Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pAOdgvf-88bUESvFBoyLLnRj2oM.roa
File: pAOdgvf-88bUESvFBoyLLnRj2oM.roa (raw, json)
Hash identifier: unjJHwtKYlvTaRdGwafd8E56bsSmlQmKJExK/izsPzk=
Subject key identifier: A4:03:9D:82:F7:FE:F3:C6:D4:11:2B:C5:06:8C:8B:2E:74:63:DA:83
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0195B7518C8522657233AD70F2ED809F63F8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pAOdgvf-88bUESvFBoyLLnRj2oM.roa
Signing time: Fri 21 Mar 2025 06:08:49 +0000
ROA not before: Fri 21 Mar 2025 06:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:51:8c:85:22:65:72:33:ad:70:f2:ed:80:9f:63:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 21 06:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4039d82f7fef3c6d4112bc5068c8b2e7463da83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6d:e1:11:bf:b8:5d:65:3c:53:19:54:eb:28:
bf:6d:f1:fd:2e:b1:eb:5d:5c:44:ae:9f:fd:61:6b:
ad:22:74:eb:e2:37:e8:2d:68:b3:6c:72:e5:45:96:
d3:75:6b:b8:3c:fe:37:91:62:db:61:3f:72:7e:a1:
26:47:52:87:00:97:e4:a1:10:25:c6:33:96:c8:e0:
02:91:98:70:96:b0:64:44:44:56:11:8f:d0:84:f7:
22:b8:23:4f:0c:95:0a:65:99:bc:55:99:f9:0c:4b:
4a:b3:2c:8e:5f:8d:3a:00:dd:d3:57:50:2e:3e:ce:
84:7a:39:70:e0:fe:a3:d7:26:b6:2d:b4:40:b7:46:
6c:d3:9b:2a:7e:80:e7:28:cc:4e:1c:56:97:1e:79:
5e:37:1c:3a:fd:8f:d1:94:67:21:81:28:63:84:6c:
38:5e:70:6c:c9:db:8e:dd:98:c2:7f:9d:c2:93:37:
98:ae:24:6d:ba:c2:2d:8a:c2:9e:2d:be:21:b8:4a:
87:05:30:e1:e2:01:69:38:3b:55:48:96:e2:12:d8:
72:e7:74:84:7e:5b:f9:b9:ff:f2:e6:ea:30:a6:72:
05:e9:c5:94:06:95:d9:b4:42:a6:94:28:1d:a2:59:
e6:63:01:6b:ab:86:7f:28:43:70:e9:d2:71:6c:96:
63:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:03:9D:82:F7:FE:F3:C6:D4:11:2B:C5:06:8C:8B:2E:74:63:DA:83
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pAOdgvf-88bUESvFBoyLLnRj2oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.108.0/22
64.43.116.0/22
Signature Algorithm: sha256WithRSAEncryption
51:02:58:2f:cf:1a:99:9b:d6:80:9d:b4:d9:72:5e:1f:0a:3b:
ea:be:87:5c:3d:3a:0c:21:e4:51:b1:d5:ad:fc:d3:17:57:55:
26:79:2a:27:e9:2e:53:89:9c:93:19:32:a9:6e:31:ff:7c:42:
ea:0d:54:f9:08:0e:a8:f6:df:a9:b6:d3:a2:e8:dc:ea:2d:ea:
b6:87:0f:f1:fa:60:58:c7:9f:0d:2d:fd:8d:88:33:cd:98:ef:
73:6a:4e:7a:e4:db:56:1d:68:cc:0e:83:09:2e:57:65:cd:c4:
af:37:36:28:d4:5b:26:fd:46:d5:00:1c:ca:0b:f8:e9:2f:3d:
b5:a6:6b:ab:d0:bc:f2:31:4e:ce:73:af:85:6a:27:06:a5:f1:
8a:d2:e2:25:11:84:44:54:60:e2:b5:1a:9f:d1:84:25:f8:fe:
e8:1d:00:88:2a:84:76:f8:a9:f7:94:3b:da:27:4a:74:5d:e1:
68:c2:86:3a:98:50:8f:2d:c1:71:e1:38:44:8c:a9:36:a7:0d:
21:04:f4:ff:5c:2a:ae:65:ac:a1:a9:c3:96:52:19:81:8c:36:
45:7b:5f:d6:74:0f:a8:fe:36:df:e4:00:57:9c:32:1f:f1:79:
1e:25:0a:d1:07:b8:ae:eb:ef:55:ca:d9:d7:48:38:a4:33:38:
eb:1b:b1:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZW3UYyFImVyM61w8u2An2P4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMzIxMDYwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAzOWQ4MmY3ZmVmM2M2ZDQxMTJiYzUwNjhjOGIyZTc0NjNkYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m3hEb+4XWU8UxlU6yi/bfH9LrHr
XVxErp/9YWutInTr4jfoLWizbHLlRZbTdWu4PP43kWLbYT9yfqEmR1KHAJfkoRAl
xjOWyOACkZhwlrBkRERWEY/QhPciuCNPDJUKZZm8VZn5DEtKsyyOX406AN3TV1Au
Ps6Eejlw4P6j1ya2LbRAt0Zs05sqfoDnKMxOHFaXHnleNxw6/Y/RlGchgShjhGw4
XnBsyduO3ZjCf53CkzeYriRtusItisKeLb4huEqHBTDh4gFpODtVSJbiEthy53SE
flv5uf/y5uowpnIF6cWUBpXZtEKmlCgdolnmYwFrq4Z/KENw6dJxbJZjFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKQDnYL3/vPG1BErxQaMiy50Y9qDMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcEFPZGd2Zi04OGJVRVN2RkJveUxMblJqMm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQCtsAwQC
QCt0MA0GCSqGSIb3DQEBCwUAA4IBAQBRAlgvzxqZm9aAnbTZcl4fCjvqvodcPToM
IeRRsdWt/NMXV1UmeSon6S5TiZyTGTKpbjH/fELqDVT5CA6o9t+pttOi6NzqLeq2
hw/x+mBYx58NLf2NiDPNmO9zak565NtWHWjMDoMJLldlzcSvNzYo1Fsm/UbVABzK
C/jpLz21pmur0LzyMU7Oc6+FaicGpfGK0uIlEYREVGDitRqf0YQl+P7oHQCIKoR2
+Kn3lDvaJ0p0XeFowoY6mFCPLcFx4ThEjKk2pw0hBPT/XCquZayhqcOWUhmBjDZF
e1/WdA+o/jbf5ABXnDIf8XkeJQrRB7iu6+9VytnXSDikMzjrG7Gw
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:18 2025 by rpki-client