Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/edc8f3-0bb2-41ab-ba64-d22967e22ef0/1/N2iXQzwnJ7HrnDOcVCjZn3aCcVw.roa
File: N2iXQzwnJ7HrnDOcVCjZn3aCcVw.roa (raw, json)
Hash identifier: YJwpPg1gpuiDf+AucM/2eZ40ZoPeyXC6eibq/R/5usA=
Subject key identifier: 37:68:97:43:3C:27:27:B1:EB:9C:33:9C:54:28:D9:9F:76:82:71:5C
Certificate issuer: /CN=5eccb7cd1b9d6fc39d7158f2fe9cf5217a12d374
Certificate serial: 0194258F36152E0FF7268B8D41205052DC4D
Authority key identifier: 5E:CC:B7:CD:1B:9D:6F:C3:9D:71:58:F2:FE:9C:F5:21:7A:12:D3:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xsy3zRudb8OdcVjy_pz1IXoS03Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/edc8f3-0bb2-41ab-ba64-d22967e22ef0/1/N2iXQzwnJ7HrnDOcVCjZn3aCcVw.roa
Signing time: Thu 02 Jan 2025 05:48:49 +0000
ROA not before: Thu 02 Jan 2025 05:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203179
IP address blocks: 185.143.156.0/22 maxlen: 22
2a07:3640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:36:15:2e:0f:f7:26:8b:8d:41:20:50:52:dc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eccb7cd1b9d6fc39d7158f2fe9cf5217a12d374
Validity
Not Before: Jan 2 05:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=376897433c2727b1eb9c339c5428d99f7682715c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:99:5b:57:26:54:80:15:b8:48:ff:1c:3d:d3:
04:53:a8:9f:84:79:ac:54:87:c2:21:80:3f:28:7d:
e9:64:1e:9b:42:21:18:1b:2d:2e:64:08:16:6c:8d:
73:64:5a:4e:d4:e2:36:70:9b:58:33:81:d5:2f:4f:
3c:e6:bf:31:c8:d6:0a:47:00:aa:42:5a:c4:7d:26:
54:cf:46:12:81:5b:c7:7c:1f:38:e7:e0:79:f4:87:
61:ca:06:0a:c9:1b:bd:74:20:28:39:43:a2:1f:11:
a7:c1:4a:e9:c5:8a:84:93:4a:64:d8:03:dc:4a:c9:
30:e0:d7:6b:04:cc:62:bd:90:e5:56:e0:6e:a2:db:
45:14:75:5e:e7:de:16:bf:2b:b3:56:f0:42:ab:99:
67:92:8b:81:9b:10:2f:20:11:fd:45:01:bd:3c:1f:
b6:ef:0d:e7:29:cb:ac:f4:62:71:a2:5b:b9:97:df:
26:2c:28:20:85:d6:57:ef:28:2f:73:46:a3:91:64:
d0:9a:e3:ef:96:b9:56:fc:c6:97:9f:cd:f1:cf:86:
1b:f0:3d:fd:e6:bb:e8:dc:0e:5a:1f:af:7d:fa:98:
a2:9b:f8:0d:4a:19:7d:10:23:56:32:6e:28:69:13:
fb:62:11:ea:ba:b1:66:db:b7:27:39:1c:21:86:58:
18:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:68:97:43:3C:27:27:B1:EB:9C:33:9C:54:28:D9:9F:76:82:71:5C
X509v3 Authority Key Identifier:
keyid:5E:CC:B7:CD:1B:9D:6F:C3:9D:71:58:F2:FE:9C:F5:21:7A:12:D3:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xsy3zRudb8OdcVjy_pz1IXoS03Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/edc8f3-0bb2-41ab-ba64-d22967e22ef0/1/N2iXQzwnJ7HrnDOcVCjZn3aCcVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/edc8f3-0bb2-41ab-ba64-d22967e22ef0/1/Xsy3zRudb8OdcVjy_pz1IXoS03Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.156.0/22
