Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/IVNXij-StlwFeQNzqAVOIR_s5UY.roa
File: IVNXij-StlwFeQNzqAVOIR_s5UY.roa (raw, json)
Hash identifier: SitPl6cMloLrlgSBvA7o7zdkDMuevHChw+flrI14V8E=
Subject key identifier: 21:53:57:8A:3F:92:B6:5C:05:79:03:73:A8:05:4E:21:1F:EC:E5:46
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 01942067F661D10218D8EB5C7ED05E262988
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/IVNXij-StlwFeQNzqAVOIR_s5UY.roa
Signing time: Wed 01 Jan 2025 05:47:51 +0000
ROA not before: Wed 01 Jan 2025 05:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44558
IP address blocks: 159.255.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f6:61:d1:02:18:d8:eb:5c:7e:d0:5e:26:29:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: Jan 1 05:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2153578a3f92b65c05790373a8054e211fece546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:e8:f5:65:92:0b:b6:59:97:3e:eb:93:2d:
6b:a6:a5:ff:4e:29:33:50:24:a5:f1:5f:94:43:d0:
f6:d3:35:be:29:9f:24:de:cc:75:d9:79:58:87:fe:
55:d1:52:21:8e:7c:e8:fa:bc:e4:02:3b:42:d8:a3:
1b:03:a5:b6:38:e6:02:d4:b2:7c:32:f7:88:76:0e:
b4:0d:3a:66:aa:ef:ca:29:8d:27:be:4a:94:da:29:
bd:4a:67:d5:7d:6e:d5:fa:87:79:fa:fe:27:62:93:
3a:c3:83:4b:b2:ab:79:25:d3:b3:c1:48:d3:b0:df:
b6:e5:77:60:fe:d8:d5:34:f1:3c:76:6b:d0:a2:29:
8a:ea:a9:4f:cd:96:89:d5:bb:69:8d:d0:94:f6:dc:
78:fd:e3:73:ff:71:74:38:63:0a:ee:6f:5e:2a:0f:
d9:23:90:0e:1e:0f:8a:f6:ed:a1:16:f5:c4:e5:fd:
f5:b1:ea:46:1c:e6:7c:84:d7:05:68:f5:9d:8a:c9:
e9:7c:38:e4:bd:07:d2:d8:5a:01:fc:8b:5f:ca:44:
bf:54:db:86:bb:1f:4d:7c:b7:a0:2a:2b:30:46:92:
2d:32:50:af:7c:ba:ba:15:10:8e:4f:1b:5b:cf:41:
0d:5f:41:8d:7c:36:ef:ea:83:ae:8e:80:2f:c4:9b:
62:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:53:57:8A:3F:92:B6:5C:05:79:03:73:A8:05:4E:21:1F:EC:E5:46
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/IVNXij-StlwFeQNzqAVOIR_s5UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/21
Signature Algorithm: sha256WithRSAEncryption
68:a8:54:fb:81:71:6d:50:54:eb:04:b4:9a:24:ef:e0:d4:57:
09:d0:78:6b:73:a9:ee:c3:a4:cc:da:c4:50:3f:e2:e6:f4:77:
ab:9b:a5:da:de:11:f5:f4:96:d5:5d:98:01:98:2f:f8:0b:bc:
f6:0c:43:c0:ce:b6:de:25:91:5b:72:21:fe:f7:25:da:c2:3a:
e0:65:92:2b:f8:7a:3c:ff:99:39:30:97:bf:41:eb:9d:21:d8:
2e:20:09:16:d4:02:37:97:a9:a5:4d:f2:e8:6b:b3:23:2b:2c:
fc:56:57:79:ec:59:ed:b4:c6:cc:fc:5a:4a:93:b5:88:dc:46:
c2:9d:24:b8:c5:85:42:20:d1:e6:32:0f:b0:21:b2:b1:4c:44:
15:c8:26:a5:66:37:ce:7d:4f:28:f6:d7:75:0b:5a:1b:15:13:
63:88:70:07:5f:6f:07:32:31:97:7f:74:91:ff:9b:d8:0d:07:
d4:cf:5e:3f:ae:e4:fb:88:06:ea:ac:3c:06:bc:8b:95:cb:75:
df:14:f9:79:d2:74:cb:57:41:78:67:a7:19:0e:9d:10:70:ba:
3c:3f:07:3c:e4:03:7e:9a:f1:94:a6:7a:6b:2d:28:bb:8e:62:
b4:0c:d7:f2:24:3f:b6:8f:66:ae:1a:0d:97:56:60:07:49:8a:
d1:5c:13:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ/Zh0QIY2OtcftBeJimIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTA0Y2M2N2VmOTZkOTAyMmYzZDBiZmM1MWVhZGI0YTRi
NjNlZTYwHhcNMjUwMTAxMDU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUzNTc4YTNmOTJiNjVjMDU3OTAzNzNhODA1NGUyMTFmZWNlNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5Ho9WWSC7ZZlz7rky1rpqX/Tikz
UCSl8V+UQ9D20zW+KZ8k3sx12XlYh/5V0VIhjnzo+rzkAjtC2KMbA6W2OOYC1LJ8
MveIdg60DTpmqu/KKY0nvkqU2im9SmfVfW7V+od5+v4nYpM6w4NLsqt5JdOzwUjT
sN+25Xdg/tjVNPE8dmvQoimK6qlPzZaJ1btpjdCU9tx4/eNz/3F0OGMK7m9eKg/Z
I5AOHg+K9u2hFvXE5f31sepGHOZ8hNcFaPWdisnpfDjkvQfS2FoB/ItfykS/VNuG
ux9NfLegKiswRpItMlCvfLq6FRCOTxtbz0ENX0GNfDbv6oOujoAvxJti2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFTV4o/krZcBXkDc6gFTiEf7OVGMB8GA1UdIwQY
MBaAFHygTMZ++W2QIvPQv8UerbSktj7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEt
YTU1NjhlMGZiYjZkLzEvSVZOWGlqLVN0bHdGZVFOenFBVk9JUl9zNVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEtYTU1NjhlMGZiYjZk
LzEvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDn/8oMA0G
CSqGSIb3DQEBCwUAA4IBAQBoqFT7gXFtUFTrBLSaJO/g1FcJ0Hhrc6nuw6TM2sRQ
P+Lm9Herm6Xa3hH19JbVXZgBmC/4C7z2DEPAzrbeJZFbciH+9yXawjrgZZIr+Ho8
/5k5MJe/QeudIdguIAkW1AI3l6mlTfLoa7MjKyz8Vld57FnttMbM/FpKk7WI3EbC
nSS4xYVCINHmMg+wIbKxTEQVyCalZjfOfU8o9td1C1obFRNjiHAHX28HMjGXf3SR
/5vYDQfUz14/ruT7iAbqrDwGvIuVy3XfFPl50nTLV0F4Z6cZDp0QcLo8Pwc85AN+
mvGUpnprLSi7jmK0DNfyJD+2j2auGg2XVmAHSYrRXBPP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net