Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/cgqDT1tShtgY2u0tsyYoaaYrKkQ.roa
File: cgqDT1tShtgY2u0tsyYoaaYrKkQ.roa (raw, json)
Hash identifier: 2iKUTzAeo208DlYcu+lXFBfaUW6bLxrIXGHHmB4uggM=
Subject key identifier: 72:0A:83:4F:5B:52:86:D8:18:DA:ED:2D:B3:26:28:69:A6:2B:2A:44
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 01936EB66FBABCEF5882D5B888536A997229
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/cgqDT1tShtgY2u0tsyYoaaYrKkQ.roa
Signing time: Wed 27 Nov 2024 17:41:09 +0000
ROA not before: Wed 27 Nov 2024 17:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12085
IP address blocks: 155.204.0.0/22 maxlen: 24
155.204.112.0/21 maxlen: 24
155.204.128.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:b6:6f:ba:bc:ef:58:82:d5:b8:88:53:6a:99:72:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Nov 27 17:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720a834f5b5286d818daed2db3262869a62b2a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cb:ab:c1:dc:6e:3c:4d:a6:cb:02:d9:e1:6f:
fd:f7:34:62:39:28:57:54:b4:68:91:f2:97:e5:56:
f6:7e:a5:d2:6c:02:42:1f:d2:38:9d:37:fd:3f:b7:
1c:db:5a:a3:59:9f:c3:01:17:47:55:d3:08:62:5e:
33:a2:ff:fe:75:2a:14:9d:9c:28:90:92:a2:5d:18:
fc:f9:80:6b:28:60:07:41:07:dc:30:2f:22:c1:24:
60:c7:3d:e7:dc:bf:06:a5:4a:1d:4b:b7:c9:bf:c2:
2a:79:8b:92:b4:0e:22:c9:0b:ef:fb:73:20:11:ae:
99:4b:53:f3:3d:b8:38:2d:e4:8e:b4:c7:ff:42:8e:
42:35:2b:ed:5a:7b:61:b0:b1:e9:fe:3f:f4:9d:2b:
58:ca:0b:b3:13:01:32:1e:7c:00:d2:11:0c:c2:ab:
e5:90:17:57:c5:94:48:41:0d:f1:e2:9d:07:76:4f:
a3:c8:f7:d3:18:54:ed:04:b6:90:1f:ff:aa:1a:c9:
f6:e8:13:9c:b2:e0:74:d6:bf:70:c5:f9:b6:65:dc:
2b:15:41:d0:32:12:05:4b:ec:68:5e:f5:65:b9:41:
01:3b:56:f3:d6:7d:5a:26:b0:f5:fd:61:47:6a:73:
19:3a:87:07:40:b1:53:67:73:9a:60:7e:14:b4:b0:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0A:83:4F:5B:52:86:D8:18:DA:ED:2D:B3:26:28:69:A6:2B:2A:44
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/cgqDT1tShtgY2u0tsyYoaaYrKkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.204.0.0/22
155.204.112.0/21
155.204.128.0/21
Signature Algorithm: sha256WithRSAEncryption
79:48:2d:c7:45:08:42:1a:75:e2:4a:b1:4c:4f:bd:e7:b7:db:
ef:25:15:81:6c:c5:f7:74:cc:8b:a8:58:b4:1e:51:d5:f3:f0:
63:e9:9c:fa:9c:f6:06:43:f7:0f:b1:bd:da:5d:2b:60:fc:6d:
33:aa:4a:44:a0:c0:0e:91:df:e2:78:90:43:bd:76:36:d0:f6:
42:75:db:a5:e6:50:0f:29:9d:ea:b2:21:a8:ad:d2:31:8b:1a:
6e:1d:a0:f5:ad:27:d9:42:6d:75:0e:36:ed:04:cd:93:6e:25:
6d:00:0e:01:78:b1:16:e1:b8:c4:83:5e:06:bd:27:d9:77:e6:
33:a9:a0:1f:26:a0:62:ff:57:4a:c0:23:cc:38:d6:41:5a:05:
20:b0:b9:3a:67:72:40:79:11:a7:e0:ec:63:ff:9a:52:e3:1a:
6b:42:23:dc:8c:f6:e0:bc:f1:70:b9:84:5d:05:75:31:62:ff:
d4:97:51:d1:32:08:bc:74:55:cc:1f:0d:c0:8a:74:e1:39:a2:
ac:03:c9:26:0a:c1:bf:25:ca:2a:8c:6e:be:54:ae:5e:0c:df:
3a:84:41:a0:52:b4:76:a3:7f:01:f0:aa:21:53:d4:a6:bf:4a:
a0:f9:13:af:2e:95:f0:ce:f9:dc:7d:aa:4f:af:92:db:19:af:
77:6c:90:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNutm+6vO9YgtW4iFNqmXIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjQxMTI3MTc0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBhODM0ZjViNTI4NmQ4MThkYWVkMmRiMzI2Mjg2OWE2MmIyYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsurwdxuPE2mywLZ4W/99zRiOShX
VLRokfKX5Vb2fqXSbAJCH9I4nTf9P7cc21qjWZ/DARdHVdMIYl4zov/+dSoUnZwo
kJKiXRj8+YBrKGAHQQfcMC8iwSRgxz3n3L8GpUodS7fJv8IqeYuStA4iyQvv+3Mg
Ea6ZS1PzPbg4LeSOtMf/Qo5CNSvtWnthsLHp/j/0nStYyguzEwEyHnwA0hEMwqvl
kBdXxZRIQQ3x4p0Hdk+jyPfTGFTtBLaQH/+qGsn26BOcsuB01r9wxfm2ZdwrFUHQ
MhIFS+xoXvVluUEBO1bz1n1aJrD1/WFHanMZOocHQLFTZ3OaYH4UtLBv8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIKg09bUobYGNrtLbMmKGmmKypEMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvY2dxRFQxdFNodGdZMnUwdHN5WW9hYVlyS2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCm8wAAwQD
m8xwAwQDm8yAMA0GCSqGSIb3DQEBCwUAA4IBAQB5SC3HRQhCGnXiSrFMT73nt9vv
JRWBbMX3dMyLqFi0HlHV8/Bj6Zz6nPYGQ/cPsb3aXStg/G0zqkpEoMAOkd/ieJBD
vXY20PZCddul5lAPKZ3qsiGordIxixpuHaD1rSfZQm11DjbtBM2TbiVtAA4BeLEW
4bjEg14GvSfZd+YzqaAfJqBi/1dKwCPMONZBWgUgsLk6Z3JAeRGn4Oxj/5pS4xpr
QiPcjPbgvPFwuYRdBXUxYv/Ul1HRMgi8dFXMHw3AinThOaKsA8kmCsG/JcoqjG6+
VK5eDN86hEGgUrR2o38B8KohU9Smv0qg+ROvLpXwzvncfapPr5LbGa93bJCE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:18 2025 by rpki-client