Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/0808b2-1633-4c0d-bcbc-f6fcf73cee70/1/41Kf3SCwnWPoeI3gwt6SuiM3U8E.roa
File: 41Kf3SCwnWPoeI3gwt6SuiM3U8E.roa (raw, json)
Hash identifier: u7Hgq9t6aNSvvpN1ap2hOUlss087XACBIUhudiFtYGg=
Subject key identifier: E3:52:9F:DD:20:B0:9D:63:E8:78:8D:E0:C2:DE:92:BA:23:37:53:C1
Certificate issuer: /CN=168f0e2ba2d093433a4b61295727b99bb145f77b
Certificate serial: 019424B3BDEE458BAAD57915B0F75F21CF17
Authority key identifier: 16:8F:0E:2B:A2:D0:93:43:3A:4B:61:29:57:27:B9:9B:B1:45:F7:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fo8OK6LQk0M6S2EpVye5m7FF93s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/0808b2-1633-4c0d-bcbc-f6fcf73cee70/1/41Kf3SCwnWPoeI3gwt6SuiM3U8E.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198095
IP address blocks: 64.187.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:bd:ee:45:8b:aa:d5:79:15:b0:f7:5f:21:cf:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168f0e2ba2d093433a4b61295727b99bb145f77b
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3529fdd20b09d63e8788de0c2de92ba233753c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:98:18:0a:75:4d:87:fb:e5:ee:ac:c7:59:d7:
19:aa:54:a4:90:a0:28:6d:e8:b5:5d:69:06:bb:37:
19:ef:a3:79:74:f8:c4:15:2a:99:68:08:40:8f:ee:
67:e6:36:5d:83:b0:60:20:4f:0b:f1:71:83:01:19:
b9:f7:5d:73:01:72:85:d9:29:fc:6d:5f:b7:73:e7:
c6:d3:52:78:6f:77:45:c2:f6:3b:02:e2:da:e1:41:
c2:18:6f:72:b6:af:cc:7f:60:54:7b:82:9f:8b:ac:
09:6b:66:73:0a:c8:d4:bf:39:fd:a2:b3:aa:00:02:
53:99:b1:3a:b0:57:8a:9c:51:20:98:98:78:23:ee:
8b:2b:65:2c:f0:fe:9d:35:3e:be:6b:d2:15:c2:2e:
51:4d:d6:98:b3:9f:9c:82:a9:f0:a7:a6:69:f3:dc:
99:80:68:c9:b9:be:13:05:bf:76:eb:30:5f:fd:b4:
a0:d9:d3:37:c0:9d:10:15:bc:4d:79:2a:04:3c:c1:
d6:d4:b1:47:32:63:72:86:c5:f7:cf:ac:6d:34:c8:
9a:47:1f:85:dd:96:58:d6:74:ab:8b:de:fc:66:b8:
e0:63:4c:73:74:dc:5a:01:df:4e:05:af:e9:62:ba:
a5:bb:ba:32:2b:cf:4f:f4:0b:b0:cc:48:2d:d0:14:
c2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:52:9F:DD:20:B0:9D:63:E8:78:8D:E0:C2:DE:92:BA:23:37:53:C1
X509v3 Authority Key Identifier:
keyid:16:8F:0E:2B:A2:D0:93:43:3A:4B:61:29:57:27:B9:9B:B1:45:F7:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fo8OK6LQk0M6S2EpVye5m7FF93s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/0808b2-1633-4c0d-bcbc-f6fcf73cee70/1/41Kf3SCwnWPoeI3gwt6SuiM3U8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/0808b2-1633-4c0d-bcbc-f6fcf73cee70/1/Fo8OK6LQk0M6S2EpVye5m7FF93s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.187.108.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b8:5e:55:62:0b:64:1e:a7:1e:68:7e:a5:99:b0:13:c1:06:
