Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/T5C9HMgugXiXgb4s0RXKMRl8nB4.roa
File: T5C9HMgugXiXgb4s0RXKMRl8nB4.roa (raw, json)
Hash identifier: X+zpArnDyjRopOly+It3SkNiWzMc8B8AstNfbUlMbvc=
Subject key identifier: 4F:90:BD:1C:C8:2E:81:78:97:81:BE:2C:D1:15:CA:31:19:7C:9C:1E
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018D65018AA307FF8EF869559872B81203B3
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/T5C9HMgugXiXgb4s0RXKMRl8nB4.roa
Signing time: Thu 01 Feb 2024 14:10:16 +0000
ROA not before: Thu 01 Feb 2024 14:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 158.172.140.0/23 maxlen: 23
158.172.142.0/24 maxlen: 24
158.172.148.0/23 maxlen: 23
158.172.152.0/24 maxlen: 24
158.172.153.0/24 maxlen: 24
158.172.154.0/24 maxlen: 24
158.172.155.0/24 maxlen: 24
158.172.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:01:8a:a3:07:ff:8e:f8:69:55:98:72:b8:12:03:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Feb 1 14:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f90bd1cc82e81789781be2cd115ca31197c9c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:48:9d:11:d9:31:0e:db:13:f2:4b:26:94:11:
09:19:e0:37:af:9c:03:cf:d0:7b:75:7b:6b:a2:3e:
6f:61:76:7d:e2:df:ac:a5:79:14:0b:1a:6a:aa:cc:
d6:3c:23:bb:48:07:e5:77:69:be:a3:64:fb:99:2a:
ab:e5:28:d9:40:4b:eb:b8:02:d4:77:04:da:0a:34:
01:63:5e:e9:8a:57:25:18:6a:e6:a1:90:c9:6d:e6:
24:82:bd:d6:4b:e6:57:4e:a5:43:33:b4:75:b7:a1:
2e:31:a0:45:b6:0d:85:3a:0a:3c:83:b3:d0:c6:70:
c3:f9:00:84:96:1b:8e:06:e4:94:11:08:89:3a:a7:
e4:86:25:80:fc:ea:b3:ca:f6:42:86:d1:24:bd:4f:
64:f1:86:36:c8:8d:72:c5:ec:ef:7b:00:c9:8d:e0:
bd:d0:9b:5d:e9:36:45:b5:ac:24:b4:ae:88:44:f4:
ac:40:a8:45:36:a8:1c:59:0b:c2:89:4e:cc:0c:ce:
f7:e4:b3:3b:4e:1b:0f:8d:8f:a6:a0:0a:bd:5f:f0:
c0:c6:79:11:71:05:08:a9:26:83:01:c5:08:8c:03:
8a:15:70:e2:eb:d8:44:63:e1:5e:0e:d8:20:28:21:
00:68:d5:d8:fc:de:88:14:f7:98:8b:fb:5f:bc:9c:
f4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:90:BD:1C:C8:2E:81:78:97:81:BE:2C:D1:15:CA:31:19:7C:9C:1E
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/T5C9HMgugXiXgb4s0RXKMRl8nB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.140.0-158.172.142.255
158.172.148.0/23
158.172.152.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:0e:db:5f:13:a6:92:2c:63:c9:8b:ec:a5:43:57:6a:a6:c6:
4f:c7:c1:0f:04:7c:ee:04:04:e3:cd:1b:8e:e7:cc:cd:bb:ac:
d3:ff:f4:c9:12:52:88:d8:59:5a:2a:20:c7:44:3e:9e:59:1e:
2d:97:a1:07:a7:a0:7e:8e:9b:14:67:44:83:c3:7e:ef:8a:87:
15:4a:a9:8d:c3:db:bc:7a:fb:4a:2b:b3:d2:fa:c1:69:46:0e:
aa:14:aa:a4:5d:20:a9:d3:8b:2c:f0:83:b1:a1:74:91:ef:92:
50:ac:d9:52:12:eb:7c:6b:bf:f4:01:44:fb:97:56:b9:de:f8:
23:d3:42:28:e4:e9:75:dc:3b:28:0e:69:78:20:de:dd:06:75:
9c:e5:df:30:d1:b1:d4:db:45:47:ec:df:80:ef:e4:6a:93:5a:
a7:fd:9b:f4:54:db:a5:65:12:7c:28:46:9d:9d:5e:a5:54:7c:
d4:2e:02:da:29:3a:53:10:12:fd:1e:ee:b5:34:cc:1e:c1:94:
d3:27:11:d8:5d:cc:12:2f:f6:30:d2:2e:c3:68:61:9d:b7:5e:
af:cf:20:36:29:1e:2b:2f:fd:0e:67:dc:8f:2a:0d:97:93:c0:
ad:56:3e:76:5c:f9:cb:4d:ce:e8:e1:aa:d7:69:68:62:b1:65:
0f:62:45:70
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY1lAYqjB/+O+GlVmHK4EgOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwMjAxMTQxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjkwYmQxY2M4MmU4MTc4OTc4MWJlMmNkMTE1Y2EzMTE5N2M5YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUidEdkxDtsT8ksmlBEJGeA3r5wD
z9B7dXtroj5vYXZ94t+spXkUCxpqqszWPCO7SAfld2m+o2T7mSqr5SjZQEvruALU
dwTaCjQBY17pilclGGrmoZDJbeYkgr3WS+ZXTqVDM7R1t6EuMaBFtg2FOgo8g7PQ
xnDD+QCElhuOBuSUEQiJOqfkhiWA/OqzyvZChtEkvU9k8YY2yI1yxezvewDJjeC9
0Jtd6TZFtawktK6IRPSsQKhFNqgcWQvCiU7MDM735LM7ThsPjY+moAq9X/DAxnkR
cQUIqSaDAcUIjAOKFXDi69hEY+FeDtggKCEAaNXY/N6IFPeYi/tfvJz0uwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE+QvRzILoF4l4G+LNEVyjEZfJweMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvVDVDOUhNZ3VnWGlYZ2I0czBSWEtNUmw4bkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKerIwD
BACerI4DBAGerJQDBAOerJgwDQYJKoZIhvcNAQELBQADggEBADsO218TppIsY8mL
7KVDV2qmxk/HwQ8EfO4EBOPNG47nzM27rNP/9MkSUojYWVoqIMdEPp5ZHi2XoQen
oH6OmxRnRIPDfu+KhxVKqY3D27x6+0ors9L6wWlGDqoUqqRdIKnTiyzwg7GhdJHv
klCs2VIS63xrv/QBRPuXVrne+CPTQijk6XXcOygOaXgg3t0GdZzl3zDRsdTbRUfs
34Dv5GqTWqf9m/RU26VlEnwoRp2dXqVUfNQuAtopOlMQEv0e7rU0zB7BlNMnEdhd
zBIv9jDSLsNoYZ23Xq/PIDYpHisv/Q5n3I8qDZeTwK1WPnZc+ctNzujhqtdpaGKx
ZQ9iRXA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:36 2025 by rpki-client