Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/iIyJKjInlinbrFoxMvyP7cHrL18.roa
File: iIyJKjInlinbrFoxMvyP7cHrL18.roa (raw, json)
Hash identifier: jppb7YCDugjMDFMLhWTY9NbjBHwSDw8mYabJJeuiwkQ=
Subject key identifier: 88:8C:89:2A:32:27:96:29:DB:AC:5A:31:32:FC:8F:ED:C1:EB:2F:5F
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 01941FFA2F35C2A4BBEC2692383A74723E4A
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/iIyJKjInlinbrFoxMvyP7cHrL18.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19930
IP address blocks: 155.204.152.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2f:35:c2:a4:bb:ec:26:92:38:3a:74:72:3e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888c892a32279629dbac5a3132fc8fedc1eb2f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:09:a8:1b:b0:4b:0c:fb:d7:6f:17:99:91:
b2:a1:32:f3:7b:47:eb:2a:5e:e5:21:08:2a:a4:77:
eb:da:c6:91:60:16:98:ab:f2:d2:b6:43:ad:f1:75:
49:b2:77:91:b4:9f:28:ef:4b:3c:56:09:6e:90:d9:
7f:d4:59:65:64:87:96:60:6a:8f:a9:00:55:75:27:
60:e7:ab:de:21:3d:a2:eb:e8:03:1a:a3:7b:be:05:
e1:39:9f:61:ea:6e:b8:05:b0:11:2a:b3:29:f8:29:
0d:d3:de:6b:e9:b2:00:e7:b6:d8:bb:40:3f:81:9d:
e7:d9:bd:bd:97:a2:a9:74:dd:d0:8b:51:40:57:0b:
17:c1:3a:a5:19:9d:60:2f:e7:3f:16:fd:6f:a2:20:
78:b5:d3:56:90:97:09:0d:c1:4a:76:7b:3b:35:3e:
27:f2:0e:0f:b6:43:79:4c:98:93:7f:b5:b0:31:7c:
c1:ed:5e:1f:51:21:c2:de:65:54:45:ab:d8:42:ef:
41:3d:8e:7f:e4:3e:8f:46:33:49:6f:c1:2c:13:06:
21:37:b5:35:b1:e0:48:8b:b7:42:b7:1f:ef:d6:fe:
2a:3b:6a:ff:74:0d:02:4a:4e:a6:05:6c:58:76:e5:
ac:9b:7a:2f:20:ff:25:b3:37:e5:75:d2:d4:4d:2d:
98:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8C:89:2A:32:27:96:29:DB:AC:5A:31:32:FC:8F:ED:C1:EB:2F:5F
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/iIyJKjInlinbrFoxMvyP7cHrL18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.204.152.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:88:88:ba:34:4d:c1:7b:ba:86:b2:9b:91:f5:bc:22:a7:94:
bb:bc:e8:f4:1e:e0:15:9f:4d:23:2e:92:5c:ad:4b:bf:f6:fb:
60:57:40:7a:5d:e9:b2:4e:d7:00:4d:ae:ba:b0:3d:18:c0:a2:
ab:b0:4e:9e:7b:67:44:d1:0b:1b:87:f4:57:01:ab:48:20:8d:
5e:d1:fb:b8:68:d9:27:0e:a5:88:dd:26:d7:57:71:8f:9f:d4:
4d:ef:51:58:5c:d7:e7:63:80:2a:3d:dd:67:b0:f7:19:9a:c4:
0d:c1:fd:c2:e2:bf:44:75:ab:7d:be:2e:38:bd:12:bc:37:f5:
f1:1c:d8:81:4a:51:9a:d3:ab:03:b4:00:d2:33:a7:98:fe:aa:
3b:3b:a3:e4:18:76:01:94:6d:bb:f4:02:a1:e8:2f:be:81:60:
ec:b0:c6:19:f0:32:66:ff:18:cf:ac:87:2e:51:cf:38:f4:29:
45:2f:27:69:ba:cb:c5:56:3f:25:bd:5d:8e:6d:0c:6b:04:f3:
da:4a:78:06:e1:ac:3e:e6:5c:57:e9:8c:70:70:49:ad:cf:e7:
74:1d:d8:1e:3c:e2:66:d6:b8:55:96:f7:7f:3f:8f:ec:f9:7d:
f3:5e:61:6f:97:3b:ae:a8:a8:94:d6:5a:9a:5a:e6:2b:4f:42:
ac:4a:51:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+i81wqS77CaSODp0cj5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhjODkyYTMyMjc5NjI5ZGJhYzVhMzEzMmZjOGZlZGMxZWIyZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCEJqBuwSwz7128XmZGyoTLze0fr
Kl7lIQgqpHfr2saRYBaYq/LStkOt8XVJsneRtJ8o70s8VglukNl/1FllZIeWYGqP
qQBVdSdg56veIT2i6+gDGqN7vgXhOZ9h6m64BbARKrMp+CkN095r6bIA57bYu0A/
gZ3n2b29l6KpdN3Qi1FAVwsXwTqlGZ1gL+c/Fv1voiB4tdNWkJcJDcFKdns7NT4n
8g4PtkN5TJiTf7WwMXzB7V4fUSHC3mVURavYQu9BPY5/5D6PRjNJb8EsEwYhN7U1
seBIi7dCtx/v1v4qO2r/dA0CSk6mBWxYduWsm3ovIP8lszflddLUTS2YrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiMiSoyJ5Yp26xaMTL8j+3B6y9fMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvaUl5SktqSW5saW5ickZveE12eVA3Y0hyTDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDm8yYMA0G
CSqGSIb3DQEBCwUAA4IBAQCLiIi6NE3Be7qGspuR9bwip5S7vOj0HuAVn00jLpJc
rUu/9vtgV0B6XemyTtcATa66sD0YwKKrsE6ee2dE0Qsbh/RXAatIII1e0fu4aNkn
DqWI3SbXV3GPn9RN71FYXNfnY4AqPd1nsPcZmsQNwf3C4r9Edat9vi44vRK8N/Xx
HNiBSlGa06sDtADSM6eY/qo7O6PkGHYBlG279AKh6C++gWDssMYZ8DJm/xjPrIcu
Uc849ClFLydpusvFVj8lvV2ObQxrBPPaSngG4aw+5lxX6YxwcEmtz+d0HdgePOJm
1rhVlvd/P4/s+X3zXmFvlzuuqKiU1lqaWuYrT0KsSlGs
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:01 2025 by rpki-client