a3:7c:3c:12:ba:23:5f:2a:1a:
34:64:97:ba:52:3c:71:0b:ab:e9:cc:7a:11:89:2f:
49:29:92:09:29:7a:d1:b3:87:76:a5:3d:23:90:50:
23:3b:e9:13:db:43:45:d0:0f:cf:b8:bd:f7:71:43:
47:7c:40:66:5f:10:0e:d6:ba:05:3b:ac:1d:40:4b:
f2:a0:da:31:b4:9e:a0:8f:e5:54:62:2d:bc:f0:e2:
67:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CD:52:C5:6F:7A:20:04:37:7F:6B:27:20:19:9E:9E:CE:C6:57:45
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Dc1SxW96IAQ3f2snIBmens7GV0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.128.0/21
155.204.144.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:c2:36:aa:dd:56:6c:2c:2d:2d:9a:8d:81:1a:35:2b:57:b2:
ea:e3:87:46:97:47:45:51:10:5e:c8:36:e3:01:4e:0e:cb:47:
0b:62:9c:21:c8:0d:1f:0b:e5:89:82:2c:b7:c6:cd:c7:38:f2:
55:6b:40:67:9b:b9:d8:0a:e4:d4:38:32:d3:3a:35:2a:12:70:
65:81:29:e9:4b:e1:02:8d:55:f0:44:1d:be:04:e1:1a:4d:6d:
e2:f0:5d:dc:c2:6a:f1:65:5c:dd:71:a2:51:ea:bf:03:3b:43:
c0:ae:f1:97:ca:53:fd:c3:32:34:fc:e6:a5:df:4e:60:3e:e3:
6d:b0:c6:f5:3e:b7:cb:a9:af:2d:10:0a:f3:b6:e0:13:f2:08:
f7:33:b6:c6:0e:9a:91:26:e2:f1:6d:18:a6:1b:78:4c:f4:84:
a4:15:fd:bd:1d:d3:15:b7:0d:6a:29:e7:7c:70:a1:68:6f:ff:
19:22:13:c2:eb:e7:1a:bb:fb:e2:d0:af:83:74:1b:78:3e:29:
1d:72:c3:f8:30:a0:49:26:64:15:e3:40:44:6b:94:e9:c3:1c:
5f:f8:b6:d9:70:78:b3:ea:d4:33:d5:4c:79:d5:1c:7f:1b:48:
a1:3b:2e:cf:ac:29:1a:21:dd:97:57:00:9f:7d:f2:a2:fb:75:
23:9c:65:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+jBKihTTiaNFABk4n7N8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNkNTJjNTZmN2EyMDA0Mzc3ZjZiMjcyMDE5OWU5ZWNlYzY1NzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RSSrwmhNCF763XHueSZbnXu4uyS
WO9y6030zEfspjFYfAmpoYcm4THfviNi+/LkI6j6eIrYlhTV4hLSZcMmgAQ4MOY7
i8JVw+tO5Rg5lr92tqRBZ+f1gcVYftEkmOP31Eoxk8+/E7FH6HKGic+jtvS1Pbo8
MEFcnfNmUSRJhtpuRf3WD0WE8vrXiamvFhvzV0zag1SqrKFfC+LD5bO3oqKZSrm1
B+hbAlmjfDwSuiNfKho0ZJe6UjxxC6vpzHoRiS9JKZIJKXrRs4d2pT0jkFAjO+kT
20NF0A/PuL33cUNHfEBmXxAO1roFO6wdQEvyoNoxtJ6gj+VUYi288OJn3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA3NUsVveiAEN39rJyAZnp7OxldFMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvRGMxU3hXOTZJQVEzZjJzbklCbWVuczdHVjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDia6AAwQD
m8yQMA0GCSqGSIb3DQEBCwUAA4IBAQCawjaq3VZsLC0tmo2BGjUrV7Lq44dGl0dF
URBeyDbjAU4Oy0cLYpwhyA0fC+WJgiy3xs3HOPJVa0Bnm7nYCuTUODLTOjUqEnBl
gSnpS+ECjVXwRB2+BOEaTW3i8F3cwmrxZVzdcaJR6r8DO0PArvGXylP9wzI0/Oal
305gPuNtsMb1PrfLqa8tEArztuAT8gj3M7bGDpqRJuLxbRimG3hM9ISkFf29HdMV
tw1qKed8cKFob/8ZIhPC6+cau/vi0K+DdBt4PikdcsP4MKBJJmQV40BEa5Tpwxxf
+LbZcHiz6tQz1Ux51Rx/G0ihOy7PrCkaId2XVwCfffKi+3UjnGU0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:03 2025 by rpki-client