Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/07bf5b-0340-434e-a444-f0761e29e6c4/1/1KzANFt0aPj0q7oH7exbtu-amXU.roa
File: 1KzANFt0aPj0q7oH7exbtu-amXU.roa (raw, json)
Hash identifier: mW2duFDxzUlFHO8La7Ej6q1lO3QaO9KQzC0XOixRqPM=
Subject key identifier: D4:AC:C0:34:5B:74:68:F8:F4:AB:BA:07:ED:EC:5B:B6:EF:9A:99:75
Certificate issuer: /CN=66ec789976d3b584016cac19f34bbede966cd230
Certificate serial: 019423D73BCB498DD8934C9C9107CBF85163
Authority key identifier: 66:EC:78:99:76:D3:B5:84:01:6C:AC:19:F3:4B:BE:DE:96:6C:D2:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zux4mXbTtYQBbKwZ80u-3pZs0jA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/07bf5b-0340-434e-a444-f0761e29e6c4/1/1KzANFt0aPj0q7oH7exbtu-amXU.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203201
IP address blocks: 171.22.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3b:cb:49:8d:d8:93:4c:9c:91:07:cb:f8:51:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ec789976d3b584016cac19f34bbede966cd230
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4acc0345b7468f8f4abba07edec5bb6ef9a9975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:90:7c:98:b5:1e:dc:a6:9e:4b:a4:4a:07:29:
ca:b2:97:cc:d6:54:53:24:24:c3:eb:a4:a6:5d:c1:
ea:e6:e7:1f:a3:77:52:7f:77:6b:17:67:09:62:7b:
8a:91:61:ce:7d:56:cc:1b:31:c9:87:34:a2:49:61:
85:c3:ba:f2:48:7f:6d:a3:a4:71:81:33:ae:c7:9b:
9b:fb:e5:a9:d6:69:b5:16:cb:a6:a6:5e:97:20:1a:
72:0e:23:be:05:aa:97:b4:7d:8c:11:6b:85:85:c7:
ea:f2:44:dc:a6:86:02:b4:10:9c:ed:c8:6d:7f:76:
9d:8b:c7:b4:56:3a:0d:10:15:16:26:82:ed:ea:0b:
08:6e:c9:e7:ae:f7:e3:e3:a8:cb:5d:80:67:2c:9c:
6d:71:cc:13:b2:60:fd:58:bf:d2:e2:9f:32:32:df:
70:6d:18:b6:ef:7f:f2:a0:c8:35:80:c9:cd:0e:69:
32:79:54:8a:9b:85:43:ad:21:9a:08:e8:b1:3d:e4:
6d:b4:4a:c0:2c:1f:19:cc:fd:f0:21:f0:2f:f4:90:
61:ce:bd:3d:1d:c6:4c:c6:e6:8f:aa:8a:a8:6e:8a:
89:79:1c:7a:7f:e0:cc:aa:3b:37:65:97:93:4b:2b:
9e:45:1c:b7:fb:cf:5a:c0:fd:54:1b:1a:6e:90:9f:
71:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AC:C0:34:5B:74:68:F8:F4:AB:BA:07:ED:EC:5B:B6:EF:9A:99:75
X509v3 Authority Key Identifier:
keyid:66:EC:78:99:76:D3:B5:84:01:6C:AC:19:F3:4B:BE:DE:96:6C:D2:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zux4mXbTtYQBbKwZ80u-3pZs0jA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/07bf5b-0340-434e-a444-f0761e29e6c4/1/1KzANFt0aPj0q7oH7exbtu-amXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/07bf5b-0340-434e-a444-f0761e29e6c4/1/Zux4mXbTtYQBbKwZ80u-3pZs0jA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.44.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:9e:41:fc:45:bd:4b:50:4b:54:b1:2c:a2:75:af:6c:21:03:
