Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/cKTcZs-U_VD8X5oF6KYi9vL_XPY.roa
File: cKTcZs-U_VD8X5oF6KYi9vL_XPY.roa (raw, json)
Hash identifier: Ojplqzn5+rFkagKqgJjGg7MR261z7vGOzqJ6p2GYag4=
Subject key identifier: 70:A4:DC:66:CF:94:FD:50:FC:5F:9A:05:E8:A6:22:F6:F2:FF:5C:F6
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 019420D64F2A96EE45BAD329515B1E15B375
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/cKTcZs-U_VD8X5oF6KYi9vL_XPY.roa
Signing time: Wed 01 Jan 2025 07:48:23 +0000
ROA not before: Wed 01 Jan 2025 07:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 65725
IP address blocks: 160.218.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4f:2a:96:ee:45:ba:d3:29:51:5b:1e:15:b3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jan 1 07:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70a4dc66cf94fd50fc5f9a05e8a622f6f2ff5cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:46:31:92:69:16:71:ca:d6:32:48:08:08:30:
6a:5d:f0:3f:a2:57:c1:ab:ab:bf:3c:47:e8:6e:9a:
8d:c3:71:a5:aa:31:e5:9b:14:22:22:89:28:e7:86:
f9:95:98:aa:f3:72:9f:e4:52:35:74:00:d3:5b:8f:
97:19:73:eb:01:c7:4a:e1:61:01:f7:7b:06:4d:ee:
d6:02:c5:4c:f4:33:8e:47:93:f2:b7:2c:33:b0:4f:
f0:f4:48:58:c6:ca:0c:74:ed:fb:ec:54:db:07:16:
db:a3:5a:73:63:35:f5:86:c4:ac:02:32:6b:67:64:
c2:96:dd:34:e7:4b:bc:14:a8:cc:69:29:ec:56:ee:
8d:6a:6e:24:a5:3e:15:86:a0:84:44:61:ba:03:6a:
22:47:18:32:43:bc:89:80:c4:f2:e0:3a:2f:c4:93:
f1:18:2f:6d:44:4d:4f:7f:d4:bc:38:f7:2b:66:40:
06:e3:6f:70:b8:f3:df:50:1c:87:b8:64:5c:70:7d:
ed:03:d5:bb:bb:b2:37:b1:08:86:e3:d1:a8:0d:7d:
7a:04:11:8d:6f:1c:3c:29:14:31:b5:71:a4:39:c1:
a9:4d:fb:cc:a0:b5:1b:e8:f4:da:ed:9f:90:a5:db:
bd:f1:f4:15:4c:d1:1c:22:ce:d8:79:c9:09:e2:d4:
cc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:DC:66:CF:94:FD:50:FC:5F:9A:05:E8:A6:22:F6:F2:FF:5C:F6
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/cKTcZs-U_VD8X5oF6KYi9vL_XPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.218.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:71:59:fd:f4:1b:cd:9a:29:8a:06:d5:c2:12:8f:4b:dd:35:
de:ec:24:61:97:aa:29:7e:62:db:32:5a:eb:f4:57:c1:ff:50:
51:25:5e:f9:99:79:bc:22:17:ed:b7:63:10:1e:8c:70:a3:b3:
10:5a:24:4d:8f:29:a0:bd:91:de:ac:74:f0:71:a4:22:96:93:
2d:7b:ec:25:51:48:0c:5d:67:d3:4c:6a:54:ab:4e:f6:a5:f5:
fb:c1:16:5e:43:c7:58:f1:99:f0:39:0d:30:78:fe:67:f4:9c:
a0:ff:7b:cf:26:fa:20:cd:e2:a4:06:c2:72:33:58:fe:18:69:
18:aa:94:fd:b3:04:89:5f:07:d7:3a:f5:b8:32:49:bb:0e:b4:
95:1d:63:3e:2b:0d:6a:7e:76:f0:7f:92:1d:82:48:59:de:0d:
1c:9c:82:2e:12:a1:94:1a:d0:19:e3:22:b7:a4:f3:df:d9:83:
11:d2:0e:60:7c:1c:0d:47:9b:2d:44:87:cd:25:0f:64:5c:54:
9c:1b:b8:30:de:7e:97:92:8a:63:8b:93:d1:85:8c:79:c3:29:
b6:0e:e4:cd:c6:fa:c4:d3:fb:9e:21:a4:c8:4c:7f:6b:49:ec:
7f:2f:c9:ae:f9:53:e9:1d:7f:45:17:ba:ea:31:75:31:df:e3:
f5:b2:35:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1k8qlu5FutMpUVseFbN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwMTAxMDc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE0ZGM2NmNmOTRmZDUwZmM1ZjlhMDVlOGE2MjJmNmYyZmY1Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UYxkmkWccrWMkgICDBqXfA/olfB
q6u/PEfobpqNw3GlqjHlmxQiIoko54b5lZiq83Kf5FI1dADTW4+XGXPrAcdK4WEB
93sGTe7WAsVM9DOOR5PytywzsE/w9EhYxsoMdO377FTbBxbbo1pzYzX1hsSsAjJr
Z2TClt0050u8FKjMaSnsVu6Nam4kpT4VhqCERGG6A2oiRxgyQ7yJgMTy4DovxJPx
GC9tRE1Pf9S8OPcrZkAG429wuPPfUByHuGRccH3tA9W7u7I3sQiG49GoDX16BBGN
bxw8KRQxtXGkOcGpTfvMoLUb6PTa7Z+Qpdu98fQVTNEcIs7YeckJ4tTMaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCk3GbPlP1Q/F+aBeimIvby/1z2MB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvY0tUY1pzLVVfVkQ4WDVvRjZLWWk5dkxfWFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoNrUMA0G
CSqGSIb3DQEBCwUAA4IBAQA8cVn99BvNmimKBtXCEo9L3TXe7CRhl6opfmLbMlrr
9FfB/1BRJV75mXm8Ihftt2MQHoxwo7MQWiRNjymgvZHerHTwcaQilpMte+wlUUgM
XWfTTGpUq072pfX7wRZeQ8dY8ZnwOQ0weP5n9Jyg/3vPJvogzeKkBsJyM1j+GGkY
qpT9swSJXwfXOvW4Mkm7DrSVHWM+Kw1qfnbwf5IdgkhZ3g0cnIIuEqGUGtAZ4yK3
pPPf2YMR0g5gfBwNR5stRIfNJQ9kXFScG7gw3n6Xkopji5PRhYx5wym2DuTNxvrE
0/ueIaTITH9rSex/L8mu+VPpHX9FF7rqMXUx3+P1sjXm
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:24:39 2025 by rpki-client