Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/2Kp_9YpfYIQIxyL5CznhHnkIxfU.roa
File: 2Kp_9YpfYIQIxyL5CznhHnkIxfU.roa (raw, json)
Hash identifier: LYK8gdoVuDcWT2M8puwmkXBr6TS/IOAg3OaPmCBsVwI=
Subject key identifier: D8:AA:7F:F5:8A:5F:60:84:08:C7:22:F9:0B:39:E1:1E:79:08:C5:F5
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0194266B30B9208BFD697DF72A1BEE257CF3
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/2Kp_9YpfYIQIxyL5CznhHnkIxfU.roa
Signing time: Thu 02 Jan 2025 09:49:06 +0000
ROA not before: Thu 02 Jan 2025 09:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59631
IP address blocks: 158.172.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:30:b9:20:8b:fd:69:7d:f7:2a:1b:ee:25:7c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 09:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8aa7ff58a5f608408c722f90b39e11e7908c5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:88:0e:0f:17:66:3e:33:38:89:84:de:bd:
4a:22:2e:22:50:e7:67:30:21:77:90:09:ca:85:0c:
20:82:f9:90:b5:37:4d:fd:42:cf:3a:ea:78:db:d9:
ea:8d:70:92:69:ea:30:33:cc:88:5d:b2:8b:a6:c6:
85:44:0d:bb:a1:6e:09:f8:9b:40:9f:a6:17:71:2e:
22:68:db:c3:4b:e3:a6:93:a0:00:5f:4b:73:56:8b:
f9:aa:a6:8e:1d:2f:ff:c1:96:66:b3:a9:d0:89:36:
95:9e:d9:c7:a4:54:5a:29:2d:90:a6:14:16:dd:55:
99:d2:a3:35:e4:99:00:5e:7e:b2:5e:76:81:0b:97:
08:e4:18:7a:4f:99:00:99:5e:b7:d5:a8:a0:b9:05:
45:95:6f:ed:31:06:c5:30:3d:8d:0a:8d:e8:d9:75:
e8:54:21:78:10:60:72:e8:4e:0c:93:f1:83:48:1d:
34:5d:57:13:42:cb:59:b3:12:78:e8:70:16:71:fe:
b4:01:ed:d3:ec:5d:f7:8f:0c:22:b7:09:11:41:7a:
f1:85:0a:43:e7:52:f2:64:7c:ce:b3:ae:df:ba:d5:
b8:a2:8a:41:30:85:aa:2f:94:79:e5:b3:2d:39:b6:
cd:1f:4b:17:f2:7c:29:39:56:7e:fd:b1:0b:ba:dd:
6e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AA:7F:F5:8A:5F:60:84:08:C7:22:F9:0B:39:E1:1E:79:08:C5:F5
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/2Kp_9YpfYIQIxyL5CznhHnkIxfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.136.0/22
Signature Algorithm: sha256WithRSAEncryption
63:91:0b:86:27:32:1d:b8:7f:07:e0:23:bf:0d:19:83:28:4f:
b1:cc:40:83:c0:91:3d:08:7a:e6:8a:51:42:8b:50:30:aa:0f:
43:e8:71:c7:c5:91:95:8b:48:11:2a:ae:df:d2:23:ac:df:22:
7d:06:6b:ef:96:80:30:70:5d:79:c0:c0:0c:50:83:2b:2b:35:
ba:e3:d6:9e:04:aa:32:36:a2:f3:5b:5b:32:d2:ed:7e:c9:f2:
80:8c:8b:73:9c:f4:07:98:d5:1b:33:e0:c4:cb:89:e8:72:76:
84:06:f2:1e:5a:33:56:bb:f3:a8:23:c7:d6:4a:0b:5a:77:3f:
1d:bb:5c:be:79:7d:3b:68:e1:ae:15:ed:23:7b:ce:9f:7f:ca:
8a:57:47:10:18:d0:88:7a:fc:ef:71:4a:f7:7f:04:a9:48:b0:
92:c6:04:89:26:e7:45:3b:35:6f:d9:c0:42:2c:25:c8:31:8a:
2f:5c:d8:8b:12:8b:0f:da:40:22:e1:3e:4f:d3:85:37:17:62:
a2:88:e8:8a:4b:05:3d:c4:84:f8:62:db:74:39:0a:4b:b0:84:
71:e3:0a:1a:55:4e:f2:e4:31:91:d9:b9:9f:2d:8d:6e:b8:f0:
2e:22:ae:7e:70:fc:19:d2:09:a9:44:f7:b1:08:92:b8:43:66:
c5:8f:f4:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmazC5IIv9aX33KhvuJXzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjUwMTAyMDk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFhN2ZmNThhNWY2MDg0MDhjNzIyZjkwYjM5ZTExZTc5MDhjNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR+IDg8XZj4zOImE3r1KIi4iUOdn
MCF3kAnKhQwggvmQtTdN/ULPOup429nqjXCSaeowM8yIXbKLpsaFRA27oW4J+JtA
n6YXcS4iaNvDS+Omk6AAX0tzVov5qqaOHS//wZZms6nQiTaVntnHpFRaKS2QphQW
3VWZ0qM15JkAXn6yXnaBC5cI5Bh6T5kAmV631aiguQVFlW/tMQbFMD2NCo3o2XXo
VCF4EGBy6E4Mk/GDSB00XVcTQstZsxJ46HAWcf60Ae3T7F33jwwitwkRQXrxhQpD
51LyZHzOs67futW4oopBMIWqL5R55bMtObbNH0sX8nwpOVZ+/bELut1uFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiqf/WKX2CECMci+Qs54R55CMX1MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvMktwXzlZcGZZSVFJeHlMNUN6bmhIbmtJeGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqyIMA0G
CSqGSIb3DQEBCwUAA4IBAQBjkQuGJzIduH8H4CO/DRmDKE+xzECDwJE9CHrmilFC
i1Awqg9D6HHHxZGVi0gRKq7f0iOs3yJ9BmvvloAwcF15wMAMUIMrKzW649aeBKoy
NqLzW1sy0u1+yfKAjItznPQHmNUbM+DEy4nocnaEBvIeWjNWu/OoI8fWSgtadz8d
u1y+eX07aOGuFe0je86ff8qKV0cQGNCIevzvcUr3fwSpSLCSxgSJJudFOzVv2cBC
LCXIMYovXNiLEosP2kAi4T5P04U3F2KiiOiKSwU9xIT4Ytt0OQpLsIRx4woaVU7y
5DGR2bmfLY1uuPAuIq5+cPwZ0gmpRPexCJK4Q2bFj/QM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:36 2025 by rpki-client