Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/KiYwtZLb--BriE5Hjm7v8vINnTo.roa
File: KiYwtZLb--BriE5Hjm7v8vINnTo.roa (raw, json)
Hash identifier: je69KyD4C/jlLgnBjpdM0LUQ08CM9Z9E3+EKlG3mwWY=
Subject key identifier: 2A:26:30:B5:92:DB:FB:E0:6B:88:4E:47:8E:6E:EF:F2:F2:0D:9D:3A
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018B8C928AFDED424FB9CC368BF634873E97
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/KiYwtZLb--BriE5Hjm7v8vINnTo.roa
Signing time: Wed 01 Nov 2023 20:28:15 +0000
ROA not before: Wed 01 Nov 2023 20:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 158.172.131.0/24 maxlen: 24
158.172.130.0/24 maxlen: 24
158.172.128.0/22 maxlen: 22
158.172.129.0/24 maxlen: 24
158.172.128.0/21 maxlen: 21
158.172.128.0/24 maxlen: 24
158.172.132.0/24 maxlen: 24
158.172.132.0/22 maxlen: 22
158.172.136.0/22 maxlen: 22
158.172.135.0/24 maxlen: 24
158.172.134.0/24 maxlen: 24
158.172.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:92:8a:fd:ed:42:4f:b9:cc:36:8b:f6:34:87:3e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Nov 1 20:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a2630b592dbfbe06b884e478e6eeff2f20d9d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ba:49:07:d5:bf:e8:13:84:cc:25:6b:57:3a:
2c:b0:e2:cb:a3:6e:40:40:5b:4e:24:90:eb:66:2d:
63:25:99:d7:c3:4a:e7:f8:01:d5:cd:64:de:6e:32:
df:23:58:95:b9:11:0f:aa:48:31:18:ca:a9:54:c7:
9a:25:4e:05:9f:53:6b:d6:2d:38:c0:74:89:e7:93:
d8:a4:00:a0:78:07:be:e7:ad:d9:8c:0d:56:51:75:
b6:95:a7:86:bb:31:bb:90:50:36:11:a7:59:8e:90:
2e:70:d9:89:bf:6d:bd:be:94:28:0d:ac:a2:cb:ad:
64:a3:ba:f2:3d:9d:13:73:68:8b:79:8b:78:33:0d:
e3:db:55:69:59:93:ba:7c:3c:9a:7c:1f:2d:f2:66:
b9:02:84:5e:38:d0:3c:f9:98:0e:37:f4:87:6a:43:
fe:cb:4b:d2:22:11:af:d0:54:47:cf:44:bc:62:8d:
07:4c:84:5e:33:fd:7b:a6:f8:32:17:13:0d:0e:9e:
ba:5f:16:6f:65:df:42:59:32:9d:df:18:2b:7b:84:
b8:60:d9:d3:1c:b1:4b:6a:db:95:64:bc:de:f7:e9:
1e:ef:9f:83:bd:6f:4a:5a:d3:36:7d:7b:7d:9b:26:
57:da:3e:6e:1d:a6:8a:25:99:a1:8d:7c:ed:f8:ed:
f3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:26:30:B5:92:DB:FB:E0:6B:88:4E:47:8E:6E:EF:F2:F2:0D:9D:3A
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/KiYwtZLb--BriE5Hjm7v8vINnTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0-158.172.139.255
Signature Algorithm: sha256WithRSAEncryption
3f:ed:0c:9d:96:fb:fb:09:f6:0c:03:f2:a5:3f:d8:79:be:58:
7c:91:74:c5:2d:32:a7:0e:ea:74:da:27:05:ab:ec:fd:91:2c:
19:10:ed:63:60:fc:24:f2:13:84:be:fc:a7:29:73:36:e9:23:
4c:e9:c4:08:84:de:97:fc:3b:f0:7d:37:41:14:bb:17:49:31:
42:0d:4e:63:fd:af:80:e5:fe:69:d3:a4:b0:47:f0:12:e0:6d:
44:db:74:95:6c:84:d8:0c:3c:a6:f3:65:a6:07:79:c4:b0:f5:
77:18:e7:b8:fe:88:05:4d:6e:ec:47:87:3a:b8:21:fe:29:07:
7d:6f:59:60:41:da:4e:e8:9a:b3:69:54:45:c3:ef:60:3d:74:
ae:73:45:09:4b:0f:e3:38:75:02:1c:1a:89:da:b7:0b:ae:96:
ae:ad:c8:a3:cb:e8:21:2b:ab:c5:4b:b1:80:cf:65:20:77:44:
af:b8:61:1b:cd:9e:c0:9f:b2:ef:19:2e:a7:d8:0f:99:6c:fc:
fe:79:4e:f7:fd:c3:d5:cb:3c:7b:7f:5f:72:e4:9e:01:01:12:
ef:32:98:a1:52:ba:05:81:4c:4f:c5:cd:09:31:a4:83:29:b9:
30:8c:b8:c9:78:c8:99:68:06:6c:90:99:46:dc:b3:a0:e4:c2:
89:47:a9:f8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYuMkor97UJPucw2i/Y0hz6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMxMTAxMjAyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI2MzBiNTkyZGJmYmUwNmI4ODRlNDc4ZTZlZWZmMmYyMGQ5ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrpJB9W/6BOEzCVrVzossOLLo25A
QFtOJJDrZi1jJZnXw0rn+AHVzWTebjLfI1iVuREPqkgxGMqpVMeaJU4Fn1Nr1i04
wHSJ55PYpACgeAe+563ZjA1WUXW2laeGuzG7kFA2EadZjpAucNmJv229vpQoDayi
y61ko7ryPZ0Tc2iLeYt4Mw3j21VpWZO6fDyafB8t8ma5AoReONA8+ZgON/SHakP+
y0vSIhGv0FRHz0S8Yo0HTIReM/17pvgyFxMNDp66XxZvZd9CWTKd3xgre4S4YNnT
HLFLatuVZLze9+ke75+DvW9KWtM2fXt9myZX2j5uHaaKJZmhjXzt+O3z4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFComMLWS2/vga4hOR45u7/LyDZ06MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvS2lZd3RaTGItLUJyaUU1SGptN3Y4dklOblRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAeerIAD
BAKerIgwDQYJKoZIhvcNAQELBQADggEBAD/tDJ2W+/sJ9gwD8qU/2Hm+WHyRdMUt
MqcO6nTaJwWr7P2RLBkQ7WNg/CTyE4S+/KcpczbpI0zpxAiE3pf8O/B9N0EUuxdJ
MUINTmP9r4Dl/mnTpLBH8BLgbUTbdJVshNgMPKbzZaYHecSw9XcY57j+iAVNbuxH
hzq4If4pB31vWWBB2k7omrNpVEXD72A9dK5zRQlLD+M4dQIcGonatwuulq6tyKPL
6CErq8VLsYDPZSB3RK+4YRvNnsCfsu8ZLqfYD5ls/P55Tvf9w9XLPHt/X3LkngEB
Eu8ymKFSugWBTE/FzQkxpIMpuTCMuMl4yJloBmyQmUbcs6DkwolHqfg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:29 2025 by rpki-client