Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/CNW7SWWyPXjkVCT0iDVNfrjwwpA.roa
File: CNW7SWWyPXjkVCT0iDVNfrjwwpA.roa (raw, json)
Hash identifier: k4s58EF5wBmZt+T4Xu5UiMWzoDDiqHSDuzU1imxzcS0=
Subject key identifier: 08:D5:BB:49:65:B2:3D:78:E4:54:24:F4:88:35:4D:7E:B8:F0:C2:90
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018E7B932F4E1BA645EBF68332659EF7E266
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/CNW7SWWyPXjkVCT0iDVNfrjwwpA.roa
Signing time: Tue 26 Mar 2024 16:23:47 +0000
ROA not before: Tue 26 Mar 2024 16:23:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1073
IP address blocks: 152.89.28.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:93:2f:4e:1b:a6:45:eb:f6:83:32:65:9e:f7:e2:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 26 16:23:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d5bb4965b23d78e45424f488354d7eb8f0c290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:d5:da:3c:f7:fe:e4:1d:b4:54:d1:d8:b5:
68:ce:c5:02:52:79:b9:8d:25:27:35:6c:ca:d4:e2:
41:e1:31:b2:a4:d2:8b:43:1d:fc:2f:f1:73:1e:0b:
33:3e:39:b7:6b:8a:c9:0e:84:d6:89:bd:7a:b1:02:
cc:e4:ed:97:ab:78:f1:8d:82:50:8b:21:e3:d6:78:
cb:17:9d:7b:c0:06:02:b6:07:43:23:47:25:61:d2:
4b:12:ce:91:c7:f2:91:d3:55:9b:53:df:c6:ce:39:
b5:44:b8:18:3b:2a:26:27:bb:59:13:d7:59:03:c8:
75:e0:77:3d:1e:d9:e1:15:47:07:49:ce:7d:38:63:
16:b1:02:69:f0:35:27:90:7d:0b:1e:a3:4f:08:72:
f7:58:28:58:da:99:55:c5:a9:36:26:d6:90:fc:93:
1d:5d:9e:34:18:f6:ed:91:7d:b4:20:7b:e7:27:9b:
6d:68:99:63:79:53:ae:eb:99:c7:7e:f7:f2:2b:b1:
c5:d8:39:72:f6:93:e8:fb:b4:75:74:9d:e4:84:cd:
8e:e1:a0:62:a5:2f:92:95:76:1a:a4:d8:21:fe:29:
61:6d:4c:e8:38:68:2a:c0:b8:0d:34:58:47:5e:bb:
79:4e:8b:37:32:1f:72:67:70:72:e2:df:94:b8:5f:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D5:BB:49:65:B2:3D:78:E4:54:24:F4:88:35:4D:7E:B8:F0:C2:90
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/CNW7SWWyPXjkVCT0iDVNfrjwwpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
20:26:6d:ad:8f:c4:99:08:2a:67:05:e7:38:d8:22:27:db:dd:
18:73:18:6e:93:2d:7f:14:ed:b6:9e:13:fe:ed:b2:75:18:81:
bd:db:92:63:97:1f:47:f2:78:bf:05:ba:fa:9a:57:52:5c:b7:
bf:f2:cc:83:2d:97:72:ce:92:ad:a2:b1:2d:5b:15:42:70:cf:
bb:99:ce:bf:ee:76:d4:96:7c:53:8a:38:c0:db:3a:2b:f0:c9:
33:c1:fd:3b:67:a8:26:42:24:5e:d4:10:54:1e:6f:84:e1:d6:
ba:e8:c3:00:98:85:5f:b1:c8:09:9b:ff:cc:45:e5:68:1c:4f:
7c:7a:a3:4a:07:02:00:09:20:5b:44:19:66:6d:d0:01:e2:55:
56:ae:3a:fa:28:41:69:de:e3:f8:19:62:09:78:18:76:a0:26:
2c:04:c3:5e:02:ed:d6:02:00:e8:9b:50:9a:96:c2:81:b9:fa:
6e:fa:4a:bf:cd:f1:0a:cb:3b:4b:62:a6:68:bc:7d:aa:40:79:
eb:bd:0e:da:da:a1:84:c1:b3:f6:c9:36:3b:78:f3:58:7e:ad:
26:99:0e:b1:ca:6b:6c:e2:c6:5c:8c:9b:2b:54:f4:ab:a0:b2:
f1:81:64:4f:ce:ed:ad:5b:70:04:3a:20:5c:76:78:cf:9e:32:
e2:8a:2b:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY57ky9OG6ZF6/aDMmWe9+JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMzI2MTYyMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ1YmI0OTY1YjIzZDc4ZTQ1NDI0ZjQ4ODM1NGQ3ZWI4ZjBjMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF/V2jz3/uQdtFTR2LVozsUCUnm5
jSUnNWzK1OJB4TGypNKLQx38L/FzHgszPjm3a4rJDoTWib16sQLM5O2Xq3jxjYJQ
iyHj1njLF517wAYCtgdDI0clYdJLEs6Rx/KR01WbU9/Gzjm1RLgYOyomJ7tZE9dZ
A8h14Hc9HtnhFUcHSc59OGMWsQJp8DUnkH0LHqNPCHL3WChY2plVxak2JtaQ/JMd
XZ40GPbtkX20IHvnJ5ttaJljeVOu65nHfvfyK7HF2Dly9pPo+7R1dJ3khM2O4aBi
pS+SlXYapNgh/ilhbUzoOGgqwLgNNFhHXrt5Tos3Mh9yZ3By4t+UuF827wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjVu0llsj145FQk9Ig1TX648MKQMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvQ05XN1NXV3lQWGprVkNUMGlEVk5mcmp3d3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFkcMA0G
CSqGSIb3DQEBCwUAA4IBAQAgJm2tj8SZCCpnBec42CIn290Ycxhuky1/FO22nhP+
7bJ1GIG925Jjlx9H8ni/Bbr6mldSXLe/8syDLZdyzpKtorEtWxVCcM+7mc6/7nbU
lnxTijjA2zor8Mkzwf07Z6gmQiRe1BBUHm+E4da66MMAmIVfscgJm//MReVoHE98
eqNKBwIACSBbRBlmbdAB4lVWrjr6KEFp3uP4GWIJeBh2oCYsBMNeAu3WAgDom1Ca
lsKBufpu+kq/zfEKyztLYqZovH2qQHnrvQ7a2qGEwbP2yTY7ePNYfq0mmQ6xymts
4sZcjJsrVPSroLLxgWRPzu2tW3AEOiBcdnjPnjLiiit2
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:57 2025 by rpki-client