Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Xdc1GXsEPiQ6GE6eHjFDA0ZgS3w.roa
File: Xdc1GXsEPiQ6GE6eHjFDA0ZgS3w.roa (raw, json)
Hash identifier: OE+tVEQ0oQcFP5VxqAmEpxiSoF7RE792pp1YSKmB2O0=
Subject key identifier: 5D:D7:35:19:7B:04:3E:24:3A:18:4E:9E:1E:31:43:03:46:60:4B:7C
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0194D122CD9158D8FF629A84E51306F01A8F
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Xdc1GXsEPiQ6GE6eHjFDA0ZgS3w.roa
Signing time: Tue 04 Feb 2025 13:25:06 +0000
ROA not before: Tue 04 Feb 2025 13:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 274010
IP address blocks: 158.172.220.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d1:22:cd:91:58:d8:ff:62:9a:84:e5:13:06:f0:1a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Feb 4 13:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dd735197b043e243a184e9e1e31430346604b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:6c:a2:e2:28:56:a8:31:71:ad:07:6e:e2:
99:f9:87:ad:4f:11:90:34:51:0a:d2:62:ef:f1:03:
a0:c3:c9:4f:12:42:d3:94:61:1e:59:df:02:8d:39:
ca:b0:72:29:9a:93:99:ba:d6:bd:3e:b3:54:4c:d6:
b8:62:d1:3a:28:68:a7:bf:cc:70:f2:05:91:dd:f0:
5e:80:28:56:6b:23:d9:ca:7b:6d:a3:a1:55:64:cf:
2f:64:fd:10:09:21:e7:58:f6:17:6e:2a:c1:e1:ec:
3a:b2:ce:41:d2:fc:04:a8:e8:ca:72:6a:49:64:b9:
c8:15:0d:22:85:5a:27:99:7b:b9:1d:09:5c:69:3b:
58:c6:ee:09:cd:76:0a:04:ad:34:bd:5e:7d:6d:42:
0e:02:3a:c1:1b:c2:e0:a3:a5:48:a0:07:52:4d:36:
8e:67:9d:ab:e9:7c:58:f7:51:ad:0a:9e:28:7f:7c:
fe:ea:12:70:b5:10:f9:40:ee:39:f3:f0:e5:d7:ea:
59:ab:54:44:dd:5c:e9:fb:76:e9:56:b7:89:ab:f0:
c7:42:9c:e9:74:6d:e4:5c:54:cc:c5:69:68:1b:db:
45:6c:8c:55:2b:e1:99:a1:db:83:fe:00:62:5e:b9:
22:f8:dd:cd:ac:ee:c0:4d:7d:c5:d7:7f:2d:b5:d4:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D7:35:19:7B:04:3E:24:3A:18:4E:9E:1E:31:43:03:46:60:4B:7C
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/Xdc1GXsEPiQ6GE6eHjFDA0ZgS3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.220.0/23
Signature Algorithm: sha256WithRSAEncryption
84:62:e6:3e:cd:c1:09:d4:e1:74:e0:16:5a:17:13:05:09:1f:
1c:18:b6:37:a5:20:fe:a5:19:39:ad:06:cc:7b:7c:a4:40:55:
6b:e7:37:11:1c:ec:ac:7f:2d:c4:6c:b0:9b:b0:fb:2a:fc:48:
ad:e7:b2:c9:67:40:6b:67:f3:04:0b:3d:94:3a:42:75:51:98:
9f:86:78:bf:56:16:b0:6a:16:42:d4:cf:84:8b:9e:c4:b1:4e:
65:9f:e1:09:13:9a:57:f1:78:80:18:46:27:21:88:3e:28:53:
f1:f1:85:49:24:f7:05:62:f2:5e:e8:9e:8a:c7:de:3f:85:71:
f1:13:4a:7a:fb:3c:6d:e8:b4:c8:dc:a1:16:6f:4b:ea:89:6a:
18:06:70:96:1a:d5:9e:5c:2f:5b:98:7d:77:d6:7f:18:33:79:
3e:f9:74:fb:a4:3a:ac:1d:9c:15:a7:6c:75:97:ce:8e:33:f0:
3f:4f:dc:c2:d5:67:25:1e:a4:ca:89:af:45:bc:5d:62:92:94:
84:83:f9:8e:57:12:f2:e4:e8:53:e5:ef:88:ef:d6:93:fd:4b:
75:40:de:8b:98:ed:8c:56:fe:74:c5:24:6f:62:15:a9:70:e0:
c9:61:de:6a:93:f2:a8:62:a8:d0:43:04:ea:c6:40:65:2e:59:
2b:24:53:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTRIs2RWNj/YpqE5RMG8BqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjUwMjA0MTMyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ3MzUxOTdiMDQzZTI0M2ExODRlOWUxZTMxNDMwMzQ2NjA0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGFsouIoVqgxca0HbuKZ+YetTxGQ
NFEK0mLv8QOgw8lPEkLTlGEeWd8CjTnKsHIpmpOZuta9PrNUTNa4YtE6KGinv8xw
8gWR3fBegChWayPZyntto6FVZM8vZP0QCSHnWPYXbirB4ew6ss5B0vwEqOjKcmpJ
ZLnIFQ0ihVonmXu5HQlcaTtYxu4JzXYKBK00vV59bUIOAjrBG8Lgo6VIoAdSTTaO
Z52r6XxY91GtCp4of3z+6hJwtRD5QO458/Dl1+pZq1RE3Vzp+3bpVreJq/DHQpzp
dG3kXFTMxWloG9tFbIxVK+GZoduD/gBiXrki+N3NrO7ATX3F138ttdQSoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3XNRl7BD4kOhhOnh4xQwNGYEt8MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvWGRjMUdYc0VQaVE2R0U2ZUhqRkRBMFpnUzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnqzcMA0G
CSqGSIb3DQEBCwUAA4IBAQCEYuY+zcEJ1OF04BZaFxMFCR8cGLY3pSD+pRk5rQbM
e3ykQFVr5zcRHOysfy3EbLCbsPsq/Eit57LJZ0BrZ/MECz2UOkJ1UZifhni/Vhaw
ahZC1M+Ei57EsU5ln+EJE5pX8XiAGEYnIYg+KFPx8YVJJPcFYvJe6J6Kx94/hXHx
E0p6+zxt6LTI3KEWb0vqiWoYBnCWGtWeXC9bmH131n8YM3k++XT7pDqsHZwVp2x1
l86OM/A/T9zC1WclHqTKia9FvF1ikpSEg/mOVxLy5OhT5e+I79aT/Ut1QN6LmO2M
Vv50xSRvYhWpcODJYd5qk/KoYqjQQwTqxkBlLlkrJFPM
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:06 2025 by rpki-client