Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/IjrWIh0jzbH9AGDO-Vviq_eBA4Q.roa
File: IjrWIh0jzbH9AGDO-Vviq_eBA4Q.roa (raw, json)
Hash identifier: 7jujT2Lsuok7oL2vIrgbVf5j8YwADQ9BWos7sqz0ULQ=
Subject key identifier: 22:3A:D6:22:1D:23:CD:B1:FD:00:60:CE:F9:5B:E2:AB:F7:81:03:84
Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Certificate serial: 0194258E6F6ACB77CF6637E21B6A3DABF05E
Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/IjrWIh0jzbH9AGDO-Vviq_eBA4Q.roa
Signing time: Thu 02 Jan 2025 05:47:59 +0000
ROA not before: Thu 02 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23764
IP address blocks: 147.78.133.0/24 maxlen: 24
147.78.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:6f:6a:cb:77:cf:66:37:e2:1b:6a:3d:ab:f0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34
Validity
Not Before: Jan 2 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=223ad6221d23cdb1fd0060cef95be2abf7810384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:48:b6:e7:03:fd:e8:c4:c3:a5:f2:c2:7e:0f:
08:fb:f4:fc:68:58:cc:06:30:59:9f:07:87:6e:7c:
92:d2:40:95:2d:d1:cd:c4:28:74:df:a3:cf:e1:25:
6c:8f:1e:a4:3f:a2:c2:f2:60:02:3d:2b:c7:52:67:
82:d2:0d:f0:90:ec:ec:d2:35:9f:11:3c:fc:f2:37:
bf:f4:15:33:b3:25:83:9c:8d:76:31:74:d8:53:d2:
70:26:b8:df:9a:52:82:03:12:46:6e:d4:36:53:4d:
2f:e7:7a:8d:57:62:bb:1f:59:cf:75:53:8a:aa:4a:
42:c2:32:ce:af:3a:ab:d3:b5:98:89:9f:86:0d:9b:
7f:7b:f4:e9:29:1c:86:ee:35:e5:22:13:c3:a3:37:
1e:41:41:9f:e1:16:8f:f0:35:d4:84:bc:a2:17:c0:
bd:ac:db:76:df:30:2a:c6:72:b1:66:32:ca:c3:3e:
20:b7:0f:c3:bf:f3:c6:67:ea:a1:78:6b:98:a9:3a:
8b:fc:42:df:4d:89:25:50:6c:51:be:83:8e:89:ab:
af:37:cc:96:54:37:b0:24:ac:e6:f3:11:42:4d:6d:
eb:5f:47:1c:44:e3:89:a7:e7:15:c6:d0:40:30:37:
5e:12:f4:84:32:6f:cb:76:8b:50:ad:87:d2:9b:ba:
e4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3A:D6:22:1D:23:CD:B1:FD:00:60:CE:F9:5B:E2:AB:F7:81:03:84
X509v3 Authority Key Identifier:
keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/IjrWIh0jzbH9AGDO-Vviq_eBA4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.133.0/24
147.78.135.0/24
Signature Algorithm: sha256WithRSAEncryption
16:c0:f0:fb:35:80:c0:11:6d:66:62:8c:2b:3a:75:ef:0f:35:
be:1e:96:83:97:bf:a0:9e:b1:f5:61:63:8f:20:08:71:d9:bd:
bd:6e:aa:e8:6b:cf:aa:05:59:ce:37:fb:95:89:ec:53:9b:08:
85:f1:db:75:b0:04:0e:18:a8:f0:fa:f3:dd:2d:5f:7b:3b:1e:
26:0f:29:08:25:ac:36:bf:2b:af:79:03:44:7e:da:bb:de:a4:
f9:9e:a9:97:19:e5:4c:d1:98:03:cb:74:15:f4:f4:5b:5c:fa:
cf:e6:04:ef:12:69:ff:95:03:39:df:6c:9d:68:1d:24:d9:20:
a9:f6:5b:de:f1:c3:69:c9:24:33:da:a1:7b:ab:5e:fc:d9:ee:
54:2c:b5:cf:ee:1d:f5:35:ab:bc:76:95:e0:d8:9a:08:e6:7a:
7e:1b:af:09:9f:12:47:43:b5:1e:e5:37:48:11:c5:df:9f:62:
b0:7e:9f:cd:2b:23:a7:47:24:1b:ac:28:d2:ed:8e:ed:1e:b5:
0d:69:eb:65:ce:46:ad:13:ca:06:45:52:12:3c:1f:6b:b1:de:
7a:d2:d1:5b:70:59:af:c1:64:dc:8f:8f:c6:e1:f4:9c:c3:d0:
4a:ac:88:70:9c:66:e0:5f:f6:1c:0a:f4:14:1e:09:6e:16:5f:
70:54:d6:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljm9qy3fPZjfiG2o9q/BeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj
MzlmMzQwHhcNMjUwMTAyMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNhZDYyMjFkMjNjZGIxZmQwMDYwY2VmOTViZTJhYmY3ODEwMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEi25wP96MTDpfLCfg8I+/T8aFjM
BjBZnweHbnyS0kCVLdHNxCh036PP4SVsjx6kP6LC8mACPSvHUmeC0g3wkOzs0jWf
ETz88je/9BUzsyWDnI12MXTYU9JwJrjfmlKCAxJGbtQ2U00v53qNV2K7H1nPdVOK
qkpCwjLOrzqr07WYiZ+GDZt/e/TpKRyG7jXlIhPDozceQUGf4RaP8DXUhLyiF8C9
rNt23zAqxnKxZjLKwz4gtw/Dv/PGZ+qheGuYqTqL/ELfTYklUGxRvoOOiauvN8yW
VDewJKzm8xFCTW3rX0ccROOJp+cVxtBAMDdeEvSEMm/LdotQrYfSm7rkYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCI61iIdI82x/QBgzvlb4qv3gQOEMB8GA1UdIwQY
MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt
MjU2MzM5NzM2YzJiLzEvSWpyV0loMGp6Ykg5QUdETy1WdmlxX2VCQTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi
LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk06FAwQA
k06HMA0GCSqGSIb3DQEBCwUAA4IBAQAWwPD7NYDAEW1mYowrOnXvDzW+HpaDl7+g
nrH1YWOPIAhx2b29bqroa8+qBVnON/uViexTmwiF8dt1sAQOGKjw+vPdLV97Ox4m
DykIJaw2vyuveQNEftq73qT5nqmXGeVM0ZgDy3QV9PRbXPrP5gTvEmn/lQM532yd
aB0k2SCp9lve8cNpySQz2qF7q1782e5ULLXP7h31Nau8dpXg2JoI5np+G68JnxJH
Q7Ue5TdIEcXfn2Kwfp/NKyOnRyQbrCjS7Y7tHrUNaetlzkatE8oGRVISPB9rsd56
0tFbcFmvwWTcj4/G4fScw9BKrIhwnGbgX/YcCvQUHgluFl9wVNbQ
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:02:45 2025 by rpki-client