Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/0H1Z8N5wGt3dSjqDG8bowD-Ttng.roa
File: 0H1Z8N5wGt3dSjqDG8bowD-Ttng.roa (raw, json)
Hash identifier: oPSp0ubsi2iqvVhAG7FKsfv+UH3h4fdTyPyVMxry6Iw=
Subject key identifier: D0:7D:59:F0:DE:70:1A:DD:DD:4A:3A:83:1B:C6:E8:C0:3F:93:B6:78
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 01942369738069F8BB951A17CAE8D2CF467A
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/0H1Z8N5wGt3dSjqDG8bowD-Ttng.roa
Signing time: Wed 01 Jan 2025 19:48:20 +0000
ROA not before: Wed 01 Jan 2025 19:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213224
IP address blocks: 66.71.160.0/20 maxlen: 24
209.227.208.0/20 maxlen: 24
209.227.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:73:80:69:f8:bb:95:1a:17:ca:e8:d2:cf:46:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 19:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d07d59f0de701adddd4a3a831bc6e8c03f93b678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:e6:4d:34:34:b5:f5:be:56:ea:00:94:d2:
28:ce:0b:12:00:df:a1:a4:9b:0a:b1:2d:60:f1:cd:
91:dd:13:4f:f6:80:89:91:2d:08:a6:e2:9a:e5:e4:
13:0e:3b:96:51:2e:e7:55:82:b5:43:aa:5d:aa:21:
f4:f9:9e:65:04:60:31:fc:1b:49:10:74:99:a0:45:
11:80:db:94:0b:3c:57:17:30:f4:65:db:7c:2f:28:
f5:50:4c:ba:96:05:70:c3:7b:75:e9:f9:a3:95:c1:
5e:f8:a0:15:d9:f4:ac:ac:93:29:f7:7f:3b:eb:c0:
7f:62:c2:21:b0:c6:5c:ff:81:1d:d2:37:fd:d4:0d:
fd:cb:d2:c7:56:17:b5:0f:a7:f8:92:dd:c3:d7:19:
13:e3:51:15:10:27:cc:45:e3:1e:19:5e:be:6b:f9:
6c:84:3d:f8:03:81:be:83:37:8a:07:67:86:49:9d:
2f:9a:6f:99:66:f5:13:17:d3:eb:cd:3d:7e:53:e1:
42:ac:78:30:2d:f9:0e:11:0d:9a:01:28:40:29:dd:
7f:0b:79:1f:35:4d:36:6f:2d:d5:55:18:4f:f1:08:
c1:0f:76:bb:74:3c:c6:44:1e:d9:ce:43:6d:96:04:
24:0d:74:6f:1e:e1:1b:b5:3f:ac:69:a2:31:83:42:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7D:59:F0:DE:70:1A:DD:DD:4A:3A:83:1B:C6:E8:C0:3F:93:B6:78
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/0H1Z8N5wGt3dSjqDG8bowD-Ttng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.71.160.0/20
209.227.208.0/20
209.227.240.0/20
Signature Algorithm: sha256WithRSAEncryption
48:df:76:8d:43:0c:85:ef:93:9c:b0:5f:93:95:41:fd:e0:27:
52:e2:05:6e:6e:8c:89:fa:1a:86:eb:23:08:98:8e:97:85:75:
c2:e0:b9:44:a1:03:bc:4d:b4:c1:cf:13:14:94:c0:c2:4a:81:
70:2c:63:63:94:f4:b7:0d:24:17:4a:42:97:92:da:23:16:be:
ab:2b:f4:db:3c:ff:63:b6:28:df:f8:5c:89:34:01:1a:cb:07:
ea:cd:aa:7c:ca:9e:3e:7e:9e:df:82:77:3a:de:6d:af:30:ab:
e5:b6:fa:3a:af:05:f9:71:b7:22:c5:ef:6f:03:85:85:45:d7:
01:86:6b:92:66:46:3e:88:5d:1e:ed:62:1e:24:dc:8f:df:ca:
59:c5:83:18:9a:55:3c:19:07:bf:92:7d:63:55:bd:85:88:22:
d9:d2:77:be:e4:c8:14:4f:0a:94:36:49:a4:e8:7d:b0:03:d4:
35:a1:76:fd:59:c3:e4:f5:59:38:95:06:73:05:85:58:5b:76:
2d:fb:a0:6d:54:4e:12:8b:39:1f:4f:ed:d9:41:28:a4:79:e5:
63:b9:f3:67:bc:f2:2d:ec:27:cb:38:1c:df:9e:1e:81:d0:bd:
fa:a8:dc:39:4e:1d:85:5a:15:70:9f:5d:cd:73:cd:f7:c6:71:
dc:d6:3e:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaXOAafi7lRoXyujSz0Z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjUwMTAxMTk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdkNTlmMGRlNzAxYWRkZGQ0YTNhODMxYmM2ZThjMDNmOTNiNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMXmTTQ0tfW+VuoAlNIozgsSAN+h
pJsKsS1g8c2R3RNP9oCJkS0IpuKa5eQTDjuWUS7nVYK1Q6pdqiH0+Z5lBGAx/BtJ
EHSZoEURgNuUCzxXFzD0Zdt8Lyj1UEy6lgVww3t16fmjlcFe+KAV2fSsrJMp9387
68B/YsIhsMZc/4Ed0jf91A39y9LHVhe1D6f4kt3D1xkT41EVECfMReMeGV6+a/ls
hD34A4G+gzeKB2eGSZ0vmm+ZZvUTF9PrzT1+U+FCrHgwLfkOEQ2aAShAKd1/C3kf
NU02by3VVRhP8QjBD3a7dDzGRB7ZzkNtlgQkDXRvHuEbtT+saaIxg0JpTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNB9WfDecBrd3Uo6gxvG6MA/k7Z4MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvMEgxWjhONXdHdDNkU2pxREc4Ym93RC1UdG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEQkegAwQE
0ePQAwQE0ePwMA0GCSqGSIb3DQEBCwUAA4IBAQBI33aNQwyF75OcsF+TlUH94CdS
4gVuboyJ+hqG6yMImI6XhXXC4LlEoQO8TbTBzxMUlMDCSoFwLGNjlPS3DSQXSkKX
ktojFr6rK/TbPP9jtijf+FyJNAEaywfqzap8yp4+fp7fgnc63m2vMKvltvo6rwX5
cbcixe9vA4WFRdcBhmuSZkY+iF0e7WIeJNyP38pZxYMYmlU8GQe/kn1jVb2FiCLZ
0ne+5MgUTwqUNkmk6H2wA9Q1oXb9WcPk9Vk4lQZzBYVYW3Yt+6BtVE4SizkfT+3Z
QSikeeVjufNnvPIt7CfLOBzfnh6B0L36qNw5Th2FWhVwn13Nc833xnHc1j74
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:56:28 2025 by rpki-client