Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/tSbofo34srUr471Sv9rb867Ytw4.roa
File: tSbofo34srUr471Sv9rb867Ytw4.roa (raw, json)
Hash identifier: 851ayqgYRS2+fNAYDvkCWgkx1uIDrWdxY97ygaPGxXg=
Subject key identifier: B5:26:E8:7E:8D:F8:B2:B5:2B:E3:BD:52:BF:DA:DB:F3:AE:D8:B7:0E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD242683EEF2EF9D3DDAC18EC4D6C4
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/tSbofo34srUr471Sv9rb867Ytw4.roa
Signing time: Thu 02 Jan 2025 07:48:54 +0000
ROA not before: Thu 02 Jan 2025 07:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149428
IP address blocks: 64.137.28.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
138.128.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:24:26:83:ee:f2:ef:9d:3d:da:c1:8e:c4:d6:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b526e87e8df8b2b52be3bd52bfdadbf3aed8b70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:14:31:2a:ee:4c:1f:c7:7c:47:73:fd:0a:50:
15:62:f0:af:e7:15:c4:db:84:c6:ce:17:21:c2:66:
ba:8d:30:3a:90:8c:66:92:8a:4e:87:34:bf:57:79:
ea:91:06:c2:ca:4f:b3:5e:bb:77:5c:f9:06:16:d1:
1e:1b:5a:1e:19:da:0d:b2:82:90:18:27:46:ad:ab:
a6:cb:cc:d9:00:bb:de:ac:e3:25:1f:94:70:c7:b2:
af:a6:16:32:a9:8b:67:4c:27:d3:a8:06:17:6d:96:
0e:1d:cb:2a:aa:f2:b6:fc:cb:4e:e9:89:4f:59:4c:
ab:7e:55:7f:59:b3:b3:64:88:00:28:39:24:ec:23:
77:53:1d:7b:4f:bf:66:48:1e:af:22:bb:58:bd:ed:
37:cf:03:bb:22:c3:77:8f:1f:1f:47:c6:f6:df:92:
c8:95:1e:1e:7c:11:2d:e7:b9:41:88:df:e4:64:27:
e0:d6:35:72:a9:ea:9b:7b:74:77:41:44:83:03:a4:
48:84:bf:8d:5f:29:82:04:bf:bf:84:77:5a:32:e9:
8a:87:38:ad:dc:bc:b3:6f:7e:b7:7a:b1:cb:85:bd:
a0:7f:32:f8:46:fa:c4:3f:51:77:ab:f5:d1:97:dd:
31:3a:8e:c4:5d:1d:1b:c6:8f:19:d6:4f:e2:a2:32:
25:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:26:E8:7E:8D:F8:B2:B5:2B:E3:BD:52:BF:DA:DB:F3:AE:D8:B7:0E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/tSbofo34srUr471Sv9rb867Ytw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.28.0/24
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.84.0/23
104.239.96.0/23
138.128.159.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:72:b1:85:81:e7:5a:94:3f:bc:ad:cb:9f:db:c7:2c:24:4e:
40:8f:3b:a0:00:ab:7f:65:63:85:f8:ca:4b:09:c5:be:1b:a4:
f5:20:28:ac:5c:07:d0:ee:ba:36:b9:b2:a1:a8:03:eb:72:f8:
c3:cc:12:87:68:7b:39:b9:12:45:57:6e:94:15:a8:1b:40:c9:
ce:8b:42:2e:3c:4d:f7:15:71:e2:ff:ef:4a:d2:0a:91:60:37:
1f:1d:61:6c:33:50:06:8f:33:2b:56:a1:c3:2d:56:d1:ca:3e:
84:69:ab:6d:69:ec:96:09:e9:28:0c:f9:7c:51:43:87:0e:0d:
d5:fe:33:e1:87:b1:42:2e:58:a9:73:eb:a2:61:e5:d7:27:82:
f7:38:1f:49:cc:4e:b6:ae:1b:4c:c8:d7:08:31:e3:33:8b:8a:
8a:ba:ec:b2:22:90:ba:95:37:9f:2b:6f:57:ec:00:df:68:63:
2c:d9:34:65:0d:6e:f6:25:9b:21:9c:0c:3b:8b:da:d0:bd:64:
a6:71:c3:dc:c4:7c:fb:b5:c1:71:3d:b8:8e:a2:2a:e2:50:01:
1a:c6:c9:83:f7:c2:07:35:af:6d:2c:16:4e:14:b1:c7:41:fc:
33:d9:63:ec:6a:25:ac:ca:4d:1b:de:2f:15:de:10:99:51:f1:
f5:70:af:87
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQl/SQmg+7y75092sGOxNbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI2ZTg3ZThkZjhiMmI1MmJlM2JkNTJiZmRhZGJmM2FlZDhiNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xQxKu5MH8d8R3P9ClAVYvCv5xXE
24TGzhchwma6jTA6kIxmkopOhzS/V3nqkQbCyk+zXrt3XPkGFtEeG1oeGdoNsoKQ
GCdGraumy8zZALverOMlH5Rwx7KvphYyqYtnTCfTqAYXbZYOHcsqqvK2/MtO6YlP
WUyrflV/WbOzZIgAKDkk7CN3Ux17T79mSB6vIrtYve03zwO7IsN3jx8fR8b235LI
lR4efBEt57lBiN/kZCfg1jVyqeqbe3R3QUSDA6RIhL+NXymCBL+/hHdaMumKhzit
3Lyzb363erHLhb2gfzL4RvrEP1F3q/XRl90xOo7EXR0bxo8Z1k/iojIlXwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLUm6H6N+LK1K+O9Ur/a2/Ou2LcOMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdFNib2ZvMzRzclVyNDcxU3Y5cmI4NjdZdHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAQIkcAwQA
aO4OMAwDBABo7hMDBABo7hQDBAFo71QDBAFo72ADBACKgJ8wDQYJKoZIhvcNAQEL
BQADggEBAD5ysYWB51qUP7yty5/bxywkTkCPO6AAq39lY4X4yksJxb4bpPUgKKxc
B9Duuja5sqGoA+ty+MPMEodoezm5EkVXbpQVqBtAyc6LQi48TfcVceL/70rSCpFg
Nx8dYWwzUAaPMytWocMtVtHKPoRpq21p7JYJ6SgM+XxRQ4cODdX+M+GHsUIuWKlz
66Jh5dcngvc4H0nMTrauG0zI1wgx4zOLioq67LIikLqVN58rb1fsAN9oYyzZNGUN
bvYlmyGcDDuL2tC9ZKZxw9zEfPu1wXE9uI6iKuJQARrGyYP3wgc1r20sFk4UscdB
/DPZY+xqJazKTRveLxXeEJlR8fVwr4c=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:40:17 2025 by rpki-client