Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/4T4WQHYVEwM6aHV5StYkGf2jN5Y.roa
File: 4T4WQHYVEwM6aHV5StYkGf2jN5Y.roa (raw, json)
Hash identifier: KlTVObGFhQ/EitqWP5C6TUwR0SNqxo8YoBWHXEsTCiE=
Subject key identifier: E1:3E:16:40:76:15:13:03:3A:68:75:79:4A:D6:24:19:FD:A3:37:96
Certificate issuer: /CN=f141d664698b70ffb2a26f684b47deb6c8d59a53
Certificate serial: 019423D7CB3D45463937A4AEB6E5616D14CD
Authority key identifier: F1:41:D6:64:69:8B:70:FF:B2:A2:6F:68:4B:47:DE:B6:C8:D5:9A:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UHWZGmLcP-yom9oS0fetsjVmlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/4T4WQHYVEwM6aHV5StYkGf2jN5Y.roa
Signing time: Wed 01 Jan 2025 21:48:52 +0000
ROA not before: Wed 01 Jan 2025 21:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201336
IP address blocks: 109.71.248.0/22 maxlen: 22
109.71.248.0/24 maxlen: 24
109.71.249.0/24 maxlen: 24
109.71.250.0/24 maxlen: 24
109.71.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:cb:3d:45:46:39:37:a4:ae:b6:e5:61:6d:14:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f141d664698b70ffb2a26f684b47deb6c8d59a53
Validity
Not Before: Jan 1 21:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e13e1640761513033a6875794ad62419fda33796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dc:fd:00:16:ac:98:65:93:4d:14:e2:8a:67:
fc:62:6d:1f:74:5c:ec:44:49:d7:2b:09:f0:85:5a:
fa:32:7b:ca:c1:3a:c7:04:ed:ec:95:c6:82:64:46:
67:0a:e2:9c:a9:37:dc:62:3a:c9:80:1c:ca:bb:1b:
d5:63:cc:e3:f0:57:7f:fe:86:3c:c6:a5:a1:c5:d1:
67:4f:0a:cb:ea:c1:42:ce:f2:18:ed:45:1d:95:ac:
08:60:03:0c:9e:23:a4:b2:c3:c6:0e:90:ed:3e:59:
b3:9c:52:b8:37:70:43:5b:7b:60:30:d1:e1:30:5d:
e9:65:18:54:2a:06:20:53:2b:b6:08:7a:03:15:6d:
5b:62:81:a2:17:cc:f5:ba:2c:9d:87:74:2c:b9:f6:
cb:36:7d:d0:c0:63:2c:d8:33:8c:85:e0:7d:50:b0:
c1:8b:63:1b:c3:5f:fa:eb:d3:ab:96:c8:9d:ae:33:
72:97:71:c6:a2:fd:ca:99:d1:9c:d1:75:bc:1c:60:
5b:bc:bc:41:90:6a:99:f7:dc:e6:46:ca:3e:5b:55:
ff:95:a7:39:75:dd:7a:d2:9b:1d:fd:a8:4c:46:2b:
93:63:65:9b:42:f2:8a:78:5d:b5:08:1d:ff:42:7d:
09:cb:13:36:d4:ca:31:fa:a7:a9:8b:a8:31:58:0d:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3E:16:40:76:15:13:03:3A:68:75:79:4A:D6:24:19:FD:A3:37:96
X509v3 Authority Key Identifier:
keyid:F1:41:D6:64:69:8B:70:FF:B2:A2:6F:68:4B:47:DE:B6:C8:D5:9A:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UHWZGmLcP-yom9oS0fetsjVmlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/4T4WQHYVEwM6aHV5StYkGf2jN5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2e8abe-8e70-4715-91ae-963d13fd09bb/1/8UHWZGmLcP-yom9oS0fetsjVmlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.248.0/22
