Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/5IllgiEg_Kacb7UmiHvV_WHqc6k.roa
File: 5IllgiEg_Kacb7UmiHvV_WHqc6k.roa (raw, json)
Hash identifier: Y+haDLVt+MOUs0C1omGak1heyXm5J4k9/di/w9xDt/o=
Subject key identifier: E4:89:65:82:21:20:FC:A6:9C:6F:B5:26:88:7B:D5:FD:61:EA:73:A9
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 01954CD459D409A6D3BB82692935C03A0A54
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/5IllgiEg_Kacb7UmiHvV_WHqc6k.roa
Signing time: Fri 28 Feb 2025 13:52:19 +0000
ROA not before: Fri 28 Feb 2025 13:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 69.62.64.0/23 maxlen: 23
69.62.66.0/23 maxlen: 23
69.62.68.0/22 maxlen: 22
69.62.72.0/21 maxlen: 21
69.62.80.0/22 maxlen: 22
69.62.84.0/23 maxlen: 23
69.62.88.0/21 maxlen: 21
69.62.96.0/21 maxlen: 21
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 23
69.62.108.0/22 maxlen: 22
69.62.112.0/22 maxlen: 22
69.62.116.0/22 maxlen: 22
69.62.120.0/23 maxlen: 23
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.126.0/23 maxlen: 23
103.199.184.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:d4:59:d4:09:a6:d3:bb:82:69:29:35:c0:3a:0a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: Feb 28 13:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e48965822120fca69c6fb526887bd5fd61ea73a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:cf:3a:9d:87:ee:a3:08:0f:96:88:ee:c8:56:
45:72:65:dc:55:75:78:47:f6:5a:36:c1:36:f0:b5:
25:76:32:ef:b7:7b:4c:6a:51:57:a2:aa:25:14:44:
fc:14:6d:a6:9f:e2:1a:e8:57:e4:aa:ba:52:1a:4f:
1f:57:c3:c6:80:57:ed:7d:ae:36:b5:08:93:b5:d9:
55:91:d2:26:02:af:89:79:dd:e2:2e:b4:a4:e3:29:
4d:2a:72:4f:2b:2e:da:34:7f:7c:b0:9b:6f:cd:1a:
22:ec:25:a6:76:66:19:e0:af:ec:e8:9c:69:41:cd:
dc:62:76:8e:68:0f:89:6d:8f:0c:44:81:79:a1:0b:
ac:15:89:ca:6a:5f:50:4d:f4:32:50:44:ca:8b:87:
bf:24:f5:8a:01:5d:d6:a8:a5:54:90:23:07:0d:a2:
4e:54:57:c1:5f:73:cc:08:51:3a:8e:4a:8b:00:25:
3b:31:65:de:37:32:09:3d:d4:7f:3a:1c:ef:78:d4:
22:79:f7:69:9a:48:97:01:e0:e6:49:9d:dc:6c:3e:
f9:ba:57:b9:b3:11:e7:5a:2f:c5:68:40:47:e5:9d:
7c:8b:b6:c4:55:f1:29:0f:8a:dd:c3:d1:2c:27:53:
fc:d5:3c:cc:1d:86:e9:9b:cf:f4:6b:0e:f9:24:88:
31:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:89:65:82:21:20:FC:A6:9C:6F:B5:26:88:7B:D5:FD:61:EA:73:A9
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/5IllgiEg_Kacb7UmiHvV_WHqc6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.62.64.0-69.62.85.255
69.62.88.0-69.62.124.255
69.62.126.0/23
103.199.184.0/22
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:c4:64:f0:b3:ef:d2:39:94:dc:aa:33:aa:6b:f3:b4:27:e9:
e3:db:d6:82:8a:eb:6f:d1:3b:c5:8c:1e:0d:43:b8:2e:23:4a:
82:6d:25:c7:63:90:bc:22:3e:fe:6d:42:41:b0:a3:9a:95:75:
79:3a:53:79:5a:d5:c0:2e:f9:4e:23:3e:d3:21:6f:e3:a5:5c:
81:79:1a:2d:37:ad:08:ae:f4:58:2a:a9:eb:34:11:57:d2:be:
cf:61:50:58:04:09:ee:19:3a:af:e5:50:1b:8f:47:67:3d:6e:
e8:39:8d:7b:35:f5:df:8e:55:8e:b1:f0:50:e1:9e:00:47:2e:
a7:41:48:f7:c0:04:47:22:24:b1:b8:4f:00:ab:c4:66:f4:74:
a0:b7:0d:2e:bd:be:84:19:7b:bf:09:82:cd:da:4e:a6:7a:4e:
26:24:38:a5:53:24:10:4b:e2:c4:b6:95:0c:d7:44:36:13:c9:
ea:c6:e9:5a:a7:e4:a2:d8:03:f0:2b:60:bf:3f:20:89:ae:e0:
d1:8a:b9:81:9c:dc:b2:4d:e8:6c:b7:59:3b:65:c8:30:08:6d:
29:ae:70:23:39:c5:57:59:c2:64:19:50:51:55:35:30:d0:57:
45:cb:40:33:52:18:32:25:a7:19:37:d9:f4:c8:6a:09:35:72:
fe:41:cb:47
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZVM1FnUCabTu4JpKTXAOgpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwMjI4MTM1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg5NjU4MjIxMjBmY2E2OWM2ZmI1MjY4ODdiZDVmZDYxZWE3M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8M86nYfuowgPlojuyFZFcmXcVXV4
R/ZaNsE28LUldjLvt3tMalFXoqolFET8FG2mn+Ia6FfkqrpSGk8fV8PGgFftfa42
tQiTtdlVkdImAq+Jed3iLrSk4ylNKnJPKy7aNH98sJtvzRoi7CWmdmYZ4K/s6Jxp
Qc3cYnaOaA+JbY8MRIF5oQusFYnKal9QTfQyUETKi4e/JPWKAV3WqKVUkCMHDaJO
VFfBX3PMCFE6jkqLACU7MWXeNzIJPdR/OhzveNQiefdpmkiXAeDmSZ3cbD75ule5
sxHnWi/FaEBH5Z18i7bEVfEpD4rdw9EsJ1P81TzMHYbpm8/0aw75JIgxeQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOSJZYIhIPymnG+1Joh71f1h6nOpMB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEvNUlsbGdpRWdfS2FjYjdVbWlIdlZfV0hxYzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZFPkAD
BAFFPlQwDAMEA0U+WAMEAEU+fAMEAUU+fgMEAmfHuAMEAsKklDANBgkqhkiG9w0B
AQsFAAOCAQEApMRk8LPv0jmU3KozqmvztCfp49vWgorrb9E7xYweDUO4LiNKgm0l
x2OQvCI+/m1CQbCjmpV1eTpTeVrVwC75TiM+0yFv46VcgXkaLTetCK70WCqp6zQR
V9K+z2FQWAQJ7hk6r+VQG49HZz1u6DmNezX1345VjrHwUOGeAEcup0FI98AERyIk
sbhPAKvEZvR0oLcNLr2+hBl7vwmCzdpOpnpOJiQ4pVMkEEvixLaVDNdENhPJ6sbp
WqfkotgD8Ctgvz8gia7g0Yq5gZzcsk3obLdZO2XIMAhtKa5wIznFV1nCZBlQUVU1
MNBXRctAM1IYMiWnGTfZ9MhqCTVy/kHLRw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:25:06 2025 by rpki-client