Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/96sb6hjyk3NHEjYaqa3e8Fg5yZM.roa
File: 96sb6hjyk3NHEjYaqa3e8Fg5yZM.roa (raw, json)
Hash identifier: uIlsPlBeNxexLegTdcx0AiQKI1s83jdXj1RJNt4KzWc=
Subject key identifier: F7:AB:1B:EA:18:F2:93:73:47:12:36:1A:A9:AD:DE:F0:58:39:C9:93
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D7065E85CFD3C993D15FDAE8392209
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/96sb6hjyk3NHEjYaqa3e8Fg5yZM.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 107.181.135.0/24 maxlen: 24
2a07:9940:3333::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:06:5e:85:cf:d3:c9:93:d1:5f:da:e8:39:22:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7ab1bea18f293734712361aa9addef05839c993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:00:0a:c2:68:75:2b:16:42:39:15:96:92:
05:e8:fa:5c:a6:6a:88:e8:49:26:0a:49:ec:ff:bd:
c3:fb:a7:8d:4e:7b:a1:d7:73:5f:76:08:41:ce:5a:
78:42:e6:d1:a2:0c:70:a0:e8:c7:0a:0a:97:8c:45:
1f:37:2a:7b:de:fe:47:25:b6:d4:1c:7a:c8:54:a8:
d9:dd:1f:1c:60:e6:ef:6d:a3:0d:f6:63:de:e8:63:
b9:6a:55:a5:e7:ed:21:db:62:f3:3f:df:e6:2f:e8:
de:3a:be:29:ed:35:22:1a:5c:d3:75:48:b1:d3:6c:
61:3d:30:45:88:d1:91:76:76:52:e9:42:fc:6d:94:
e1:88:b4:3f:0d:92:c1:e0:31:b3:6a:18:4b:d8:ec:
3d:22:b5:c4:79:33:0e:f1:86:38:f6:cd:0c:71:51:
41:71:35:3d:48:81:c8:74:42:6f:69:e9:2e:df:bb:
85:01:e6:ea:37:02:16:64:e0:aa:88:ea:73:de:56:
e7:91:27:33:f5:7f:90:1f:e1:b1:42:0a:f8:93:84:
22:1d:7c:1c:da:e7:08:72:df:67:97:bb:d4:1b:0c:
32:34:ac:10:73:b1:c5:a7:c9:52:08:cd:90:ca:6b:
c8:0e:41:22:e5:cc:af:ae:3d:e2:47:43:65:a9:ee:
d2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AB:1B:EA:18:F2:93:73:47:12:36:1A:A9:AD:DE:F0:58:39:C9:93
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/96sb6hjyk3NHEjYaqa3e8Fg5yZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.135.0/24
IPv6:
2a07:9940:3333::/48
Signature Algorithm: sha256WithRSAEncryption
04:3f:90:eb:c3:1b:49:d3:10:cd:19:9b:59:3c:42:f5:2a:59:
a1:af:7a:0a:98:dd:db:44:a1:dd:9d:f7:a3:6b:7b:13:40:9d:
98:11:e8:00:c6:db:21:ce:c1:3d:84:90:5b:e0:2c:f3:b0:b3:
d6:40:0d:07:96:5e:83:e5:ab:1d:c3:19:96:eb:1a:6e:f0:90:
eb:96:64:59:6d:03:3d:33:65:1e:da:e8:4b:37:19:04:4b:e9:
02:37:f0:91:bd:8e:cd:10:df:94:ee:8d:72:67:77:d0:db:2c:
e1:f8:9b:de:ab:cd:10:00:e1:cc:61:e6:57:8f:68:ec:bd:5e:
7b:52:68:f5:3e:0a:ef:25:a0:64:d4:98:76:5c:32:e9:04:80:
dc:cc:89:a4:f6:f5:63:4f:16:ae:93:b5:7d:09:e2:43:62:86:
76:1c:90:c8:a0:88:ec:52:cb:68:93:ed:e3:78:a2:07:e6:9b:
62:31:e3:aa:43:af:d3:92:e0:22:4c:00:27:1e:df:1b:ba:7c:
0f:53:03:65:64:7d:06:85:e6:b9:df:4b:27:b5:24:be:ba:08:
3f:e0:ae:fb:68:8e:96:83:ed:13:33:df:1e:87:47:9f:a4:bd:
05:ee:4b:11:4b:be:7a:34:bb:90:f4:9b:54:b4:d2:03:b1:f7:
9c:71:46:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1wZehc/TyZPRX9roOSIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FiMWJlYTE4ZjI5MzczNDcxMjM2MWFhOWFkZGVmMDU4MzljOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy4ACsJodSsWQjkVlpIF6PpcpmqI
6EkmCkns/73D+6eNTnuh13NfdghBzlp4QubRogxwoOjHCgqXjEUfNyp73v5HJbbU
HHrIVKjZ3R8cYObvbaMN9mPe6GO5alWl5+0h22LzP9/mL+jeOr4p7TUiGlzTdUix
02xhPTBFiNGRdnZS6UL8bZThiLQ/DZLB4DGzahhL2Ow9IrXEeTMO8YY49s0McVFB
cTU9SIHIdEJvaeku37uFAebqNwIWZOCqiOpz3lbnkScz9X+QH+GxQgr4k4QiHXwc
2ucIct9nl7vUGwwyNKwQc7HFp8lSCM2QymvIDkEi5cyvrj3iR0Nlqe7S7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPerG+oY8pNzRxI2Gqmt3vBYOcmTMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvOTZzYjZoanlrM05IRWpZYXFhM2U4Rmc1eVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAa7WHMA8E
AgACMAkDBwAqB5lAMzMwDQYJKoZIhvcNAQELBQADggEBAAQ/kOvDG0nTEM0Zm1k8
QvUqWaGvegqY3dtEod2d96NrexNAnZgR6ADG2yHOwT2EkFvgLPOws9ZADQeWXoPl
qx3DGZbrGm7wkOuWZFltAz0zZR7a6Es3GQRL6QI38JG9js0Q35TujXJnd9DbLOH4
m96rzRAA4cxh5lePaOy9XntSaPU+Cu8loGTUmHZcMukEgNzMiaT29WNPFq6TtX0J
4kNihnYckMigiOxSy2iT7eN4ogfmm2Ix46pDr9OS4CJMACce3xu6fA9TA2VkfQaF
5rnfSye1JL66CD/grvtojpaD7RMz3x6HR5+kvQXuSxFLvno0u5D0m1S00gOx95xx
RhQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:15:38 2025 by rpki-client