Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/4ekqJ0ShOsudm3NjqB8EzsLIznQ.roa
File: 4ekqJ0ShOsudm3NjqB8EzsLIznQ.roa (raw, json)
Hash identifier: bsmaITtT/q9ZrtwjMFlkhST+mxUMFa59Ikk72Us4Vtc=
Subject key identifier: E1:E9:2A:27:44:A1:3A:CB:9D:9B:73:63:A8:1F:04:CE:C2:C8:CE:74
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 01942067F73F1643E57DAB7C067F9384B375
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/4ekqJ0ShOsudm3NjqB8EzsLIznQ.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197792
IP address blocks: 159.255.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f7:3f:16:43:e5:7d:ab:7c:06:7f:93:84:b3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1e92a2744a13acb9d9b7363a81f04cec2c8ce74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:78:c6:ac:b3:46:25:6f:67:8a:39:6b:19:
59:bc:5a:9b:45:e1:8b:79:48:4d:13:f7:81:6b:60:
fc:51:6b:d4:46:4b:2c:80:ee:0f:44:ee:65:1f:c0:
7d:7d:00:1b:e8:bb:ae:5f:e6:8a:15:53:e3:6b:16:
cb:45:18:4d:1d:6b:af:02:89:22:e0:94:44:c7:ee:
fb:57:fd:e4:a5:07:a5:2e:ed:66:b8:ae:b6:c5:2b:
11:06:d7:92:5c:99:62:a3:33:27:e1:24:7c:a9:46:
b4:8d:18:19:f8:26:95:47:85:52:9a:fa:21:bc:8c:
4e:1d:ba:eb:7d:38:88:9b:9d:c5:93:27:c5:c2:9b:
ff:99:ec:bb:0f:c7:67:be:79:c2:34:44:6b:bc:fb:
20:f8:43:68:59:7f:11:14:a2:02:08:18:19:4e:fa:
4e:f9:2f:87:61:1c:52:99:af:42:93:fd:2f:9c:ee:
8b:24:0b:11:c4:36:76:de:97:ad:c6:22:99:5d:2d:
41:cf:15:1e:b5:a1:60:04:b3:5c:cf:a6:c8:da:35:
68:62:d3:69:e9:e1:65:0d:e4:07:2d:6c:10:7a:9e:
22:78:de:16:0d:47:57:48:fb:2c:4a:32:06:ef:a9:
b0:32:b0:1f:87:69:97:a3:e2:4f:8e:57:d2:3f:da:
73:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E9:2A:27:44:A1:3A:CB:9D:9B:73:63:A8:1F:04:CE:C2:C8:CE:74
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/4ekqJ0ShOsudm3NjqB8EzsLIznQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:6a:6f:d1:c5:ac:48:f7:70:ad:f6:4a:f2:e0:ca:a8:64:05:
7e:58:b6:54:2e:77:1b:6b:f4:ab:b4:e3:28:04:db:0e:a4:53:
57:71:ce:fb:6f:4d:06:d3:bd:a6:8a:03:0f:cd:8c:57:b9:cd:
67:b1:d7:db:1a:f2:ce:a1:67:e7:17:8d:11:23:cc:42:74:10:
6c:97:68:0f:19:f0:af:0f:a2:56:8f:1a:57:d9:0d:e8:41:fc:
a6:81:ac:e1:a3:79:35:8b:27:2f:25:e1:62:8e:17:8c:bc:23:
79:c0:c3:11:b6:fb:cd:08:df:c2:8f:29:70:b1:14:f3:78:90:
04:4a:31:51:57:82:56:c3:f4:fc:d2:39:24:8e:93:33:17:4a:
c9:29:c4:e9:ba:6c:99:f8:23:64:81:a9:5a:47:06:eb:a7:8b:
bd:3a:bb:ad:c9:17:42:97:f3:5d:1d:bf:0a:84:d8:fd:44:ae:
59:ac:bf:a7:e4:b1:6f:2d:02:e2:38:47:5d:49:7f:e1:e0:eb:
4b:8f:f5:5a:68:ec:74:88:8f:71:bb:05:62:8c:3c:16:ea:67:
7c:5e:3e:38:c7:e3:8e:9e:4f:37:a0:84:a7:94:aa:6b:d2:5f:
c3:16:ad:14:fa:c2:44:b8:ca:0d:2f:08:dd:85:0b:33:b2:20:
94:52:ff:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ/c/FkPlfat8Bn+ThLN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTA0Y2M2N2VmOTZkOTAyMmYzZDBiZmM1MWVhZGI0YTRi
NjNlZTYwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWU5MmEyNzQ0YTEzYWNiOWQ5YjczNjNhODFmMDRjZWMyYzhjZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOV4xqyzRiVvZ4o5axlZvFqbReGL
eUhNE/eBa2D8UWvURkssgO4PRO5lH8B9fQAb6LuuX+aKFVPjaxbLRRhNHWuvAoki
4JREx+77V/3kpQelLu1muK62xSsRBteSXJliozMn4SR8qUa0jRgZ+CaVR4VSmvoh
vIxOHbrrfTiIm53FkyfFwpv/mey7D8dnvnnCNERrvPsg+ENoWX8RFKICCBgZTvpO
+S+HYRxSma9Ck/0vnO6LJAsRxDZ23petxiKZXS1BzxUetaFgBLNcz6bI2jVoYtNp
6eFlDeQHLWwQep4ieN4WDUdXSPssSjIG76mwMrAfh2mXo+JPjlfSP9pz2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHpKidEoTrLnZtzY6gfBM7CyM50MB8GA1UdIwQY
MBaAFHygTMZ++W2QIvPQv8UerbSktj7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEt
YTU1NjhlMGZiYjZkLzEvNGVrcUowU2hPc3VkbTNOanFCOEV6c0xJem5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEtYTU1NjhlMGZiYjZk
LzEvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDn/8oMA0G
CSqGSIb3DQEBCwUAA4IBAQB6am/RxaxI93Ct9kry4MqoZAV+WLZULncba/SrtOMo
BNsOpFNXcc77b00G072migMPzYxXuc1nsdfbGvLOoWfnF40RI8xCdBBsl2gPGfCv
D6JWjxpX2Q3oQfymgazho3k1iycvJeFijheMvCN5wMMRtvvNCN/CjylwsRTzeJAE
SjFRV4JWw/T80jkkjpMzF0rJKcTpumyZ+CNkgalaRwbrp4u9OrutyRdCl/NdHb8K
hNj9RK5ZrL+n5LFvLQLiOEddSX/h4OtLj/VaaOx0iI9xuwVijDwW6md8Xj44x+OO
nk83oISnlKpr0l/DFq0U+sJEuMoNLwjdhQszsiCUUv/e
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net