Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4V99xwwANmeVDVHg_2fsaA3z78Q.roa
File: 4V99xwwANmeVDVHg_2fsaA3z78Q.roa (raw, json)
Hash identifier: Zbi4GPtwM0uz7LAPt/5GJxYFJ+B13Xo3zDMXfV5Hl1I=
Subject key identifier: E1:5F:7D:C7:0C:00:36:67:95:0D:51:E0:FF:67:EC:68:0D:F3:EF:C4
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018BAFDE828986CFF2A2F86CA62411ACABD5
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4V99xwwANmeVDVHg_2fsaA3z78Q.roa
Signing time: Wed 08 Nov 2023 16:57:57 +0000
ROA not before: Wed 08 Nov 2023 16:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 158.172.132.0/22 maxlen: 22
158.172.130.0/24 maxlen: 24
158.172.130.0/23 maxlen: 23
158.172.131.0/24 maxlen: 24
158.172.132.0/23 maxlen: 23
158.172.128.0/22 maxlen: 22
158.172.128.0/23 maxlen: 23
158.172.129.0/24 maxlen: 24
158.172.128.0/21 maxlen: 21
158.172.128.0/24 maxlen: 24
158.172.132.0/24 maxlen: 24
158.172.136.0/22 maxlen: 22
158.172.135.0/24 maxlen: 24
158.172.134.0/24 maxlen: 24
158.172.133.0/24 maxlen: 24
158.172.134.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:de:82:89:86:cf:f2:a2:f8:6c:a6:24:11:ac:ab:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Nov 8 16:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e15f7dc70c003667950d51e0ff67ec680df3efc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:ea:86:86:59:42:bf:b5:dd:cf:1a:f5:89:
3e:62:f1:3a:c8:89:38:50:fe:ba:04:f1:ff:6b:e1:
3e:48:ff:90:ab:d8:c8:7a:c1:f7:cc:a1:fa:b5:c0:
cc:87:89:a6:4e:16:56:2b:f3:85:31:2f:b0:40:ac:
75:fe:ae:df:ce:b5:54:19:ce:bf:d1:60:62:fd:ce:
9a:b3:88:55:de:5d:c0:65:de:8e:5b:93:51:a3:f8:
17:67:d8:42:d4:2f:25:be:3e:3c:6d:9e:cd:5b:d5:
0b:cd:47:35:57:93:51:da:eb:16:9c:a2:f0:63:ad:
0a:49:a9:da:3e:41:b5:4a:a4:86:b2:73:30:e8:8e:
40:09:8c:e3:92:8a:4d:2e:47:ff:58:56:5d:4e:98:
22:07:b7:24:7d:6e:f6:65:ea:08:78:7d:c0:33:e8:
60:61:45:f3:c5:86:83:ba:4e:7c:62:8e:42:89:6d:
6f:11:8e:b1:24:04:76:61:75:43:00:2f:34:c1:32:
d2:33:6f:69:de:03:20:3b:d5:30:96:35:9a:9d:3f:
c8:a7:5f:7b:9e:35:6d:2d:2f:54:3e:1f:c0:da:69:
5f:c9:64:0b:62:2a:2a:7c:3a:e3:b2:06:4c:22:ee:
66:45:54:5f:3b:04:3a:3d:d7:24:73:67:f1:7a:32:
c1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5F:7D:C7:0C:00:36:67:95:0D:51:E0:FF:67:EC:68:0D:F3:EF:C4
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/4V99xwwANmeVDVHg_2fsaA3z78Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0-158.172.139.255
Signature Algorithm: sha256WithRSAEncryption
74:5e:e1:c5:25:f1:ff:64:6f:c8:24:cc:c8:0b:a9:f7:60:63:
90:a2:75:2f:1d:1b:57:5a:3a:e2:d9:fe:42:0c:85:55:ae:c4:
f4:05:96:9d:61:aa:b1:17:d6:50:0c:b7:c2:a2:18:68:7b:41:
80:2c:72:d2:0c:3e:59:d9:fb:bc:14:d8:14:4e:05:de:38:21:
0c:e8:a5:22:d0:48:5e:7b:a8:e8:25:5c:b5:38:39:40:0c:bf:
13:73:c7:4a:ca:ce:9e:96:20:21:fc:68:38:c0:fb:13:6f:53:
47:6f:0e:11:fe:51:3d:7d:69:1c:00:bb:2a:6f:18:97:b8:08:
fe:e5:a1:cb:1b:bd:07:60:8b:4d:1b:d8:d0:7d:1a:85:bf:95:
70:dc:5f:df:e9:ab:fc:2c:df:f7:8a:4e:fa:35:70:07:f6:94:
db:1a:80:63:bc:2a:eb:78:a5:d7:59:eb:53:78:5d:6c:cd:44:
cd:a2:86:d5:c5:e9:f3:71:1f:13:a6:d8:36:c7:9b:44:c9:41:
70:d2:2c:d4:73:8a:6b:fe:33:c4:20:cb:c0:73:b7:11:f0:c8:
c4:62:ee:b5:63:eb:db:87:ce:52:59:2b:eb:a0:b7:48:c3:9e:
d0:56:f9:e3:56:1f:b3:a8:dd:af:67:ec:bb:c6:67:7f:3e:0a:
de:62:a5:ff
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYuv3oKJhs/yovhspiQRrKvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMxMTA4MTY1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTVmN2RjNzBjMDAzNjY3OTUwZDUxZTBmZjY3ZWM2ODBkZjNlZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNrqhoZZQr+13c8a9Yk+YvE6yIk4
UP66BPH/a+E+SP+Qq9jIesH3zKH6tcDMh4mmThZWK/OFMS+wQKx1/q7fzrVUGc6/
0WBi/c6as4hV3l3AZd6OW5NRo/gXZ9hC1C8lvj48bZ7NW9ULzUc1V5NR2usWnKLw
Y60KSanaPkG1SqSGsnMw6I5ACYzjkopNLkf/WFZdTpgiB7ckfW72ZeoIeH3AM+hg
YUXzxYaDuk58Yo5CiW1vEY6xJAR2YXVDAC80wTLSM29p3gMgO9UwljWanT/Ip197
njVtLS9UPh/A2mlfyWQLYioqfDrjsgZMIu5mRVRfOwQ6Pdckc2fxejLBkwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOFffccMADZnlQ1R4P9n7GgN8+/EMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvNFY5OXh3d0FObWVWRFZIZ18yZnNhQTN6NzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAeerIAD
BAKerIgwDQYJKoZIhvcNAQELBQADggEBAHRe4cUl8f9kb8gkzMgLqfdgY5CidS8d
G1daOuLZ/kIMhVWuxPQFlp1hqrEX1lAMt8KiGGh7QYAsctIMPlnZ+7wU2BROBd44
IQzopSLQSF57qOglXLU4OUAMvxNzx0rKzp6WICH8aDjA+xNvU0dvDhH+UT19aRwA
uypvGJe4CP7locsbvQdgi00b2NB9GoW/lXDcX9/pq/ws3/eKTvo1cAf2lNsagGO8
Kut4pddZ61N4XWzNRM2ihtXF6fNxHxOm2DbHm0TJQXDSLNRzimv+M8Qgy8BztxHw
yMRi7rVj69uHzlJZK+ugt0jDntBW+eNWH7Oo3a9n7LvGZ38+Ct5ipf8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:03 2025 by rpki-client