Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/B4HZRq24-rI189mz0dH0U8s_ltQ.roa
File: B4HZRq24-rI189mz0dH0U8s_ltQ.roa (raw, json)
Hash identifier: A6pfIWVk2BahEy10SSDKRy1UWbMHkr6lU9e1Reqwdy0=
Subject key identifier: 07:81:D9:46:AD:B8:FA:B2:35:F3:D9:B3:D1:D1:F4:53:CB:3F:96:D4
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 0194228DF21B0B375AE42DDB015354DA8FCA
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/B4HZRq24-rI189mz0dH0U8s_ltQ.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20773
IP address blocks: 134.97.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f2:1b:0b:37:5a:e4:2d:db:01:53:54:da:8f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0781d946adb8fab235f3d9b3d1d1f453cb3f96d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:6d:36:aa:76:05:eb:dd:fd:8c:c6:33:8b:
5b:8c:fd:9e:57:aa:f7:6d:25:26:55:3d:f1:c5:3a:
53:54:8a:66:59:e9:9d:0b:10:82:eb:8a:41:0c:b9:
b5:af:05:aa:8d:ba:71:a7:c1:da:c5:85:51:a5:13:
c3:be:a9:5f:be:db:cb:aa:2a:03:0c:be:45:5c:55:
9f:37:4f:01:9b:f1:7b:83:29:44:ac:2b:d1:ad:8f:
9d:20:07:82:40:f4:45:99:b3:4b:b1:db:f7:b0:9c:
8d:10:d4:e3:b5:ce:98:58:4c:1a:cd:5e:99:48:73:
94:07:b7:fb:4a:ab:69:92:31:36:2c:3e:2f:07:36:
23:78:45:e9:9f:cc:d7:d0:f1:99:2a:51:f5:e7:06:
5b:fd:5b:e6:6c:f5:48:7e:08:0f:9e:af:b4:19:7d:
d2:9e:76:12:2a:0a:8b:92:1c:b6:39:2f:83:89:af:
da:a2:4d:92:4a:fa:d1:73:1f:aa:db:af:c6:e5:92:
d8:2d:9f:af:e7:ff:68:45:02:25:4b:85:da:b8:15:
92:57:32:8d:cf:ef:5e:5a:57:19:9a:03:f7:fd:0c:
85:c1:26:2c:3c:f2:60:f6:b1:67:b4:f2:85:d5:8a:
d3:24:87:bb:89:c4:22:b8:e8:d3:18:07:fd:f4:51:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:81:D9:46:AD:B8:FA:B2:35:F3:D9:B3:D1:D1:F4:53:CB:3F:96:D4
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/B4HZRq24-rI189mz0dH0U8s_ltQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.4.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6e:1f:df:d8:73:2f:8a:6f:7f:36:16:1a:25:89:c7:1a:e7:
ce:62:04:c0:3e:23:36:54:31:be:46:90:54:08:97:1d:d4:19:
c5:aa:0f:de:8e:0a:f6:2b:d6:21:23:a3:0c:fc:ec:a1:c4:5e:
ea:ab:f8:a0:48:61:88:c9:80:7b:2d:66:93:80:6f:44:b1:d8:
be:1d:f5:17:5e:32:c5:67:a7:b5:25:3b:90:02:d2:db:4b:39:
1c:7e:28:b6:da:cb:a2:8b:81:16:a5:29:8f:1d:a1:7f:42:9e:
99:30:99:c1:4c:1e:6a:ef:8a:69:c5:e6:8f:eb:e4:d9:a4:38:
20:fa:83:e8:86:93:55:03:39:9a:5f:ce:4f:9a:6a:17:40:4f:
85:ee:70:45:9d:31:c4:ab:4f:1f:d1:19:9b:c7:b9:d2:43:f7:
c3:e4:9c:cc:02:47:15:ad:1f:da:71:e5:9c:cb:1f:5e:96:e8:
31:ad:95:56:95:70:7f:48:a2:82:6f:90:70:3c:3c:be:e9:a6:
ee:3e:ed:c1:ee:d0:0f:74:79:28:ba:b0:4b:8f:e0:12:29:3a:
f3:46:a7:68:5f:79:fa:90:1b:03:ba:ba:66:87:c0:35:02:4d:
1f:28:c6:fb:a2:5b:49:bf:d6:c7:7c:9b:1e:b0:11:1e:79:8c:
e3:5d:99:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfIbCzda5C3bAVNU2o/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzgxZDk0NmFkYjhmYWIyMzVmM2Q5YjNkMWQxZjQ1M2NiM2Y5NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF9tNqp2Bevd/YzGM4tbjP2eV6r3
bSUmVT3xxTpTVIpmWemdCxCC64pBDLm1rwWqjbpxp8HaxYVRpRPDvqlfvtvLqioD
DL5FXFWfN08Bm/F7gylErCvRrY+dIAeCQPRFmbNLsdv3sJyNENTjtc6YWEwazV6Z
SHOUB7f7SqtpkjE2LD4vBzYjeEXpn8zX0PGZKlH15wZb/VvmbPVIfggPnq+0GX3S
nnYSKgqLkhy2OS+Dia/aok2SSvrRcx+q26/G5ZLYLZ+v5/9oRQIlS4XauBWSVzKN
z+9eWlcZmgP3/QyFwSYsPPJg9rFntPKF1YrTJIe7icQiuOjTGAf99FFY/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAeB2UatuPqyNfPZs9HR9FPLP5bUMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvQjRIWlJxMjQtckkxODltejBkSDBVOHNfbHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhmEEMA0G
CSqGSIb3DQEBCwUAA4IBAQBUbh/f2HMvim9/NhYaJYnHGufOYgTAPiM2VDG+RpBU
CJcd1BnFqg/ejgr2K9YhI6MM/OyhxF7qq/igSGGIyYB7LWaTgG9Esdi+HfUXXjLF
Z6e1JTuQAtLbSzkcfii22suii4EWpSmPHaF/Qp6ZMJnBTB5q74ppxeaP6+TZpDgg
+oPohpNVAzmaX85PmmoXQE+F7nBFnTHEq08f0Rmbx7nSQ/fD5JzMAkcVrR/aceWc
yx9elugxrZVWlXB/SKKCb5BwPDy+6abuPu3B7tAPdHkourBLj+ASKTrzRqdoX3n6
kBsDurpmh8A1Ak0fKMb7oltJv9bHfJsesBEeeYzjXZkE
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:19:57 2025 by rpki-client