Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/S7dw96BjJHjSAZkMcxGi_FB5doA.roa
File: S7dw96BjJHjSAZkMcxGi_FB5doA.roa (raw, json)
Hash identifier: KE2tpzq8RhZkUzoGjIN+rbgmJi4KOhIPNewQQ1O2Z3o=
Subject key identifier: 4B:B7:70:F7:A0:63:24:78:D2:01:99:0C:73:11:A2:FC:50:79:76:80
Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial: 0194221FBD8D26DFBA3449B2D99BB51D566A
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/S7dw96BjJHjSAZkMcxGi_FB5doA.roa
Signing time: Wed 01 Jan 2025 13:48:12 +0000
ROA not before: Wed 01 Jan 2025 13:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39356
IP address blocks: 164.215.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bd:8d:26:df:ba:34:49:b2:d9:9b:b5:1d:56:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Validity
Not Before: Jan 1 13:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bb770f7a0632478d201990c7311a2fc50797680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f9:33:bf:f3:dd:77:7f:3b:c9:d5:31:60:d4:
30:a2:3a:b9:9a:e2:53:5a:ec:39:a7:0d:53:10:19:
2a:65:e1:f0:fe:f7:52:de:9e:79:dc:dc:34:bd:6c:
c2:cd:6d:f8:5d:6e:79:2e:b2:e8:39:5e:22:5a:0a:
d9:24:ea:ff:a2:61:45:a2:ac:39:33:d8:b5:cf:81:
57:55:e2:fe:83:31:37:94:66:08:c1:ab:66:39:87:
06:cc:8d:e8:5f:6e:b3:f2:84:36:c4:1a:cf:60:ce:
de:fb:22:7e:2e:24:b7:34:fb:65:98:4f:9a:9c:d7:
aa:d6:70:d3:22:c4:2f:55:02:c8:62:ae:1f:aa:c9:
55:5e:b3:8a:9a:fd:fb:52:8e:06:ce:4e:6b:99:ad:
fa:7e:44:82:70:65:b4:6a:51:b7:b1:04:3c:93:1d:
f6:26:6e:ea:b0:8a:3e:e3:15:c8:f4:75:ba:40:fb:
43:63:cc:5b:f1:64:64:a6:f0:5c:29:59:b4:c9:5f:
d1:fc:aa:6a:f9:db:9d:4f:ce:c8:1f:52:88:e3:f8:
61:cb:56:ff:33:67:94:f7:a2:ca:ed:2d:21:34:17:
09:fd:94:ed:94:42:0d:42:64:47:ea:37:04:19:d3:
92:57:ec:e8:81:3f:77:00:8a:e9:42:39:8a:ec:15:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B7:70:F7:A0:63:24:78:D2:01:99:0C:73:11:A2:FC:50:79:76:80
X509v3 Authority Key Identifier:
keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/S7dw96BjJHjSAZkMcxGi_FB5doA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.108.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c2:d0:55:55:e8:20:e9:12:7b:54:14:b1:65:05:39:26:e1:
d5:cf:89:75:1f:1f:2a:94:a9:53:bd:7f:5f:53:1e:fb:60:c2:
05:12:1c:aa:0b:7f:ab:ec:c9:55:b5:c1:0b:e8:42:80:9a:76:
7e:1b:f3:a5:86:cb:25:2c:05:77:48:86:21:f3:33:96:1b:a5:
e7:ac:3a:ce:55:7b:5f:dc:42:ff:ec:eb:ac:53:1c:df:7c:6c:
c2:db:49:61:6f:95:ab:2a:06:a8:69:e4:88:6e:4c:7a:35:1d:
6a:d1:1b:d4:45:76:f3:80:ef:34:92:5d:73:68:50:28:d4:b3:
6d:97:a8:c8:32:06:72:06:dd:0a:d4:cb:4b:bc:be:a4:d8:09:
86:20:fb:76:2e:13:ee:8e:bb:d0:ac:f9:72:27:57:ec:e4:d8:
ec:ff:61:a2:92:91:32:a3:0b:35:b8:aa:a7:09:31:ad:7c:f4:
50:e8:b2:ac:d4:46:d2:97:6e:c5:28:9b:60:02:e3:07:ec:f5:
6c:a1:29:67:5e:34:bf:9f:97:00:f0:16:12:eb:32:8c:10:86:
e0:a1:6a:3e:04:1e:8f:4a:bf:6d:50:31:63:1c:49:6b:44:a4:
d7:d7:1f:b8:8f:dd:31:44:7e:d4:50:26:72:ed:27:c0:ca:f1:
56:24:47:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH72NJt+6NEmy2Zu1HVZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjUwMTAxMTM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI3NzBmN2EwNjMyNDc4ZDIwMTk5MGM3MzExYTJmYzUwNzk3NjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fkzv/Pdd387ydUxYNQwojq5muJT
Wuw5pw1TEBkqZeHw/vdS3p553Nw0vWzCzW34XW55LrLoOV4iWgrZJOr/omFFoqw5
M9i1z4FXVeL+gzE3lGYIwatmOYcGzI3oX26z8oQ2xBrPYM7e+yJ+LiS3NPtlmE+a
nNeq1nDTIsQvVQLIYq4fqslVXrOKmv37Uo4Gzk5rma36fkSCcGW0alG3sQQ8kx32
Jm7qsIo+4xXI9HW6QPtDY8xb8WRkpvBcKVm0yV/R/Kpq+dudT87IH1KI4/hhy1b/
M2eU96LK7S0hNBcJ/ZTtlEINQmRH6jcEGdOSV+zogT93AIrpQjmK7BVbxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEu3cPegYyR40gGZDHMRovxQeXaAMB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvUzdkdzk2QmpKSGpTQVprTWN4R2lfRkI1ZG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0
LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApNdsMA0G
CSqGSIb3DQEBCwUAA4IBAQBjwtBVVegg6RJ7VBSxZQU5JuHVz4l1Hx8qlKlTvX9f
Ux77YMIFEhyqC3+r7MlVtcEL6EKAmnZ+G/OlhsslLAV3SIYh8zOWG6XnrDrOVXtf
3EL/7OusUxzffGzC20lhb5WrKgaoaeSIbkx6NR1q0RvURXbzgO80kl1zaFAo1LNt
l6jIMgZyBt0K1MtLvL6k2AmGIPt2LhPujrvQrPlyJ1fs5Njs/2GikpEyows1uKqn
CTGtfPRQ6LKs1EbSl27FKJtgAuMH7PVsoSlnXjS/n5cA8BYS6zKMEIbgoWo+BB6P
Sr9tUDFjHElrRKTX1x+4j90xRH7UUCZy7SfAyvFWJEcG
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:29:08 2025 by rpki-client