ff:de:ae:e1:43:b5:3f:11:03:61:d4:f5:8f:0b:96:09:1e:5e:
26:36:05:89:08:84:0c:aa:63:c9:4f:49:5e:7d:58:06:04:bc:
e6:d0:56:25:4b:ba:ca:3c:9f:73:4d:c5:a2:f2:f5:c9:5a:01:
bc:66:80:80:7c:6c:e8:3d:fc:55:07:b6:bd:73:a8:2e:e1:42:
d8:2f:05:00:1f:18:3d:f1:ec:bf:51:a7:78:7d:39:1b:25:f3:
38:b1:bf:a5:a9:fc:e6:74:f3:fa:37:54:31:f0:59:de:cd:b8:
17:b7:91:72:7f:ec:7d:e1:20:89:6d:41:d9:5b:28:66:44:bb:
0f:fe:4d:1b:48:3d:af:aa:dc:d2:df:df:4f:f1:20:9d:54:60:
70:b6:95:95:45:04:c0:19:9c:32:14:7c:5c:c4:cf:01:d6:05:
8a:23:8c:28:51:79:23:93:41:45:ef:25:dc:69:7b:d8:77:2f:
88:ae:22:c6:b2:dd:84:40:84:e6:01:90:3f:ff:c7:28:4a:55:
f9:57:ec:7e:4f:10:c4:bf:b2:3c:7a:42:86:76:db:7b:3f:1e:
b2:f1:28:c2:fd:26:f9:0e:47:ca:e4:e3:71:8a:5f:dd:ad:60:
f0:3c:8b:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks73uRYuq1XkVsPdfIc8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OGYwZTJiYTJkMDkzNDMzYTRiNjEyOTU3MjdiOTliYjE0
NWY3N2IwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUyOWZkZDIwYjA5ZDYzZTg3ODhkZTBjMmRlOTJiYTIzMzc1M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpgYCnVNh/vl7qzHWdcZqlSkkKAo
bei1XWkGuzcZ76N5dPjEFSqZaAhAj+5n5jZdg7BgIE8L8XGDARm5911zAXKF2Sn8
bV+3c+fG01J4b3dFwvY7AuLa4UHCGG9ytq/Mf2BUe4Kfi6wJa2ZzCsjUvzn9orOq
AAJTmbE6sFeKnFEgmJh4I+6LK2Us8P6dNT6+a9IVwi5RTdaYs5+cgqnwp6Zp89yZ
gGjJub4TBb926zBf/bSg2dM3wJ0QFbxNeSoEPMHW1LFHMmNyhsX3z6xtNMiaRx+F
3ZZY1nSri978ZrjgY0xzdNxaAd9OBa/pYrqlu7oyK89P9AuwzEgt0BTCpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONSn90gsJ1j6HiN4MLekrojN1PBMB8GA1UdIwQY
MBaAFBaPDiui0JNDOkthKVcnuZuxRfd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm84T0s2TFFrME02UzJFcFZ5ZTVtN0ZGOTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wODA4YjItMTYzMy00YzBkLWJjYmMt
ZjZmY2Y3M2NlZTcwLzEvNDFLZjNTQ3duV1BvZUkzZ3d0NlN1aU0zVThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wODA4YjItMTYzMy00YzBkLWJjYmMtZjZmY2Y3M2NlZTcw
LzEvRm84T0s2TFFrME02UzJFcFZ5ZTVtN0ZGOTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQLtsMA0G
CSqGSIb3DQEBCwUAA4IBAQB9uF5VYgtkHqceaH6lmbATwQb/3q7hQ7U/EQNh1PWP
C5YJHl4mNgWJCIQMqmPJT0lefVgGBLzm0FYlS7rKPJ9zTcWi8vXJWgG8ZoCAfGzo
PfxVB7a9c6gu4ULYLwUAHxg98ey/Uad4fTkbJfM4sb+lqfzmdPP6N1Qx8FnezbgX
t5Fyf+x94SCJbUHZWyhmRLsP/k0bSD2vqtzS399P8SCdVGBwtpWVRQTAGZwyFHxc
xM8B1gWKI4woUXkjk0FF7yXcaXvYdy+IriLGst2EQITmAZA//8coSlX5V+x+TxDE
v7I8ekKGdtt7Px6y8SjC/Sb5DkfK5ONxil/drWDwPIuj
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:06 2025 by rpki-client