Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HyIoF8Yiex9w6zEsH5svMJ4UP_s.roa
File: HyIoF8Yiex9w6zEsH5svMJ4UP_s.roa (raw, json)
Hash identifier: K7OjNgSdAnqBjOw3hW71Yxrg18OB8nuJeiXxnSlj0mE=
Subject key identifier: 1F:22:28:17:C6:22:7B:1F:70:EB:31:2C:1F:9B:2F:30:9E:14:3F:FB
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD275720A794B8C5562B9390D7C610
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HyIoF8Yiex9w6zEsH5svMJ4UP_s.roa
Signing time: Thu 02 Jan 2025 07:48:55 +0000
ROA not before: Thu 02 Jan 2025 07:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205964
IP address blocks: 64.137.70.0/23 maxlen: 23
64.137.105.0/24 maxlen: 24
64.137.107.0/24 maxlen: 24
104.143.248.0/22 maxlen: 22
104.143.254.0/23 maxlen: 23
104.239.0.0/23 maxlen: 23
104.239.2.0/23 maxlen: 23
104.239.4.0/23 maxlen: 23
104.239.6.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:27:57:20:a7:94:b8:c5:56:2b:93:90:d7:c6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f222817c6227b1f70eb312c1f9b2f309e143ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:3e:f8:d7:a7:92:57:b3:34:3c:c2:4f:88:
ec:99:e9:3e:05:b1:4d:c6:c7:14:a0:55:c8:df:45:
c1:82:eb:cf:dd:21:6d:c5:df:da:f1:5a:ac:d0:a5:
5d:58:1c:b0:22:8d:87:70:0f:24:31:34:6c:70:16:
3d:85:fe:d8:69:0d:06:07:48:4d:47:43:45:be:dc:
a5:fc:70:cb:5f:ac:66:88:7a:bc:f3:2a:ca:92:d5:
b5:2e:b7:b5:3e:28:a8:d7:f8:00:16:e0:99:11:49:
08:41:ed:ee:ce:57:5d:43:9a:17:df:35:fe:e7:7a:
26:81:ec:6f:47:fb:87:d1:e5:ab:6c:08:b0:c9:2b:
99:ae:c4:32:77:5a:aa:04:ac:f0:34:f1:54:19:aa:
8b:84:c8:e9:6c:e9:97:8b:d5:8e:2d:1d:e9:10:0c:
87:70:0b:ba:b0:69:bb:f2:24:dc:20:f5:5c:55:f5:
f0:70:be:86:0a:4d:72:e2:07:6d:df:fd:ab:a0:aa:
99:b4:c6:1d:32:26:8e:db:9b:ea:35:f8:18:89:7e:
95:f7:3b:eb:f6:43:99:61:8f:d5:4f:db:15:f1:68:
0b:aa:fe:ec:b0:33:30:a0:e9:e5:ca:13:cd:fb:8c:
50:d0:4d:c2:ca:9c:13:80:fd:24:ff:db:d6:ed:a6:
6d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:28:17:C6:22:7B:1F:70:EB:31:2C:1F:9B:2F:30:9E:14:3F:FB
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HyIoF8Yiex9w6zEsH5svMJ4UP_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.70.0/23
64.137.105.0/24
64.137.107.0/24
104.143.248.0/22
104.143.254.0/23
104.239.0.0/21
Signature Algorithm: sha256WithRSAEncryption
57:70:dd:e0:2f:52:93:06:04:52:22:1c:ba:89:de:8b:0e:8c:
c9:49:00:08:59:7b:51:9b:41:14:a3:7b:2a:28:9d:50:24:26:
28:e9:a4:4b:69:41:02:66:18:5a:18:7b:25:c8:0c:45:f8:55:
f1:0b:37:21:d7:d0:33:48:69:b8:22:72:20:f3:9b:d3:98:9a:
ba:81:4c:09:3d:84:49:79:e1:4c:37:f5:06:03:02:3c:3b:d7:
df:e4:80:9a:12:68:93:a3:54:b3:d9:42:ce:b0:7e:11:81:c4:
3f:de:4f:08:47:0e:b8:30:d8:a6:f0:a4:b3:eb:dd:d3:f5:33:
87:93:8d:03:d6:17:79:aa:35:fc:b7:c7:41:6c:d6:52:60:86:
de:4f:59:72:6e:3a:3d:ae:99:1c:fd:33:c2:12:a9:36:9b:07:
9d:f5:d1:b0:87:6c:e3:eb:c0:81:a7:42:3b:5c:7b:f8:80:06:
9c:9b:1b:97:56:88:fd:ab:74:7a:b1:e4:35:6d:0b:72:ff:9c:
c3:4d:25:51:6c:ad:e4:15:73:a2:31:f9:15:92:eb:21:3e:d2:
a0:7a:a4:f0:94:5d:ca:47:a5:84:5a:77:5a:d3:09:99:af:23:
5c:06:27:f8:ed:66:4e:d9:df:da:19:51:8e:22:1d:c8:43:70:
3c:f0:1f:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/SdXIKeUuMVWK5OQ18YQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjIyMjgxN2M2MjI3YjFmNzBlYjMxMmMxZjliMmYzMDllMTQzZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8U++NenklezNDzCT4jsmek+BbFN
xscUoFXI30XBguvP3SFtxd/a8Vqs0KVdWBywIo2HcA8kMTRscBY9hf7YaQ0GB0hN
R0NFvtyl/HDLX6xmiHq88yrKktW1Lre1Piio1/gAFuCZEUkIQe3uzlddQ5oX3zX+
53omgexvR/uH0eWrbAiwySuZrsQyd1qqBKzwNPFUGaqLhMjpbOmXi9WOLR3pEAyH
cAu6sGm78iTcIPVcVfXwcL6GCk1y4gdt3/2roKqZtMYdMiaO25vqNfgYiX6V9zvr
9kOZYY/VT9sV8WgLqv7ssDMwoOnlyhPN+4xQ0E3CypwTgP0k/9vW7aZtxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB8iKBfGInsfcOsxLB+bLzCeFD/7MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSHlJb0Y4WWlleDl3NnpFc0g1c3ZNSjRVUF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBQIlGAwQA
QIlpAwQAQIlrAwQCaI/4AwQBaI/+AwQDaO8AMA0GCSqGSIb3DQEBCwUAA4IBAQBX
cN3gL1KTBgRSIhy6id6LDozJSQAIWXtRm0EUo3sqKJ1QJCYo6aRLaUECZhhaGHsl
yAxF+FXxCzch19AzSGm4InIg85vTmJq6gUwJPYRJeeFMN/UGAwI8O9ff5ICaEmiT
o1Sz2ULOsH4RgcQ/3k8IRw64MNim8KSz693T9TOHk40D1hd5qjX8t8dBbNZSYIbe
T1lybjo9rpkc/TPCEqk2mwed9dGwh2zj68CBp0I7XHv4gAacmxuXVoj9q3R6seQ1
bQty/5zDTSVRbK3kFXOiMfkVkushPtKgeqTwlF3KR6WEWnda0wmZryNcBif47WZO
2d/aGVGOIh3IQ3A88B8L
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:55:48 2025 by rpki-client