Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/1tdaIrt9xypJtReKdxeXXdM964s.roa
File: 1tdaIrt9xypJtReKdxeXXdM964s.roa (raw, json)
Hash identifier: 2jF3CjF80ww6ITNBk+zVZgXhV0QGg1umOnc7I4ePaOY=
Subject key identifier: D6:D7:5A:22:BB:7D:C7:2A:49:B5:17:8A:77:17:97:5D:D3:3D:EB:8B
Certificate issuer: /CN=d82b2846f093bc9416041be68a2c783161eb04df
Certificate serial: 019422FBF9A2D10EE4BAE4007B2F2A64D05A
Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/1tdaIrt9xypJtReKdxeXXdM964s.roa
Signing time: Wed 01 Jan 2025 17:48:46 +0000
ROA not before: Wed 01 Jan 2025 17:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21111
IP address blocks: 158.66.0.0/16 maxlen: 16
158.66.1.0/24 maxlen: 24
158.66.2.0/24 maxlen: 24
158.66.4.0/24 maxlen: 24
158.66.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f9:a2:d1:0e:e4:ba:e4:00:7b:2f:2a:64:d0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df
Validity
Not Before: Jan 1 17:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d75a22bb7dc72a49b5178a7717975dd33deb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8f:b5:5a:d7:c4:0d:54:6b:80:c4:03:b3:db:
18:54:e1:ca:a4:62:b5:74:26:9c:fb:42:07:3e:dd:
36:ca:2f:f7:33:b0:5f:e9:cc:f3:de:55:8d:2b:e5:
2d:58:82:0a:dd:a3:63:9f:4f:a7:d6:4e:2f:49:c1:
7e:c3:c4:6e:93:3b:24:b6:a7:ea:02:4f:0c:9d:43:
82:e4:fd:15:99:bb:68:01:44:ca:7b:29:fc:61:98:
21:64:30:a1:0a:59:16:fe:9a:ba:bd:66:ed:29:80:
6e:2e:d4:83:dd:87:a6:5c:9c:d0:65:77:7c:02:b2:
ed:d9:db:60:9f:e8:f7:db:26:04:f0:57:c7:5c:6d:
fb:3b:2c:df:b8:0b:1a:b6:3b:88:a8:80:f8:89:19:
87:df:04:8f:03:f5:e6:bc:d6:78:3c:dc:f8:46:f6:
76:1b:57:89:2c:47:2d:df:91:a0:f0:8e:c3:f4:04:
f2:cf:fb:93:98:4c:a2:b6:70:50:1b:10:7e:06:d7:
0a:ef:4e:a1:4e:d4:a6:c3:58:2e:bb:ab:31:02:aa:
29:97:bd:26:7e:7c:dc:42:97:1e:48:82:d7:ba:9b:
aa:03:4c:42:74:38:3d:86:a6:c2:5b:69:a1:2a:bb:
7c:78:db:81:db:dd:aa:f2:25:4b:c8:59:a6:38:65:
cf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D7:5A:22:BB:7D:C7:2A:49:B5:17:8A:77:17:97:5D:D3:3D:EB:8B
X509v3 Authority Key Identifier:
keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/1tdaIrt9xypJtReKdxeXXdM964s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:8f:26:52:f6:87:a5:a4:16:7d:e7:72:58:be:d3:a8:dc:f3:
1d:d6:04:ac:f1:a2:ed:19:ac:48:9e:d4:12:7d:f9:d9:4a:7c:
47:9b:10:ea:90:29:e1:b0:36:8c:c8:13:3c:5c:d0:3a:82:54:
10:2b:3f:3a:d9:17:45:f6:83:14:91:d0:a6:85:a0:d0:22:06:
3e:f0:79:9d:35:10:9e:9c:9c:7c:be:cd:21:bf:ea:f3:9c:99:
66:c1:27:5c:94:83:ac:16:8e:fd:95:4e:df:3f:e6:b2:2f:04:
f9:74:af:a3:b8:3b:71:c5:be:da:2d:e2:2f:f7:c8:3b:16:68:
79:e6:7b:7d:eb:1b:21:91:15:ec:56:64:84:eb:4a:e0:2c:1e:
9e:b7:0c:63:c6:bd:63:56:97:95:6b:43:f2:75:1e:16:cb:30:
60:59:8a:c7:6c:ba:49:0f:c3:d1:02:01:4e:68:e7:9a:07:49:
e1:21:96:a8:9b:6a:50:82:bc:13:63:58:40:6e:4d:45:c0:a9:
e3:37:0f:c2:df:5c:1f:95:65:99:ec:54:a6:ab:1c:1e:b7:a2:
a0:3f:11:66:6e:3a:c1:25:0e:54:97:32:08:46:31:1e:af:17:
1f:52:0a:5c:ee:3a:bb:64:65:24:26:ba:d5:39:3e:1b:07:f3:
8c:a0:4d:b7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQi+/mi0Q7kuuQAey8qZNBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl
YjA0ZGYwHhcNMjUwMTAxMTc0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ3NWEyMmJiN2RjNzJhNDliNTE3OGE3NzE3OTc1ZGQzM2RlYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y+1WtfEDVRrgMQDs9sYVOHKpGK1
dCac+0IHPt02yi/3M7Bf6czz3lWNK+UtWIIK3aNjn0+n1k4vScF+w8Rukzsktqfq
Ak8MnUOC5P0VmbtoAUTKeyn8YZghZDChClkW/pq6vWbtKYBuLtSD3YemXJzQZXd8
ArLt2dtgn+j32yYE8FfHXG37OyzfuAsatjuIqID4iRmH3wSPA/XmvNZ4PNz4RvZ2
G1eJLEct35Gg8I7D9ATyz/uTmEyitnBQGxB+BtcK706hTtSmw1guu6sxAqopl70m
fnzcQpceSILXupuqA0xCdDg9hqbCW2mhKrt8eNuB292q8iVLyFmmOGXPowIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNbXWiK7fccqSbUXincXl13TPeuLMB8GA1UdIwQY
MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt
NTQ3M2VlMWRhYTliLzEvMXRkYUlydDl4eXBKdFJlS2R4ZVhYZE05NjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli
LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnkIwDQYJ
KoZIhvcNAQELBQADggEBAHSPJlL2h6WkFn3ncli+06jc8x3WBKzxou0ZrEie1BJ9
+dlKfEebEOqQKeGwNozIEzxc0DqCVBArPzrZF0X2gxSR0KaFoNAiBj7weZ01EJ6c
nHy+zSG/6vOcmWbBJ1yUg6wWjv2VTt8/5rIvBPl0r6O4O3HFvtot4i/3yDsWaHnm
e33rGyGRFexWZITrSuAsHp63DGPGvWNWl5VrQ/J1HhbLMGBZisdsukkPw9ECAU5o
55oHSeEhlqibalCCvBNjWEBuTUXAqeM3D8LfXB+VZZnsVKarHB63oqA/EWZuOsEl
DlSXMghGMR6vFx9SClzuOrtkZSQmutU5PhsH84ygTbc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:01 2025 by rpki-client