Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/7exhcXZkp2yXL6qalX7FBxcZrrw.roa
File: 7exhcXZkp2yXL6qalX7FBxcZrrw.roa (raw, json)
Hash identifier: W0XOIvU0IcwcLnFFNRh4YNMhhpEq8cbh4URUNEkve8Q=
Subject key identifier: ED:EC:61:71:76:64:A7:6C:97:2F:AA:9A:95:7E:C5:07:17:19:AE:BC
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FD0CD7F69C45256B82E38D4F2AA3C
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/7exhcXZkp2yXL6qalX7FBxcZrrw.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206770
IP address blocks: 157.25.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d0:cd:7f:69:c4:52:56:b8:2e:38:d4:f2:aa:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edec61717664a76c972faa9a957ec5071719aebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:55:95:69:ad:26:52:8b:d4:53:b7:43:39:d7:
70:f8:71:ed:ac:a6:be:59:bc:4b:9f:37:7c:0c:ba:
c6:00:33:29:b8:01:1b:eb:b7:83:1c:ad:db:14:0b:
25:3f:07:c8:dc:8b:a6:fc:68:b5:71:77:8d:49:3f:
ae:3f:e6:5b:cd:b1:a0:c6:3d:1a:1c:c8:b5:9f:cf:
21:4b:58:5d:ec:f9:1a:8f:c0:72:ce:3e:40:b2:76:
ff:81:97:5c:b9:d0:86:6e:18:e3:45:6a:87:9c:f1:
30:72:1d:1e:a7:63:ad:32:31:47:c2:82:3b:8e:c5:
ca:34:64:60:aa:4d:be:29:b7:df:26:df:e6:6f:97:
ba:00:7e:8d:ac:c5:e2:f1:2b:e6:21:70:ef:0b:e9:
ed:4b:e9:37:91:14:3a:53:de:fd:48:22:be:fd:98:
7b:6a:ec:31:74:5e:6b:63:b6:4e:66:48:8a:65:3c:
16:d5:e9:5c:01:3a:99:8a:be:43:5b:f5:8f:d9:95:
6f:0b:cc:23:26:8a:7e:21:52:17:67:1b:5b:83:7b:
cf:66:34:72:92:10:f5:1c:6e:c8:fc:65:43:66:cb:
91:4e:3b:17:44:ce:04:a4:d7:60:3f:f3:a5:23:9e:
61:58:30:67:4b:f9:41:d8:65:4e:d6:c5:05:fe:37:
bc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EC:61:71:76:64:A7:6C:97:2F:AA:9A:95:7E:C5:07:17:19:AE:BC
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/7exhcXZkp2yXL6qalX7FBxcZrrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.57.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d4:b9:b9:3a:06:27:17:23:92:bc:f1:dc:36:a5:ac:48:e0:
2f:a0:f6:d1:59:11:73:47:14:4e:08:28:0d:25:be:16:12:84:
81:c2:d6:ee:83:6b:67:2b:8c:f8:2c:7b:80:e2:7f:1b:31:8e:
5d:39:c3:17:ee:38:b4:59:3f:ae:d5:8b:20:11:52:cc:a6:40:
b2:2a:b4:47:1b:cf:3c:b8:22:3c:87:76:c0:9c:b0:95:30:e0:
7e:d9:89:c5:c8:78:07:62:9e:9a:6d:76:29:24:8b:a1:3a:2c:
cb:09:d2:6a:fd:a4:e2:9b:fe:c1:6d:a3:1c:b6:fe:42:a3:8b:
18:5b:98:4a:8a:30:d7:98:8a:5d:d7:c4:d8:b4:5e:5c:cd:bf:
a0:28:d3:e0:e0:86:93:60:f3:c7:d2:42:24:b2:a9:8e:0c:93:
a4:be:7d:03:6a:9f:73:c7:98:c3:14:ee:99:47:9b:f8:4c:8e:
65:bc:fc:56:67:b8:c5:b0:36:11:44:9d:77:ca:2d:ab:c4:48:
66:4b:d8:e2:50:9c:7c:3b:ba:d2:b1:1d:cc:b2:b8:81:89:75:
e0:fb:4a:b4:6b:55:03:f4:68:14:d9:78:a1:0d:32:af:4d:8e:
e1:e9:d7:12:59:1b:f2:3b:d6:e1:70:76:27:6c:20:d0:3f:b5:
f6:14:4a:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9DNf2nEUla4LjjU8qo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGVjNjE3MTc2NjRhNzZjOTcyZmFhOWE5NTdlYzUwNzE3MTlhZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolWVaa0mUovUU7dDOddw+HHtrKa+
WbxLnzd8DLrGADMpuAEb67eDHK3bFAslPwfI3Ium/Gi1cXeNST+uP+ZbzbGgxj0a
HMi1n88hS1hd7Pkaj8Byzj5Asnb/gZdcudCGbhjjRWqHnPEwch0ep2OtMjFHwoI7
jsXKNGRgqk2+KbffJt/mb5e6AH6NrMXi8SvmIXDvC+ntS+k3kRQ6U979SCK+/Zh7
auwxdF5rY7ZOZkiKZTwW1elcATqZir5DW/WP2ZVvC8wjJop+IVIXZxtbg3vPZjRy
khD1HG7I/GVDZsuRTjsXRM4EpNdgP/OlI55hWDBnS/lB2GVO1sUF/je8uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3sYXF2ZKdsly+qmpV+xQcXGa68MB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvN2V4aGNYWmtwMnlYTDZxYWxYN0ZCeGNacnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRk5MA0G
CSqGSIb3DQEBCwUAA4IBAQAu1Lm5OgYnFyOSvPHcNqWsSOAvoPbRWRFzRxROCCgN
Jb4WEoSBwtbug2tnK4z4LHuA4n8bMY5dOcMX7ji0WT+u1YsgEVLMpkCyKrRHG888
uCI8h3bAnLCVMOB+2YnFyHgHYp6abXYpJIuhOizLCdJq/aTim/7BbaMctv5Co4sY
W5hKijDXmIpd18TYtF5czb+gKNPg4IaTYPPH0kIksqmODJOkvn0Dap9zx5jDFO6Z
R5v4TI5lvPxWZ7jFsDYRRJ13yi2rxEhmS9jiUJx8O7rSsR3MsriBiXXg+0q0a1UD
9GgU2XihDTKvTY7h6dcSWRvyO9bhcHYnbCDQP7X2FEpO
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:14 2025 by rpki-client