IPv6:
2a07:3640::/29
Signature Algorithm: sha256WithRSAEncryption
6c:28:42:f2:19:49:2a:4c:eb:c2:23:c1:4a:4c:c9:28:5f:36:
fc:6e:79:fe:be:f6:ba:d0:8b:64:55:ad:b1:ae:51:eb:12:d4:
8e:96:0b:15:9f:e9:07:16:de:c0:65:82:6d:93:2d:73:dc:54:
f2:b3:57:d1:59:9a:8f:f0:a6:c2:ab:7e:c5:f8:ad:b8:ed:83:
6f:1f:91:1b:97:89:fd:5a:d8:f7:4e:0a:89:a8:83:fd:a9:70:
a6:05:2a:9d:08:c8:4f:0c:84:e5:2f:77:db:11:d2:58:2b:32:
9a:ba:16:6e:00:42:75:27:34:ca:e1:0c:3e:96:24:b4:d0:e8:
82:f0:16:20:80:e8:a0:97:ee:e1:33:31:73:98:50:f6:02:99:
f8:35:bd:96:42:db:65:73:af:8f:4a:be:0d:ed:96:10:36:ad:
f8:27:16:d5:de:ac:2a:4b:ec:33:f3:79:b5:c0:67:da:d8:77:
ef:57:a5:e6:fc:f8:31:4a:ef:90:e0:4a:33:db:a5:3c:d5:fa:
6d:95:14:d5:20:2b:db:27:7d:a8:d4:ff:6c:ca:95:c0:5f:40:
2b:b7:ac:d1:c2:12:0c:a2:30:54:19:91:55:d6:98:26:be:98:
84:76:44:0b:79:ef:e5:88:c1:94:8a:f5:ef:f9:1d:5d:56:4e:
14:01:04:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljzYVLg/3JouNQSBQUtxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlY2NiN2NkMWI5ZDZmYzM5ZDcxNThmMmZlOWNmNTIxN2Ex
MmQzNzQwHhcNMjUwMTAyMDU0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY4OTc0MzNjMjcyN2IxZWI5YzMzOWM1NDI4ZDk5Zjc2ODI3MTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZlbVyZUgBW4SP8cPdMEU6ifhHms
VIfCIYA/KH3pZB6bQiEYGy0uZAgWbI1zZFpO1OI2cJtYM4HVL0885r8xyNYKRwCq
QlrEfSZUz0YSgVvHfB845+B59IdhygYKyRu9dCAoOUOiHxGnwUrpxYqEk0pk2APc
Sskw4NdrBMxivZDlVuBuottFFHVe594WvyuzVvBCq5lnkouBmxAvIBH9RQG9PB+2
7w3nKcus9GJxolu5l98mLCgghdZX7ygvc0ajkWTQmuPvlrlW/MaXn83xz4Yb8D39
5rvo3A5aH699+piim/gNShl9ECNWMm4oaRP7YhHqurFm27cnORwhhlgYpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDdol0M8Jyex65wznFQo2Z92gnFcMB8GA1UdIwQY
MBaAFF7Mt80bnW/DnXFY8v6c9SF6EtN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHN5M3pSdWRiOE9kY1ZqeV9wejFJWG9TMDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lZGM4ZjMtMGJiMi00MWFiLWJhNjQt
ZDIyOTY3ZTIyZWYwLzEvTjJpWFF6d25KN0hybkRPY1ZDalpuM2FDY1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lZGM4ZjMtMGJiMi00MWFiLWJhNjQtZDIyOTY3ZTIyZWYw
LzEvWHN5M3pSdWRiOE9kY1ZqeV9wejFJWG9TMDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY+cMA0E
AgACMAcDBQMqBzZAMA0GCSqGSIb3DQEBCwUAA4IBAQBsKELyGUkqTOvCI8FKTMko
Xzb8bnn+vva60ItkVa2xrlHrEtSOlgsVn+kHFt7AZYJtky1z3FTys1fRWZqP8KbC
q37F+K247YNvH5Ebl4n9Wtj3TgqJqIP9qXCmBSqdCMhPDITlL3fbEdJYKzKauhZu
AEJ1JzTK4Qw+liS00OiC8BYggOigl+7hMzFzmFD2Apn4Nb2WQttlc6+PSr4N7ZYQ
Nq34JxbV3qwqS+wz83m1wGfa2HfvV6Xm/PgxSu+Q4Eoz26U81fptlRTVICvbJ32o
1P9sypXAX0Art6zRwhIMojBUGZFV1pgmvpiEdkQLee/liMGUivXv+R1dVk4UAQQN
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:09 2025 by rpki-client