78:0c:04:71:bc:00:29:44:d2:e2:fa:25:a3:a5:43:5b:d5:b7:
18:f4:ef:49:b8:c9:05:0a:a2:5d:10:87:58:72:92:9e:23:2c:
31:e1:f4:60:35:d1:36:69:fc:49:a2:3a:2f:08:fe:aa:dc:ef:
19:69:c5:d2:e8:2f:d9:ff:20:81:07:d5:f5:94:e6:d4:cb:11:
ad:10:23:0c:72:69:61:62:7e:1f:52:42:df:5e:c0:a2:44:2d:
4f:d6:f5:64:2b:39:91:72:58:65:35:e2:8b:d5:9e:b3:dd:29:
3a:3e:4b:fe:ec:11:59:1a:37:6e:b1:5b:f3:c9:fd:bb:be:77:
1f:f0:28:2a:69:df:8d:d8:19:52:f3:c5:cc:56:09:21:eb:77:
84:32:3c:c7:e6:af:f2:11:62:1c:d1:e8:7f:14:6d:1a:3f:2a:
29:b4:6a:87:4c:b5:e7:b3:e2:42:cb:a4:12:79:9d:3b:f7:0b:
30:e1:b4:55:d8:af:3f:47:70:35:d0:8f:5e:d6:8e:04:19:08:
0b:66:02:18:c8:82:36:78:f1:11:1d:d2:8f:f2:90:ed:ac:b6:
0c:e5:19:26:27:cb:3b:5d:83:e2:9b:62:02:93:8c:cf:a1:83:
5b:a0:db:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1zvLSY3Yk0yckQfL+FFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWM3ODk5NzZkM2I1ODQwMTZjYWMxOWYzNGJiZWRlOTY2
Y2QyMzAwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFjYzAzNDViNzQ2OGY4ZjRhYmJhMDdlZGVjNWJiNmVmOWE5OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25B8mLUe3KaeS6RKBynKspfM1lRT
JCTD66SmXcHq5ucfo3dSf3drF2cJYnuKkWHOfVbMGzHJhzSiSWGFw7rySH9to6Rx
gTOux5ub++Wp1mm1Fsumpl6XIBpyDiO+BaqXtH2MEWuFhcfq8kTcpoYCtBCc7cht
f3adi8e0VjoNEBUWJoLt6gsIbsnnrvfj46jLXYBnLJxtccwTsmD9WL/S4p8yMt9w
bRi273/yoMg1gMnNDmkyeVSKm4VDrSGaCOixPeRttErALB8ZzP3wIfAv9JBhzr09
HcZMxuaPqoqoboqJeRx6f+DMqjs3ZZeTSyueRRy3+89awP1UGxpukJ9xBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSswDRbdGj49Ku6B+3sW7bvmpl1MB8GA1UdIwQY
MBaAFGbseJl207WEAWysGfNLvt6WbNIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnV4NG1YYlR0WVFCYkt3WjgwdS0zcFpzMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8wN2JmNWItMDM0MC00MzRlLWE0NDQt
ZjA3NjFlMjllNmM0LzEvMUt6QU5GdDBhUGowcTdvSDdleGJ0dS1hbVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8wN2JmNWItMDM0MC00MzRlLWE0NDQtZjA3NjFlMjllNmM0
LzEvWnV4NG1YYlR0WVFCYkt3WjgwdS0zcFpzMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxYsMA0G
CSqGSIb3DQEBCwUAA4IBAQCNnkH8Rb1LUEtUsSyida9sIQN4DARxvAApRNLi+iWj
pUNb1bcY9O9JuMkFCqJdEIdYcpKeIywx4fRgNdE2afxJojovCP6q3O8ZacXS6C/Z
/yCBB9X1lObUyxGtECMMcmlhYn4fUkLfXsCiRC1P1vVkKzmRclhlNeKL1Z6z3Sk6
Pkv+7BFZGjdusVvzyf27vncf8Cgqad+N2BlS88XMVgkh63eEMjzH5q/yEWIc0eh/
FG0aPyoptGqHTLXns+JCy6QSeZ079wsw4bRV2K8/R3A10I9e1o4EGQgLZgIYyII2
ePERHdKP8pDtrLYM5RkmJ8s7XYPim2ICk4zPoYNboNs/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:44 2025 by rpki-client