Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/CnW3qR_oIITaOQij9dhtcxmI3Ew.roa
File: CnW3qR_oIITaOQij9dhtcxmI3Ew.roa (raw, json)
Hash identifier: c6jiCaV7kJAiM633jZnJHCKNng9Erj/W/XlTBj+QRpY=
Subject key identifier: 0A:75:B7:A9:1F:E8:20:84:DA:39:08:A3:F5:D8:6D:73:19:88:DC:4C
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01942220119E99F5844F312F8E0124CF2CFD
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/CnW3qR_oIITaOQij9dhtcxmI3Ew.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4775
IP address blocks: 163.171.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:11:9e:99:f5:84:4f:31:2f:8e:01:24:cf:2c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a75b7a91fe82084da3908a3f5d86d731988dc4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a0:df:57:90:06:72:b0:61:d1:a7:fd:8c:0b:
fd:d9:85:4a:60:4b:52:20:3c:e5:3b:5f:12:f1:b9:
57:fb:13:7c:cd:54:18:bd:03:33:56:06:e8:57:ab:
26:ba:d1:73:c8:c6:d9:85:3d:2b:3b:ee:c5:30:c6:
ae:35:0b:c9:32:b1:e0:78:12:f3:72:39:22:37:40:
4c:85:de:41:80:4e:a4:c3:ef:ee:64:91:06:9f:6d:
37:6d:63:41:cf:1b:50:d7:d8:69:36:5a:e6:49:91:
b8:8b:d9:91:89:bc:2e:04:9c:be:20:ea:5f:df:ef:
6e:33:03:63:b1:22:44:a8:03:b8:4e:1e:95:6f:84:
e5:54:2c:90:d4:c0:39:48:fb:8b:8f:8b:59:65:cc:
94:f4:b3:92:a2:ea:6d:02:ad:5e:e4:2a:3f:46:b9:
8b:6c:b1:6e:de:ce:29:dc:f4:5a:81:ae:b3:f7:61:
09:78:9b:50:4f:9f:03:fc:de:af:43:9a:4b:25:b9:
5e:18:eb:d0:03:21:a6:a3:25:a2:6e:38:7c:03:84:
4f:1c:dd:c1:fd:8f:b4:9b:6b:67:9d:0c:d1:e4:cb:
40:d8:dd:31:24:08:db:56:94:70:29:6d:4a:5c:24:
e0:fb:90:e5:4f:e8:63:26:60:e4:99:f6:52:43:b6:
2d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:75:B7:A9:1F:E8:20:84:DA:39:08:A3:F5:D8:6D:73:19:88:DC:4C
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/CnW3qR_oIITaOQij9dhtcxmI3Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.65.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:6f:30:ea:fd:c6:f5:74:65:3c:46:dc:09:60:ec:8e:2f:ab:
a4:76:f9:f2:26:b7:72:4b:bb:69:f4:95:49:a2:52:89:b5:0d:
39:26:c9:b3:e4:c9:b8:66:22:5b:46:51:a0:56:b0:44:52:c4:
70:47:f3:8b:d6:b0:35:cc:57:32:4a:86:bc:66:46:ed:12:7b:
9e:b4:eb:c4:80:d3:0a:10:fb:d7:13:dc:27:1a:39:e6:c1:e4:
61:ab:c3:49:85:53:89:68:54:f4:b3:fb:4c:44:3f:63:8b:4a:
7f:ea:07:c4:bb:c5:c5:95:02:1f:1d:af:fc:ee:fc:71:0a:b2:
85:f3:22:1f:a9:d8:2c:1b:97:42:fa:cc:10:96:12:7d:d0:e6:
bc:3f:0e:6c:3c:9e:ef:4d:c3:85:d4:df:ae:62:fb:ce:ab:90:
dd:8d:86:a3:94:39:6c:80:cf:8d:03:98:39:b0:3f:bc:54:5f:
45:c7:b2:05:b4:03:51:fe:13:dd:c1:17:2e:8f:e3:ea:eb:7b:
86:be:97:bd:ee:bb:43:98:b0:76:39:a5:45:d9:40:c3:30:e0:
f3:e4:f9:39:cf:a6:7a:6c:8d:de:b7:b0:5d:70:c4:0f:6f:96:
cd:df:3d:b5:33:86:9f:9a:a8:94:f2:6d:28:20:61:50:98:3b:
0f:71:9d:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBGemfWETzEvjgEkzyz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc1YjdhOTFmZTgyMDg0ZGEzOTA4YTNmNWQ4NmQ3MzE5ODhkYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qDfV5AGcrBh0af9jAv92YVKYEtS
IDzlO18S8blX+xN8zVQYvQMzVgboV6smutFzyMbZhT0rO+7FMMauNQvJMrHgeBLz
cjkiN0BMhd5BgE6kw+/uZJEGn203bWNBzxtQ19hpNlrmSZG4i9mRibwuBJy+IOpf
3+9uMwNjsSJEqAO4Th6Vb4TlVCyQ1MA5SPuLj4tZZcyU9LOSouptAq1e5Co/RrmL
bLFu3s4p3PRaga6z92EJeJtQT58D/N6vQ5pLJbleGOvQAyGmoyWibjh8A4RPHN3B
/Y+0m2tnnQzR5MtA2N0xJAjbVpRwKW1KXCTg+5DlT+hjJmDkmfZSQ7YtcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAp1t6kf6CCE2jkIo/XYbXMZiNxMMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvQ25XM3FSX29JSVRhT1FpajlkaHRjeG1JM0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo6tBMA0G
CSqGSIb3DQEBCwUAA4IBAQDRbzDq/cb1dGU8RtwJYOyOL6ukdvnyJrdyS7tp9JVJ
olKJtQ05Jsmz5Mm4ZiJbRlGgVrBEUsRwR/OL1rA1zFcySoa8ZkbtEnuetOvEgNMK
EPvXE9wnGjnmweRhq8NJhVOJaFT0s/tMRD9ji0p/6gfEu8XFlQIfHa/87vxxCrKF
8yIfqdgsG5dC+swQlhJ90Oa8Pw5sPJ7vTcOF1N+uYvvOq5DdjYajlDlsgM+NA5g5
sD+8VF9Fx7IFtANR/hPdwRcuj+Pq63uGvpe97rtDmLB2OaVF2UDDMODz5Pk5z6Z6
bI3et7BdcMQPb5bN3z21M4afmqiU8m0oIGFQmDsPcZ0A
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:36:14 2025 by rpki-client