Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ON0poV7FVuzPD70qh7fKI5j0oJg.roa
File: ON0poV7FVuzPD70qh7fKI5j0oJg.roa (raw, json)
Hash identifier: /q+NYCB9oZnSOJ2CCK/lArv0oB5eufqBUd/a715fQoE=
Subject key identifier: 38:DD:29:A1:5E:C5:56:EC:CF:0F:BD:2A:87:B7:CA:23:98:F4:A0:98
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD32AE476708C8560BBF3570468BF6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ON0poV7FVuzPD70qh7fKI5j0oJg.roa
Signing time: Thu 02 Jan 2025 07:48:58 +0000
ROA not before: Thu 02 Jan 2025 07:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 64.137.16.0/24 maxlen: 24
104.249.25.0/24 maxlen: 24
104.249.62.0/24 maxlen: 24
104.249.63.0/24 maxlen: 24
216.173.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:32:ae:47:67:08:c8:56:0b:bf:35:70:46:8b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38dd29a15ec556eccf0fbd2a87b7ca2398f4a098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2d:f0:c7:dc:06:af:68:c4:42:7e:72:bb:d3:
f6:73:28:7f:9e:fe:51:ff:ad:d4:dc:ce:a4:d8:c5:
67:27:78:d8:bf:b4:3f:d1:41:80:6d:30:d6:c5:1c:
a1:79:aa:65:9a:07:b9:bc:e2:75:83:c8:81:cb:bc:
8f:4f:e4:ff:a9:e9:e5:ce:ff:3b:16:13:96:10:d5:
6f:86:c0:5e:43:19:1d:d7:90:bc:d0:26:22:df:45:
5c:49:c7:ec:0a:4d:e9:4a:42:5a:a3:7e:b1:c4:8c:
f6:c9:3a:5a:75:c4:7e:52:ec:54:a0:98:ab:e6:40:
8f:68:7d:4b:c0:40:68:cf:14:7d:65:ea:c6:28:c9:
b7:38:c4:a7:97:89:e5:1b:be:c2:f5:80:24:81:bc:
3d:77:cf:53:84:58:ae:4b:ff:02:1c:25:ba:ae:78:
e7:66:9a:81:11:5f:19:49:d7:1c:a4:6a:d1:cf:e2:
06:66:49:94:df:a2:b9:0e:fa:f8:15:0a:47:1e:fa:
18:da:f0:4e:29:04:9f:ab:22:ce:80:50:ff:20:84:
65:02:91:ff:eb:c9:e4:6c:07:91:69:6e:9d:03:38:
d9:23:2b:94:86:42:39:f9:ae:f7:32:8f:20:79:98:
a0:33:69:eb:1f:43:04:12:5b:75:5c:d5:ee:b1:ec:
c1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DD:29:A1:5E:C5:56:EC:CF:0F:BD:2A:87:B7:CA:23:98:F4:A0:98
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/ON0poV7FVuzPD70qh7fKI5j0oJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.16.0/24
104.249.25.0/24
104.249.62.0/23
216.173.112.0/21
Signature Algorithm: sha256WithRSAEncryption
71:4d:89:17:b2:e2:34:34:b1:c0:2b:2b:a8:44:ad:8a:96:6e:
ac:7d:65:ea:4a:cc:d0:7d:94:43:d2:02:29:86:f0:7a:f5:84:
07:ea:7c:c9:47:fc:11:30:09:9b:a7:5f:df:5a:81:8f:70:27:
01:1a:c7:5e:a9:b9:75:d7:63:59:d6:50:b3:95:aa:42:af:83:
74:9f:7b:8d:a3:c4:e2:08:84:3b:1e:79:1c:6a:7b:fb:35:53:
d5:58:8f:23:5c:24:03:66:a2:96:9e:6b:45:2c:71:a6:99:66:
48:42:bd:b9:cf:76:24:85:54:01:ae:08:e4:c9:c5:79:8b:31:
04:31:fb:0f:5a:45:1e:ca:ef:b4:85:35:3b:5a:2c:dd:0c:13:
69:df:25:0c:77:39:a8:28:d8:d4:3d:cc:f9:23:f9:22:21:f7:
cb:94:1d:65:bc:ae:d2:0a:84:07:91:9c:97:85:57:1e:08:d5:
2c:b4:fa:f3:1e:63:cb:ba:73:05:40:99:37:50:95:c5:4d:dd:
0d:37:db:d6:6d:15:01:dd:49:4c:81:31:e4:c9:c3:82:89:fa:
ab:b7:94:fd:f4:e1:c7:e7:ad:ee:14:e3:e1:9e:c2:10:07:5a:
f7:12:43:96:e7:b7:b8:44:b8:42:42:84:69:7b:1b:21:e4:36:
84:30:36:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/TKuR2cIyFYLvzVwRov2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGRkMjlhMTVlYzU1NmVjY2YwZmJkMmE4N2I3Y2EyMzk4ZjRhMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi3wx9wGr2jEQn5yu9P2cyh/nv5R
/63U3M6k2MVnJ3jYv7Q/0UGAbTDWxRyheaplmge5vOJ1g8iBy7yPT+T/qenlzv87
FhOWENVvhsBeQxkd15C80CYi30VcScfsCk3pSkJao36xxIz2yTpadcR+UuxUoJir
5kCPaH1LwEBozxR9ZerGKMm3OMSnl4nlG77C9YAkgbw9d89ThFiuS/8CHCW6rnjn
ZpqBEV8ZSdccpGrRz+IGZkmU36K5Dvr4FQpHHvoY2vBOKQSfqyLOgFD/IIRlApH/
68nkbAeRaW6dAzjZIyuUhkI5+a73Mo8geZigM2nrH0MEElt1XNXusezBGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDjdKaFexVbszw+9Koe3yiOY9KCYMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvT04wcG9WN0ZWdXpQRDcwcWg3ZktJNWowb0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIkQAwQA
aPkZAwQBaPk+AwQD2K1wMA0GCSqGSIb3DQEBCwUAA4IBAQBxTYkXsuI0NLHAKyuo
RK2Klm6sfWXqSszQfZRD0gIphvB69YQH6nzJR/wRMAmbp1/fWoGPcCcBGsdeqbl1
12NZ1lCzlapCr4N0n3uNo8TiCIQ7Hnkcanv7NVPVWI8jXCQDZqKWnmtFLHGmmWZI
Qr25z3YkhVQBrgjkycV5izEEMfsPWkUeyu+0hTU7WizdDBNp3yUMdzmoKNjUPcz5
I/kiIffLlB1lvK7SCoQHkZyXhVceCNUstPrzHmPLunMFQJk3UJXFTd0NN9vWbRUB
3UlMgTHkycOCifqrt5T99OHH563uFOPhnsIQB1r3EkOW57e4RLhCQoRpexsh5DaE
MDaO
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:19:36 2025 by rpki-client