Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/Iahkzw7okoahDDlXTvYDXKPuL8o.roa
File: Iahkzw7okoahDDlXTvYDXKPuL8o.roa (raw, json)
Hash identifier: TIjo/tdT8xrr99HTt6ZhACYVeXhWInqljeu5sq/AmuM=
Subject key identifier: 21:A8:64:CF:0E:E8:92:86:A1:0C:39:57:4E:F6:03:5C:A3:EE:2F:CA
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01955C27636F55EDA83C88626F84C1A9A7EE
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/Iahkzw7okoahDDlXTvYDXKPuL8o.roa
Signing time: Mon 03 Mar 2025 13:17:19 +0000
ROA not before: Mon 03 Mar 2025 13:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58305
IP address blocks: 107.161.163.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.166.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
155.254.63.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a07:9942:39d6::/48 maxlen: 48
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
2a07:9946::/32 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:27:63:6f:55:ed:a8:3c:88:62:6f:84:c1:a9:a7:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Mar 3 13:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21a864cf0ee89286a10c39574ef6035ca3ee2fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:8d:38:e2:e8:d8:70:16:14:ab:d7:6a:02:
d7:ec:ae:cc:be:a0:2b:32:9f:5d:79:87:43:25:c2:
68:63:7a:d7:3d:fa:e8:90:1f:f5:cd:7e:0e:7d:d8:
55:d0:19:37:3f:8b:7b:cd:90:61:c5:d1:b1:18:cf:
79:3a:c1:12:62:cf:aa:07:f1:c8:ba:b9:1a:97:8c:
08:b5:8f:0e:ca:c0:1f:d4:aa:cf:3e:e3:af:02:08:
a6:2e:12:d9:ea:73:ea:7c:47:0c:f7:dc:85:3c:35:
a6:e7:2a:96:ea:3b:1b:f6:0e:13:c3:d4:0f:17:90:
51:eb:d7:18:92:10:f6:e5:89:20:7a:9c:09:af:40:
ea:d6:e5:46:49:2d:17:34:fa:08:3d:2f:13:76:57:
2b:37:64:76:55:ec:a5:78:b5:82:c3:0d:e4:57:fe:
66:4b:fa:bb:f4:25:17:6c:0c:6b:97:33:56:f5:6c:
71:06:a2:f7:ed:90:5a:ce:e5:f7:cd:b2:bc:58:dd:
a4:80:38:05:b5:87:4a:8d:fd:33:58:75:77:de:e9:
55:bf:e4:c9:47:c1:0d:b8:3b:06:ea:ef:9d:15:71:
a6:61:22:b1:23:8e:66:8c:40:ec:7f:4e:14:1a:3b:
e8:cf:1a:11:b4:f2:2d:b0:54:85:5b:21:10:5c:3c:
1a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A8:64:CF:0E:E8:92:86:A1:0C:39:57:4E:F6:03:5C:A3:EE:2F:CA
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/Iahkzw7okoahDDlXTvYDXKPuL8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
155.254.63.0/24
162.217.251.0/24
IPv6:
2a07:9942:39d6::/48
2a07:9944:40::/48
2a07:9945:45::/48
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
60:10:02:82:15:19:ec:d4:d4:ad:e3:5e:19:76:9c:2f:79:cd:
f1:44:ea:61:3c:02:d5:65:c0:e4:28:73:fe:66:7c:ef:42:af:
00:54:34:05:3a:65:a1:7c:cb:84:d9:35:64:09:4e:18:7a:7f:
0b:6e:c6:a8:be:03:9f:10:d3:b0:47:c6:c1:a1:59:00:c5:57:
17:f6:66:7e:89:2a:39:a5:3a:05:1d:9e:db:7f:a7:44:a2:da:
01:45:6d:29:e6:25:34:a4:89:dd:a2:1a:6d:47:be:6f:1f:e7:
ce:01:70:85:ba:7c:66:fe:14:51:6f:47:f5:25:44:4d:2f:7c:
3f:24:ff:83:42:be:b3:f6:06:02:ad:3b:7e:9e:41:0e:7b:b4:
31:c5:ea:05:fd:be:f3:0c:dc:73:9d:16:1a:14:49:6e:8f:e1:
77:59:65:84:5b:b6:cd:c5:8d:bf:65:25:ae:f1:05:2a:99:40:
51:e6:9b:f2:44:fb:c9:1b:f8:34:6f:e2:4b:09:40:a7:09:7c:
87:66:ce:72:38:6f:d4:c4:d2:6e:2b:bc:de:fe:48:45:fd:85:
9c:27:32:6c:90:61:d1:3c:4b:b0:19:8f:2a:40:8e:ef:3a:1a:
38:38:c1:67:7d:f5:96:35:d1:37:77:34:1c:f4:f2:b7:ac:49:
a8:f1:f6:47
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZVcJ2NvVe2oPIhib4TBqafuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMzAzMTMxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE4NjRjZjBlZTg5Mjg2YTEwYzM5NTc0ZWY2MDM1Y2EzZWUyZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXSNOOLo2HAWFKvXagLX7K7MvqAr
Mp9deYdDJcJoY3rXPfrokB/1zX4OfdhV0Bk3P4t7zZBhxdGxGM95OsESYs+qB/HI
urkal4wItY8OysAf1KrPPuOvAgimLhLZ6nPqfEcM99yFPDWm5yqW6jsb9g4Tw9QP
F5BR69cYkhD25YkgepwJr0Dq1uVGSS0XNPoIPS8TdlcrN2R2VeyleLWCww3kV/5m
S/q79CUXbAxrlzNW9WxxBqL37ZBazuX3zbK8WN2kgDgFtYdKjf0zWHV33ulVv+TJ
R8ENuDsG6u+dFXGmYSKxI45mjEDsf04UGjvozxoRtPItsFSFWyEQXDwaEQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCGoZM8O6JKGoQw5V072A1yj7i/KMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvSWFoa3p3N29rb2FoRERsWFR2WURYS1B1TDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAmBAIAATAgMAwDBABroaMD
BANroaADBAFroawDBACb/j8DBACi2fswKAQCAAIwIgMHACoHmUI51gMHACoHmUQA
QAMHACoHmUUARQMFASoHmUYwDQYJKoZIhvcNAQELBQADggEBAGAQAoIVGezU1K3j
Xhl2nC95zfFE6mE8AtVlwOQoc/5mfO9CrwBUNAU6ZaF8y4TZNWQJThh6fwtuxqi+
A58Q07BHxsGhWQDFVxf2Zn6JKjmlOgUdntt/p0Si2gFFbSnmJTSkid2iGm1Hvm8f
584BcIW6fGb+FFFvR/UlRE0vfD8k/4NCvrP2BgKtO36eQQ57tDHF6gX9vvMM3HOd
FhoUSW6P4XdZZYRbts3Fjb9lJa7xBSqZQFHmm/JE+8kb+DRv4ksJQKcJfIdmznI4
b9TE0m4rvN7+SEX9hZwnMmyQYdE8S7AZjypAju86Gjg4wWd99ZY10Td3NBz08res
Sajx9kc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:23:11 2025 by rpki-client