Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa
File: 2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa (raw, json)
Hash identifier: Z+2VK2G2lzN86LoPcE9VgbDrrppkQUiQOHGoi5RCAY8=
Subject key identifier: DB:2C:29:09:10:AD:A7:3E:A1:AD:BF:C1:E5:9D:94:C9:82:F6:9B:E8
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 019422FBF0E1AF3E1904118D9C1C403637FE
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa
Signing time: Wed 01 Jan 2025 17:48:44 +0000
ROA not before: Wed 01 Jan 2025 17:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209465
IP address blocks: 171.22.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f0:e1:af:3e:19:04:11:8d:9c:1c:40:36:37:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Jan 1 17:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db2c290910ada73ea1adbfc1e59d94c982f69be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:fe:55:69:05:60:4a:e0:e9:33:0a:4a:19:
07:9d:15:af:c0:21:1d:2a:53:0b:d9:6f:20:69:c6:
4a:1f:87:91:01:f4:7f:b2:0d:da:01:c7:80:ea:e3:
00:ca:06:4f:fd:ed:35:c9:77:d1:c8:1e:42:5d:b8:
86:9d:a9:5b:1b:50:b4:a6:4a:b6:e9:03:b1:0d:5b:
66:b7:f9:ea:67:74:fc:bb:c8:67:f9:35:56:25:52:
26:df:b6:5a:aa:78:3c:46:75:4a:cd:74:94:4a:a7:
19:01:d1:6d:97:18:4d:70:7b:e7:af:9e:f0:58:4d:
64:2a:aa:0b:b5:66:64:75:20:6a:b5:d8:8f:33:c2:
5b:2c:ff:83:69:97:cb:5e:d9:28:46:65:89:1f:c2:
7d:5a:c5:d3:4c:58:27:85:7e:7f:98:55:09:14:fc:
ce:13:2f:75:22:3c:fa:ff:52:0b:14:0d:02:db:23:
85:87:b5:ee:38:85:b4:96:0b:59:ab:be:4d:18:45:
2c:36:38:81:aa:73:2f:99:38:58:74:ac:fc:00:09:
06:85:00:fb:d8:a0:9f:41:39:db:eb:04:f5:58:eb:
f8:78:5f:ea:07:26:42:3b:1d:cb:d5:b4:16:92:6c:
de:2b:b9:1b:78:f3:1a:fa:36:0a:f9:fe:08:68:a4:
7a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2C:29:09:10:AD:A7:3E:A1:AD:BF:C1:E5:9D:94:C9:82:F6:9B:E8
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/2ywpCRCtpz6hrb_B5Z2UyYL2m-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:8e:bd:87:16:6e:e1:6e:09:61:05:cc:83:2d:bd:97:d5:33:
6e:d2:db:ef:39:01:60:9d:a8:e8:38:45:d4:c6:af:85:58:40:
b9:53:f1:b1:71:3c:0d:02:54:da:65:52:9a:5c:4b:b4:c3:83:
fc:f8:a8:a5:ad:72:c4:45:06:89:4c:fe:61:b2:3c:74:7a:9f:
dd:36:e5:aa:4c:75:5a:0b:9f:fe:f5:54:da:33:07:0f:fe:d2:
f8:d4:3b:79:c9:4e:d3:26:cd:4b:8f:83:7d:cc:e9:a4:e9:5e:
66:9a:b6:3b:30:ea:ce:69:d0:a9:c5:22:2e:63:c1:ed:5e:2b:
44:d0:31:9e:ba:bc:b6:1d:b6:6e:13:14:3f:6a:f8:fb:ba:e4:
d3:70:7d:8e:94:a9:70:17:6b:8f:2f:55:59:9d:ca:28:15:90:
fc:89:61:4a:43:ca:82:2a:37:61:59:39:94:0f:95:7a:5b:0f:
e3:89:ac:87:6a:e2:81:58:1a:6c:18:7a:22:09:18:95:3a:d4:
ce:f7:b2:8b:be:37:50:c1:a9:c5:f1:6b:b4:57:f8:e5:8e:c4:
4e:88:c7:a0:06:71:c1:60:09:55:4e:47:33:ab:f8:eb:4c:91:
3d:ac:cd:da:be:99:29:53:1d:89:45:65:77:82:c1:aa:d8:97:
8a:72:00:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+/Dhrz4ZBBGNnBxANjf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzgyMjM4Mjg5YTg4MDJjZjUyYjY3ZDliZjRhZTg3YTUw
OTMzYzMwHhcNMjUwMTAxMTc0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjJjMjkwOTEwYWRhNzNlYTFhZGJmYzFlNTlkOTRjOTgyZjY5YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso3+VWkFYErg6TMKShkHnRWvwCEd
KlML2W8gacZKH4eRAfR/sg3aAceA6uMAygZP/e01yXfRyB5CXbiGnalbG1C0pkq2
6QOxDVtmt/nqZ3T8u8hn+TVWJVIm37Zaqng8RnVKzXSUSqcZAdFtlxhNcHvnr57w
WE1kKqoLtWZkdSBqtdiPM8JbLP+DaZfLXtkoRmWJH8J9WsXTTFgnhX5/mFUJFPzO
Ey91Ijz6/1ILFA0C2yOFh7XuOIW0lgtZq75NGEUsNjiBqnMvmThYdKz8AAkGhQD7
2KCfQTnb6wT1WOv4eF/qByZCOx3L1bQWkmzeK7kbePMa+jYK+f4IaKR6SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNssKQkQrac+oa2/weWdlMmC9pvoMB8GA1UdIwQY
MBaAFF04IjgomogCz1K2fZv0roelCTPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDIt
ODg1NzU3YzEyNDhmLzEvMnl3cENSQ3RwejZocmJfQjVaMlV5WUwybS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84NTAxOGEtYzIzOC00MzE5LWFkNDItODg1NzU3YzEyNDhm
LzEvWFRnaU9DaWFpQUxQVXJaOW1fU3VoNlVKTThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaXMA0G
CSqGSIb3DQEBCwUAA4IBAQCbjr2HFm7hbglhBcyDLb2X1TNu0tvvOQFgnajoOEXU
xq+FWEC5U/GxcTwNAlTaZVKaXEu0w4P8+KilrXLERQaJTP5hsjx0ep/dNuWqTHVa
C5/+9VTaMwcP/tL41Dt5yU7TJs1Lj4N9zOmk6V5mmrY7MOrOadCpxSIuY8HtXitE
0DGeury2HbZuExQ/avj7uuTTcH2OlKlwF2uPL1VZncooFZD8iWFKQ8qCKjdhWTmU
D5V6Ww/jiayHauKBWBpsGHoiCRiVOtTO97KLvjdQwanF8Wu0V/jljsROiMegBnHB
YAlVTkczq/jrTJE9rM3avpkpUx2JRWV3gsGq2JeKcgAJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:58:37 2025 by rpki-client