Signature Algorithm: sha256WithRSAEncryption
89:fe:d6:8f:ef:62:88:8e:40:a3:72:2d:f5:e4:0d:70:36:93:
15:62:06:e8:0e:5e:68:04:92:cb:a0:af:99:37:ae:6c:8c:d6:
a6:77:ea:5f:80:34:de:43:1c:74:b2:90:78:15:ff:ac:76:8c:
21:3b:05:dc:68:7e:d5:8b:7d:4f:7c:12:4d:af:34:d6:5d:d7:
79:30:23:3e:69:72:1f:f0:93:d8:16:e4:e6:60:ee:df:89:27:
54:89:ac:94:cc:ed:44:72:6e:47:9c:64:e0:9c:88:07:70:33:
eb:ea:3b:66:c4:f4:82:94:bb:d1:00:f4:fc:2b:53:e2:88:fa:
c3:ec:92:64:1e:ef:3c:01:5d:1d:61:31:b0:30:2b:8d:cf:a5:
c4:8c:78:cd:0b:fb:29:c5:cf:28:23:62:ce:c0:6d:9b:e8:fb:
b6:d6:da:b9:93:b5:33:e8:03:61:bd:5a:04:1d:c1:a9:e6:a7:
bf:f6:ca:1c:98:d0:02:16:a3:d5:31:56:4c:b6:8e:d5:5a:7f:
b3:6f:7d:59:73:51:0c:8c:04:05:d5:2b:82:98:60:93:e4:ae:
0c:30:3e:4f:ea:45:6b:6d:de:d5:6e:0d:7e:74:bb:d2:a9:92:
75:83:03:81:26:bc:42:c8:5f:10:f4:46:cc:03:bd:37:62:d9:
40:3a:98:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj18s9RUY5N6SutuVhbRTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDFkNjY0Njk4YjcwZmZiMmEyNmY2ODRiNDdkZWI2Yzhk
NTlhNTMwHhcNMjUwMTAxMjE0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTNlMTY0MDc2MTUxMzAzM2E2ODc1Nzk0YWQ2MjQxOWZkYTMzNzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9z9ABasmGWTTRTiimf8Ym0fdFzs
REnXKwnwhVr6MnvKwTrHBO3slcaCZEZnCuKcqTfcYjrJgBzKuxvVY8zj8Fd//oY8
xqWhxdFnTwrL6sFCzvIY7UUdlawIYAMMniOkssPGDpDtPlmznFK4N3BDW3tgMNHh
MF3pZRhUKgYgUyu2CHoDFW1bYoGiF8z1uiydh3QsufbLNn3QwGMs2DOMheB9ULDB
i2Mbw1/669OrlsidrjNyl3HGov3KmdGc0XW8HGBbvLxBkGqZ99zmRso+W1X/lac5
dd160psd/ahMRiuTY2WbQvKKeF21CB3/Qn0JyxM21Mox+qepi6gxWA049QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOE+FkB2FRMDOmh1eUrWJBn9ozeWMB8GA1UdIwQY
MBaAFPFB1mRpi3D/sqJvaEtH3rbI1ZpTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVIV1pHbUxjUC15b205b1MwZmV0c2pWbWxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yZThhYmUtOGU3MC00NzE1LTkxYWUt
OTYzZDEzZmQwOWJiLzEvNFQ0V1FIWVZFd002YUhWNVN0WWtHZjJqTjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yZThhYmUtOGU3MC00NzE1LTkxYWUtOTYzZDEzZmQwOWJi
LzEvOFVIV1pHbUxjUC15b205b1MwZmV0c2pWbWxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUf4MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ/taP72KIjkCjci315A1wNpMVYgboDl5oBJLLoK+Z
N65sjNamd+pfgDTeQxx0spB4Ff+sdowhOwXcaH7Vi31PfBJNrzTWXdd5MCM+aXIf
8JPYFuTmYO7fiSdUiayUzO1Ecm5HnGTgnIgHcDPr6jtmxPSClLvRAPT8K1PiiPrD
7JJkHu88AV0dYTGwMCuNz6XEjHjNC/spxc8oI2LOwG2b6Pu21tq5k7Uz6ANhvVoE
HcGp5qe/9socmNACFqPVMVZMto7VWn+zb31Zc1EMjAQF1SuCmGCT5K4MMD5P6kVr
bd7Vbg1+dLvSqZJ1gwOBJrxCyF8Q9EbMA703YtlAOphD
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:54 2025 by rpki-client