Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/coBIhj-g7a4t_QkFPEnA3t3TN8U.roa
File: coBIhj-g7a4t_QkFPEnA3t3TN8U.roa (raw, json)
Hash identifier: FMtCmhYv8BwdhkKpNroPbCbepJ79NGcx+1J9x7kaHKA=
Subject key identifier: 72:80:48:86:3F:A0:ED:AE:2D:FD:09:05:3C:49:C0:DE:DD:D3:37:C5
Certificate issuer: /CN=a0606b8aad553f0948c7a894d68671870eb82cb0
Certificate serial: 019420685177E58482872F0E85D9EC100694
Authority key identifier: A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/coBIhj-g7a4t_QkFPEnA3t3TN8U.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2471
IP address blocks: 147.99.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:51:77:e5:84:82:87:2f:0e:85:d9:ec:10:06:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0606b8aad553f0948c7a894d68671870eb82cb0
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=728048863fa0edae2dfd09053c49c0deddd337c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:36:8d:bc:d2:5e:d4:f6:18:de:ae:2a:9b:82:
9e:54:58:87:44:e3:f0:61:ee:b0:d3:98:df:42:0a:
d9:36:df:37:3c:66:10:be:30:be:90:b7:d6:66:f8:
46:27:18:cf:49:9b:da:fe:b9:b5:48:90:1f:35:60:
73:46:ae:e4:78:ff:ea:0e:5f:9f:8f:bc:4c:7f:77:
50:52:70:8b:8c:0e:46:da:e1:7a:43:d7:db:f4:e4:
80:00:5a:73:74:59:a2:54:85:f7:2e:3f:8f:bd:1b:
56:9b:4f:b1:80:fa:ec:57:7e:e8:91:01:62:5d:9b:
72:b6:8d:fa:96:89:99:b3:ba:f7:4b:71:97:e3:a6:
34:79:cb:b3:a9:fb:cb:86:36:8b:ab:b0:26:b2:30:
14:1c:da:98:43:54:6c:2b:dc:11:40:c0:19:fd:d8:
9a:0e:2c:55:5b:c6:ac:53:71:68:0f:8f:be:34:18:
9a:4f:ea:f2:d5:d8:40:a3:29:9a:ab:8f:7f:c8:cd:
49:a0:33:23:0f:1c:fa:2e:6b:65:15:2a:a2:13:c8:
6f:84:12:cf:f1:30:98:6d:90:78:50:9e:42:4f:cd:
69:be:08:ff:a5:33:6d:ce:b8:d1:fa:07:be:24:f2:
dd:62:25:78:af:a1:6d:56:67:73:bd:ec:77:d8:3c:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:80:48:86:3F:A0:ED:AE:2D:FD:09:05:3C:49:C0:DE:DD:D3:37:C5
X509v3 Authority Key Identifier:
keyid:A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/coBIhj-g7a4t_QkFPEnA3t3TN8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/oGBriq1VPwlIx6iU1oZxhw64LLA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.99.88.0/21
Signature Algorithm: sha256WithRSAEncryption
88:69:97:3c:e3:3d:36:04:b6:48:6e:d7:3b:fd:9e:9d:e6:5a:
42:44:b2:ca:1b:27:b6:86:5b:37:14:d3:b3:3f:7b:e7:0f:d7:
88:88:d7:c6:79:fc:e9:59:2d:ad:bd:09:ea:39:73:dd:e1:5f:
04:f3:45:5c:d5:ff:7b:cf:24:b7:ce:e1:7a:4a:2b:41:0a:15:
6d:42:ce:3d:69:a5:65:c6:69:b6:c6:ae:a9:20:24:cf:ab:1b:
8a:55:56:53:08:ed:05:0a:3f:71:0e:a4:e6:03:5f:3d:6b:ce:
dc:42:17:3b:c1:0d:0e:5b:b9:ea:ef:41:5a:f2:db:fe:0f:4d:
50:d8:c2:52:d7:53:de:e4:81:f9:a8:63:a0:ad:82:4c:8c:1f:
6d:5c:04:64:15:b7:0d:46:99:40:6f:86:58:12:d5:9e:0e:81:
5b:19:f1:fe:92:dd:97:1e:ae:e4:dc:24:3f:1d:10:09:00:78:
33:36:86:15:a6:31:10:de:24:7e:7b:46:71:e4:59:69:1a:72:
d8:d5:66:8f:34:3e:9f:81:d0:19:e1:ce:7d:5e:22:29:43:ea:
e3:cd:77:62:26:8a:34:fd:9f:7a:eb:4c:a7:c0:80:d7:ce:73:
7c:b9:f0:11:6e:37:15:a4:cb:15:e1:39:27:c6:2e:d3:3f:8f:
ff:7b:6b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaFF35YSChy8OhdnsEAaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNjA2YjhhYWQ1NTNmMDk0OGM3YTg5NGQ2ODY3MTg3MGVi
ODJjYjAwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgwNDg4NjNmYTBlZGFlMmRmZDA5MDUzYzQ5YzBkZWRkZDMzN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTaNvNJe1PYY3q4qm4KeVFiHROPw
Ye6w05jfQgrZNt83PGYQvjC+kLfWZvhGJxjPSZva/rm1SJAfNWBzRq7keP/qDl+f
j7xMf3dQUnCLjA5G2uF6Q9fb9OSAAFpzdFmiVIX3Lj+PvRtWm0+xgPrsV37okQFi
XZtyto36lomZs7r3S3GX46Y0ecuzqfvLhjaLq7AmsjAUHNqYQ1RsK9wRQMAZ/dia
DixVW8asU3FoD4++NBiaT+ry1dhAoymaq49/yM1JoDMjDxz6LmtlFSqiE8hvhBLP
8TCYbZB4UJ5CT81pvgj/pTNtzrjR+ge+JPLdYiV4r6FtVmdzvex32DydcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKASIY/oO2uLf0JBTxJwN7d0zfFMB8GA1UdIwQY
MBaAFKBga4qtVT8JSMeolNaGcYcOuCywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYt
YmIzNDMxZmUwMjg1LzEvY29CSWhqLWc3YTR0X1FrRlBFbkEzdDNUTjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYtYmIzNDMxZmUwMjg1
LzEvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDk2NYMA0G
CSqGSIb3DQEBCwUAA4IBAQCIaZc84z02BLZIbtc7/Z6d5lpCRLLKGye2hls3FNOz
P3vnD9eIiNfGefzpWS2tvQnqOXPd4V8E80Vc1f97zyS3zuF6SitBChVtQs49aaVl
xmm2xq6pICTPqxuKVVZTCO0FCj9xDqTmA189a87cQhc7wQ0OW7nq70Fa8tv+D01Q
2MJS11Pe5IH5qGOgrYJMjB9tXARkFbcNRplAb4ZYEtWeDoFbGfH+kt2XHq7k3CQ/
HRAJAHgzNoYVpjEQ3iR+e0Zx5FlpGnLY1WaPND6fgdAZ4c59XiIpQ+rjzXdiJoo0
/Z9660ynwIDXznN8ufARbjcVpMsV4Tknxi7TP4//e2tw
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:06:33 2025 by rpki-client