Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/CEHno33Cl7h0GLAM4p0jfcTuU2k.roa
File: CEHno33Cl7h0GLAM4p0jfcTuU2k.roa (raw, json)
Hash identifier: VzZMvgTQCr8mQ/IevQojqSyjWV0o3WsjpJkJUVzQ2fo=
Subject key identifier: 08:41:E7:A3:7D:C2:97:B8:74:18:B0:0C:E2:9D:23:7D:C4:EE:53:69
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 019424457AC5E632E9A184DD082BA318F912
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/CEHno33Cl7h0GLAM4p0jfcTuU2k.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206286
IP address blocks: 62.68.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7a:c5:e6:32:e9:a1:84:dd:08:2b:a3:18:f9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0841e7a37dc297b87418b00ce29d237dc4ee5369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:20:0b:10:98:4b:90:f1:8e:54:49:90:21:
b6:04:a2:cb:2b:29:02:9f:6a:4b:00:67:ee:7b:3a:
60:16:6b:8f:50:58:41:00:83:cd:23:67:a4:de:2c:
4d:54:a7:e0:a5:6f:c7:fe:56:27:1c:98:8e:ef:8e:
45:ab:be:7e:6c:6e:77:d5:6b:be:62:86:15:ce:9f:
56:75:3b:43:96:0d:4c:1f:08:65:40:39:45:5a:17:
a1:64:3b:31:32:6b:5f:22:df:8e:3a:73:19:a4:90:
6a:63:ec:9c:08:bf:4c:9a:44:bd:df:19:e5:6b:d6:
b4:7c:f0:00:8e:4d:4f:df:8c:14:5b:de:1e:a5:2e:
6b:00:e0:95:65:73:8e:21:f4:56:3b:c7:33:f1:44:
37:13:6f:4f:1f:8f:bc:d6:28:78:85:05:68:61:08:
c8:93:5d:b2:0e:0c:9a:68:97:ae:85:40:85:33:e8:
64:1d:0d:28:6e:7f:b8:22:77:df:61:90:11:60:41:
9e:36:20:b5:fc:fd:ec:99:d2:d3:02:18:99:1c:bf:
ab:1e:92:9c:af:84:8c:ba:3c:ea:d8:5d:a4:f9:df:
e0:9f:cc:48:fc:da:c0:77:13:f9:42:88:38:1c:18:
14:13:7e:d9:45:0e:76:69:49:32:89:3e:57:0d:61:
01:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:41:E7:A3:7D:C2:97:B8:74:18:B0:0C:E2:9D:23:7D:C4:EE:53:69
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/CEHno33Cl7h0GLAM4p0jfcTuU2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:24:65:d4:4e:11:94:64:8e:63:49:02:c0:57:52:b6:f3:8d:
92:3e:f2:6a:f3:b4:ba:fa:19:d9:22:4b:b4:a0:71:ad:c8:3c:
7d:c2:10:08:e2:40:11:9a:e0:73:61:44:64:ab:e8:dc:4d:0b:
d8:f1:b6:8f:56:9a:a6:e0:60:66:54:dc:88:0f:f1:1b:3a:b2:
ee:2e:5d:8c:80:f1:92:2a:de:7b:d9:27:34:dc:12:cc:17:0b:
a7:8b:a7:35:f5:17:0c:90:71:3f:ff:3b:da:34:cf:71:c5:b9:
58:60:12:dc:d1:14:2e:76:37:b8:68:8e:32:c6:35:03:89:e8:
e6:e0:b9:ee:a6:2b:42:c4:e7:85:aa:c8:76:e3:c5:f6:3d:ce:
6b:6a:33:59:7e:12:9c:d7:7a:79:b9:3d:67:e6:cd:40:e4:36:
26:5b:8f:a5:aa:2a:08:21:b5:33:8e:ca:bb:6d:a6:df:6f:10:
3d:4a:fe:a4:e1:0e:56:76:86:09:0f:ae:6a:ce:df:99:c7:99:
8b:8e:33:1d:9c:10:ca:47:0b:a8:8f:c8:13:a6:32:9a:58:e2:
db:b8:f5:44:e4:ea:0a:3c:97:50:32:85:f6:ca:c0:fa:bf:b1:
6e:a6:dd:23:0d:1e:10:3d:04:95:7d:7a:2d:aa:5b:78:6d:fd:
76:11:72:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXrF5jLpoYTdCCujGPkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQxZTdhMzdkYzI5N2I4NzQxOGIwMGNlMjlkMjM3ZGM0ZWU1MzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvsgCxCYS5DxjlRJkCG2BKLLKykC
n2pLAGfuezpgFmuPUFhBAIPNI2ek3ixNVKfgpW/H/lYnHJiO745Fq75+bG531Wu+
YoYVzp9WdTtDlg1MHwhlQDlFWhehZDsxMmtfIt+OOnMZpJBqY+ycCL9MmkS93xnl
a9a0fPAAjk1P34wUW94epS5rAOCVZXOOIfRWO8cz8UQ3E29PH4+81ih4hQVoYQjI
k12yDgyaaJeuhUCFM+hkHQ0obn+4InffYZARYEGeNiC1/P3smdLTAhiZHL+rHpKc
r4SMujzq2F2k+d/gn8xI/NrAdxP5Qog4HBgUE37ZRQ52aUkyiT5XDWEBAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhB56N9wpe4dBiwDOKdI33E7lNpMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvQ0VIbm8zM0NsN2gwR0xBTTRwMGpmY1R1VTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkREMA0G
CSqGSIb3DQEBCwUAA4IBAQAfJGXUThGUZI5jSQLAV1K2842SPvJq87S6+hnZIku0
oHGtyDx9whAI4kARmuBzYURkq+jcTQvY8baPVpqm4GBmVNyID/EbOrLuLl2MgPGS
Kt572Sc03BLMFwuni6c19RcMkHE//zvaNM9xxblYYBLc0RQudje4aI4yxjUDiejm
4LnupitCxOeFqsh248X2Pc5rajNZfhKc13p5uT1n5s1A5DYmW4+lqioIIbUzjsq7
babfbxA9Sv6k4Q5WdoYJD65qzt+Zx5mLjjMdnBDKRwuoj8gTpjKaWOLbuPVE5OoK
PJdQMoX2ysD6v7Fupt0jDR4QPQSVfXotqlt4bf12EXKq
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:47 2025 by rpki-client