Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/O4QhAcKMge8fja4p-gQtd2mlUfs.roa
File: O4QhAcKMge8fja4p-gQtd2mlUfs.roa (raw, json)
Hash identifier: UeqyKrVSUO9ZLmyLCx9e+DuNiKPATkV6fezZWzVqIMs=
Subject key identifier: 3B:84:21:01:C2:8C:81:EF:1F:8D:AE:29:FA:04:2D:77:69:A5:51:FB
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01955C27626DB968C9251D6D2B7D0E8C288E
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/O4QhAcKMge8fja4p-gQtd2mlUfs.roa
Signing time: Mon 03 Mar 2025 13:17:19 +0000
ROA not before: Mon 03 Mar 2025 13:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 107.161.163.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.166.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
155.254.63.0/24 maxlen: 24
2a07:9942:39d6::/48 maxlen: 48
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
2a07:9946::/32 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:27:62:6d:b9:68:c9:25:1d:6d:2b:7d:0e:8c:28:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Mar 3 13:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b842101c28c81ef1f8dae29fa042d7769a551fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:3e:7a:84:e0:54:2e:73:e0:6c:bc:44:12:
d2:4a:1f:00:45:d6:49:cf:98:94:25:21:0e:47:f9:
b8:df:b7:86:47:f5:3c:47:59:65:fe:f2:83:b5:ff:
9c:45:3c:23:a1:25:e6:58:06:77:54:a0:93:92:ed:
8d:48:c7:d2:8b:fe:c3:97:c2:88:c2:ab:80:f5:86:
71:59:62:0b:71:73:78:c4:80:3c:46:96:be:2b:57:
38:c2:e9:64:e0:b1:90:8b:a5:10:f8:aa:5c:1f:cc:
d5:e3:59:88:77:2e:4d:d2:f5:f1:b1:f7:84:6f:bd:
48:53:1d:e5:82:6a:39:00:fd:d2:21:32:29:ea:c2:
02:ee:6c:b8:59:6c:46:a9:fb:ef:ef:2f:6a:94:4f:
59:b0:bd:2b:2a:96:4e:e2:f0:e1:b8:76:08:e2:5c:
e8:30:4d:5f:08:eb:e1:6c:4a:06:8c:91:d9:01:37:
fd:7a:14:eb:5d:33:47:dc:2a:67:b0:7f:bc:33:a5:
9d:4b:f0:4c:3b:a5:35:ff:1d:0c:e9:3b:87:a6:e5:
87:56:c8:51:a2:69:bd:6a:0e:e0:a4:25:34:84:ae:
09:96:a8:89:f3:b2:f2:e6:82:4f:e6:b7:c5:be:71:
c8:81:b3:68:3b:a7:04:bb:d8:06:3e:5d:f6:a5:e8:
46:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:84:21:01:C2:8C:81:EF:1F:8D:AE:29:FA:04:2D:77:69:A5:51:FB
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/O4QhAcKMge8fja4p-gQtd2mlUfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
155.254.63.0/24
IPv6:
2a07:9942:39d6::/48
2a07:9944:40::/48
2a07:9945:45::/48
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
96:9f:01:57:a5:9a:ce:66:de:e7:16:45:c6:35:42:5e:0b:80:
82:c8:8b:36:30:b7:54:b5:79:30:fa:25:e4:63:91:e4:67:83:
a0:10:70:b8:37:b4:8b:9b:bd:ba:fb:0b:94:58:8c:5f:b6:d2:
42:b0:45:1f:4b:a6:d2:04:b9:e2:f1:0e:78:ee:0f:57:e8:a1:
0e:38:ca:81:17:b9:af:5e:aa:54:ec:26:24:bf:1e:8b:b3:b3:
ea:32:f8:99:85:75:02:57:91:1d:99:6a:c4:0f:07:c0:db:8a:
72:5d:3f:58:ae:5a:ad:d6:bb:ae:2c:aa:6d:60:db:cd:29:09:
f3:89:4d:8d:cf:17:12:2e:b2:3e:d2:bc:7e:37:32:ee:0d:2a:
77:c5:d9:8a:95:79:e9:ee:b3:f3:c4:28:52:2f:11:a1:08:09:
8f:e6:fe:f2:4c:f0:4d:a5:0c:55:c4:77:15:5c:97:42:0c:0a:
01:61:54:2e:c6:ca:39:d9:ae:d3:7e:00:6f:89:bb:0e:77:9f:
c2:63:e5:15:76:81:ff:96:7b:f0:5f:2f:91:59:7a:d2:9f:80:
ec:d1:b2:d4:b8:8b:10:8c:66:50:d1:a7:f0:07:aa:62:58:dd:
d1:18:7d:4e:92:2e:46:b7:73:77:29:6d:16:2f:38:f5:3c:62:
93:46:99:96
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZVcJ2JtuWjJJR1tK30OjCiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMzAzMTMxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg0MjEwMWMyOGM4MWVmMWY4ZGFlMjlmYTA0MmQ3NzY5YTU1MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofo+eoTgVC5z4Gy8RBLSSh8ARdZJ
z5iUJSEOR/m437eGR/U8R1ll/vKDtf+cRTwjoSXmWAZ3VKCTku2NSMfSi/7Dl8KI
wquA9YZxWWILcXN4xIA8Rpa+K1c4wulk4LGQi6UQ+KpcH8zV41mIdy5N0vXxsfeE
b71IUx3lgmo5AP3SITIp6sIC7my4WWxGqfvv7y9qlE9ZsL0rKpZO4vDhuHYI4lzo
ME1fCOvhbEoGjJHZATf9ehTrXTNH3CpnsH+8M6WdS/BMO6U1/x0M6TuHpuWHVshR
omm9ag7gpCU0hK4JlqiJ87Ly5oJP5rfFvnHIgbNoO6cEu9gGPl32pehGyQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDuEIQHCjIHvH42uKfoELXdppVH7MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvTzRRaEFjS01nZThmamE0cC1nUXRkMm1sVWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAgBAIAATAaMAwDBABroaMD
BANroaADBAFroawDBACb/j8wKAQCAAIwIgMHACoHmUI51gMHACoHmUQAQAMHACoH
mUUARQMFASoHmUYwDQYJKoZIhvcNAQELBQADggEBAJafAVelms5m3ucWRcY1Ql4L
gILIizYwt1S1eTD6JeRjkeRng6AQcLg3tIubvbr7C5RYjF+20kKwRR9LptIEueLx
DnjuD1fooQ44yoEXua9eqlTsJiS/Houzs+oy+JmFdQJXkR2ZasQPB8DbinJdP1iu
Wq3Wu64sqm1g280pCfOJTY3PFxIusj7SvH43Mu4NKnfF2YqVeenus/PEKFIvEaEI
CY/m/vJM8E2lDFXEdxVcl0IMCgFhVC7GyjnZrtN+AG+Juw53n8Jj5RV2gf+We/Bf
L5FZetKfgOzRstS4ixCMZlDRp/AHqmJY3dEYfU6SLka3c3cpbRYvOPU8YpNGmZY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:53 2025 by rpki-client