Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/yGyQiv41kYE21uqhtuih0OLSi9I.roa
File: yGyQiv41kYE21uqhtuih0OLSi9I.roa (raw, json)
Hash identifier: tdu5vnXKQDyjaj/70REfOS/T9RJiHmxdfg/dwymFlGk=
Subject key identifier: C8:6C:90:8A:FE:35:91:81:36:D6:EA:A1:B6:E8:A1:D0:E2:D2:8B:D2
Certificate issuer: /CN=373b47a3cee79982adb170341d02026027332023
Certificate serial: 01942067CED46BA18323E5D0D3F9260551AB
Authority key identifier: 37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/yGyQiv41kYE21uqhtuih0OLSi9I.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200568
IP address blocks: 5.159.22.0/23 maxlen: 23
5.159.22.0/24 maxlen: 24
5.159.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ce:d4:6b:a1:83:23:e5:d0:d3:f9:26:05:51:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=373b47a3cee79982adb170341d02026027332023
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c86c908afe35918136d6eaa1b6e8a1d0e2d28bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0a:d3:7a:2d:d5:62:5e:c4:73:d0:70:74:e7:
3f:b0:54:ca:ea:e3:46:05:3b:88:78:c3:c2:27:21:
2b:99:29:f5:aa:ff:37:4a:dc:df:dc:5a:da:22:95:
44:86:ca:38:07:ea:21:e1:bb:0c:7f:28:02:87:14:
21:3f:4c:96:c0:a1:88:95:21:bf:d1:ae:9a:0f:da:
d2:99:7d:84:71:6b:61:da:7a:dc:21:2c:f6:55:a4:
10:ad:e2:23:9d:2f:9e:d0:49:ce:ec:f0:ee:58:7c:
16:42:6d:9e:d6:99:e7:0f:2e:22:dd:6c:8c:7a:00:
5e:26:05:88:0c:0c:58:bc:34:5d:84:4d:4a:97:20:
ef:ca:f3:9e:6a:98:c5:9c:cd:42:75:cf:89:71:60:
d2:41:93:db:09:e5:2c:b2:ad:08:33:b3:a6:e0:e7:
f7:e4:28:cd:c7:52:21:f1:d0:88:26:e1:37:e4:6d:
3f:33:3f:3f:40:b9:41:18:b9:70:9a:f8:22:e2:60:
15:67:34:08:5e:10:85:25:99:29:96:6c:69:da:73:
f4:56:2a:8c:cd:69:61:af:78:ab:51:f8:81:e7:8f:
b7:94:19:b4:3c:77:dc:eb:5a:cc:4b:4c:d4:84:0e:
e1:7b:78:ab:db:3a:fe:e2:56:1d:2e:a7:52:04:7f:
8c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:6C:90:8A:FE:35:91:81:36:D6:EA:A1:B6:E8:A1:D0:E2:D2:8B:D2
X509v3 Authority Key Identifier:
keyid:37:3B:47:A3:CE:E7:99:82:AD:B1:70:34:1D:02:02:60:27:33:20:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NztHo87nmYKtsXA0HQICYCczICM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/yGyQiv41kYE21uqhtuih0OLSi9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c2a15-ac4d-464a-a77e-32f9a282f56c/1/NztHo87nmYKtsXA0HQICYCczICM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.22.0/23
Signature Algorithm: sha256WithRSAEncryption
21:fb:4e:b6:17:83:65:ec:fd:92:29:21:be:35:d4:22:62:0b:
d7:89:7a:f6:dc:09:a4:46:27:ff:2b:44:cb:40:86:78:db:f5:
1f:40:60:27:6f:0f:33:b8:83:26:ac:8d:91:0e:af:48:1d:03:
e4:3e:7c:d8:f7:d6:38:4f:54:52:fa:10:22:30:b0:ac:5b:3f:
0e:aa:8f:85:a0:de:6f:d1:f2:84:0f:32:fe:7c:dc:2a:57:6a:
21:a6:0f:24:9a:67:06:18:26:f2:9f:fc:b1:83:ba:dc:26:00:
e3:66:f4:26:0b:06:02:c1:60:a1:c8:1e:52:b6:ff:55:87:be:
71:7a:14:b2:51:03:bf:b9:5b:33:71:3b:e9:32:07:b9:3b:23:
5e:95:12:73:93:6f:22:50:12:13:f8:78:32:36:68:5f:13:d8:
90:f9:5f:c4:04:08:d5:4f:f0:7b:b6:ea:0e:f9:6b:fc:ea:f9:
20:a4:26:e7:52:a5:37:38:d0:c8:a7:82:44:19:10:d8:35:7d:
84:b8:a5:18:c6:e4:8b:24:03:f7:a1:0c:5b:7e:32:9b:e6:21:
34:be:84:61:d2:49:a9:bb:c2:66:61:87:ee:0e:47:bd:d7:97:
47:08:ac:2b:e6:af:76:ef:61:99:2f:f2:ea:ed:82:54:c1:77:
95:5e:b6:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ87Ua6GDI+XQ0/kmBVGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3M2I0N2EzY2VlNzk5ODJhZGIxNzAzNDFkMDIwMjYwMjcz
MzIwMjMwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODZjOTA4YWZlMzU5MTgxMzZkNmVhYTFiNmU4YTFkMGUyZDI4YmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrTei3VYl7Ec9BwdOc/sFTK6uNG
BTuIeMPCJyErmSn1qv83Stzf3FraIpVEhso4B+oh4bsMfygChxQhP0yWwKGIlSG/
0a6aD9rSmX2EcWth2nrcISz2VaQQreIjnS+e0EnO7PDuWHwWQm2e1pnnDy4i3WyM
egBeJgWIDAxYvDRdhE1KlyDvyvOeapjFnM1Cdc+JcWDSQZPbCeUssq0IM7Om4Of3
5CjNx1Ih8dCIJuE35G0/Mz8/QLlBGLlwmvgi4mAVZzQIXhCFJZkplmxp2nP0ViqM
zWlhr3irUfiB54+3lBm0PHfc61rMS0zUhA7he3ir2zr+4lYdLqdSBH+M+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhskIr+NZGBNtbqobboodDi0ovSMB8GA1UdIwQY
MBaAFDc7R6PO55mCrbFwNB0CAmAnMyAjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2Ut
MzJmOWEyODJmNTZjLzEveUd5UWl2NDFrWUUyMXVxaHR1aWgwT0xTaTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzJhMTUtYWM0ZC00NjRhLWE3N2UtMzJmOWEyODJmNTZj
LzEvTnp0SG84N25tWUt0c1hBMEhRSUNZQ2N6SUNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZ8WMA0G
CSqGSIb3DQEBCwUAA4IBAQAh+062F4Nl7P2SKSG+NdQiYgvXiXr23AmkRif/K0TL
QIZ42/UfQGAnbw8zuIMmrI2RDq9IHQPkPnzY99Y4T1RS+hAiMLCsWz8Oqo+FoN5v
0fKEDzL+fNwqV2ohpg8kmmcGGCbyn/yxg7rcJgDjZvQmCwYCwWChyB5Stv9Vh75x
ehSyUQO/uVszcTvpMge5OyNelRJzk28iUBIT+HgyNmhfE9iQ+V/EBAjVT/B7tuoO
+Wv86vkgpCbnUqU3ONDIp4JEGRDYNX2EuKUYxuSLJAP3oQxbfjKb5iE0voRh0kmp
u8JmYYfuDke915dHCKwr5q9272GZL/Lq7YJUwXeVXrbr
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:18:16 2025 by rpki-client