Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/iZ22B8h2CF0B3Oz9syV53byWL_0.roa
File: iZ22B8h2CF0B3Oz9syV53byWL_0.roa (raw, json)
Hash identifier: VYDZIyOuFN1ahIjTRDa7OGK7piN3HtnFvoCb1cfCQZ0=
Subject key identifier: 89:9D:B6:07:C8:76:08:5D:01:DC:EC:FD:B3:25:79:DD:BC:96:2F:FD
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 0185719E865FDBBC8DDD102E59E106B8C8B9
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/iZ22B8h2CF0B3Oz9syV53byWL_0.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 158.172.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:86:5f:db:bc:8d:dd:10:2e:59:e1:06:b8:c8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=899db607c876085d01dcecfdb32579ddbc962ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:01:27:df:96:c4:ac:ad:22:df:b2:3a:c8:
4e:3d:89:37:14:2f:6e:1e:64:3e:f8:90:c5:23:d7:
51:8e:df:a9:67:7a:6c:3f:af:69:5b:19:17:48:6c:
8c:29:42:28:9c:4d:12:7d:c7:78:7b:09:7c:ac:24:
77:5c:f4:59:44:ee:c1:37:0e:57:a1:3d:66:8b:d2:
3f:b4:7c:fe:02:dc:3d:c2:0c:f7:91:23:46:aa:ca:
80:fd:a6:4d:ac:43:b6:84:9c:04:5c:37:6e:a5:4e:
27:60:61:14:b0:66:39:da:dc:0c:3b:7f:34:43:a2:
0a:dd:80:fb:ed:76:39:2a:06:76:a7:62:f8:04:5e:
ef:d1:d9:f0:7d:05:1d:f4:53:a5:e6:b1:d4:75:56:
7e:bb:f0:2f:e2:67:7b:76:7f:87:a4:83:27:fa:11:
bb:f6:e0:84:cc:9c:93:02:ad:4d:eb:0b:71:46:ca:
ba:2d:f4:3e:6f:b1:3e:4d:27:60:25:49:60:16:62:
03:f2:ff:b7:3a:26:44:3f:bb:5a:57:18:0d:95:01:
d6:35:83:84:f9:3c:82:08:c8:13:cf:f9:5f:20:70:
8c:54:4f:57:f1:43:d4:16:81:de:22:2a:8e:e3:a4:
1a:ea:61:3c:92:e3:e2:ec:3b:25:8f:28:07:c0:2c:
a4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9D:B6:07:C8:76:08:5D:01:DC:EC:FD:B3:25:79:DD:BC:96:2F:FD
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/iZ22B8h2CF0B3Oz9syV53byWL_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:f6:f7:d1:a9:a7:d7:ff:71:1c:e9:93:18:8a:8b:77:29:5e:
84:10:5b:be:57:34:d1:09:98:74:5b:9b:17:5d:48:17:87:76:
2c:e8:9f:5d:78:67:e0:83:fa:96:72:d5:b5:f9:77:a7:8d:ca:
97:5a:48:23:a8:01:1b:ff:1d:29:28:44:cf:cd:6e:08:ba:b3:
8b:24:c3:da:7f:12:f4:dd:93:51:2e:3c:0b:8a:8b:2b:3b:43:
a8:c3:67:15:7f:a1:9c:0c:61:16:82:89:55:82:d5:b0:41:78:
c4:27:2d:53:cc:d6:d6:4a:3f:bb:12:01:e4:2a:c2:82:83:50:
29:09:67:81:e4:c8:1d:96:2e:e3:34:82:e7:75:05:09:be:c7:
74:6b:d1:96:21:9a:da:1b:57:b3:d8:d0:22:3e:bd:e5:0a:ff:
4b:8d:1e:f3:13:55:43:66:28:86:0e:59:4c:60:8c:aa:db:3e:
e4:55:e4:cd:4d:28:f9:e4:7e:33:48:58:88:96:2f:25:c2:d4:
d6:1c:27:b1:c8:57:f3:34:57:35:93:18:08:39:b9:20:6c:d4:
56:93:c8:13:40:60:9d:e1:fb:e2:fb:16:fc:df:b7:4e:3a:0a:
4f:34:8f:40:9c:40:e2:4a:48:2e:4f:c6:ac:eb:69:f5:ab:55:
6b:bc:23:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnoZf27yN3RAuWeEGuMi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTlkYjYwN2M4NzYwODVkMDFkY2VjZmRiMzI1NzlkZGJjOTYyZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoocBJ9+WxKytIt+yOshOPYk3FC9u
HmQ++JDFI9dRjt+pZ3psP69pWxkXSGyMKUIonE0Sfcd4ewl8rCR3XPRZRO7BNw5X
oT1mi9I/tHz+Atw9wgz3kSNGqsqA/aZNrEO2hJwEXDdupU4nYGEUsGY52twMO380
Q6IK3YD77XY5KgZ2p2L4BF7v0dnwfQUd9FOl5rHUdVZ+u/Av4md7dn+HpIMn+hG7
9uCEzJyTAq1N6wtxRsq6LfQ+b7E+TSdgJUlgFmID8v+3OiZEP7taVxgNlQHWNYOE
+TyCCMgTz/lfIHCMVE9X8UPUFoHeIiqO46Qa6mE8kuPi7DsljygHwCykMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImdtgfIdghdAdzs/bMled28li/9MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvaVoyMkI4aDJDRjBCM096OXN5VjUzYnlXTF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqyQMA0G
CSqGSIb3DQEBCwUAA4IBAQBu9vfRqafX/3Ec6ZMYiot3KV6EEFu+VzTRCZh0W5sX
XUgXh3Ys6J9deGfgg/qWctW1+XenjcqXWkgjqAEb/x0pKETPzW4IurOLJMPafxL0
3ZNRLjwLiosrO0Oow2cVf6GcDGEWgolVgtWwQXjEJy1TzNbWSj+7EgHkKsKCg1Ap
CWeB5Mgdli7jNILndQUJvsd0a9GWIZraG1ez2NAiPr3lCv9LjR7zE1VDZiiGDllM
YIyq2z7kVeTNTSj55H4zSFiIli8lwtTWHCexyFfzNFc1kxgIObkgbNRWk8gTQGCd
4fvi+xb837dOOgpPNI9AnEDiSkguT8as62n1q1VrvCPw
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:51 2025 by rpki-client