Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/srBXpGzpCl2IZiGK70TM4rX8hQo.roa
File: srBXpGzpCl2IZiGK70TM4rX8hQo.roa (raw, json)
Hash identifier: UEEJbRJPqAMpzBuDgrZj9Kcb3sSfaxGwaiMzd/KgGeM=
Subject key identifier: B2:B0:57:A4:6C:E9:0A:5D:88:66:21:8A:EF:44:CC:E2:B5:FC:85:0A
Certificate issuer: /CN=6327607563493337687ad69ce1064e636265be3f
Certificate serial: 018CC348DEB371759B56A1FF6FE381597D9B
Authority key identifier: 63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/srBXpGzpCl2IZiGK70TM4rX8hQo.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398826
IP address blocks: 104.160.21.0/24 maxlen: 24
104.160.19.0/24 maxlen: 24
104.160.20.0/24 maxlen: 24
104.160.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:de:b3:71:75:9b:56:a1:ff:6f:e3:81:59:7d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6327607563493337687ad69ce1064e636265be3f
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2b057a46ce90a5d8866218aef44cce2b5fc850a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a1:b8:5f:94:7f:c2:aa:ff:10:ad:fb:13:f4:
e3:91:b6:08:d4:ca:2d:de:4b:85:be:1d:c9:5d:36:
96:c9:64:e4:6a:b5:08:a8:f9:34:b9:59:62:72:12:
ef:99:22:5d:5a:83:34:c5:a7:0b:13:fb:67:8c:69:
58:7b:43:87:1a:4c:dd:dc:6a:14:a6:58:21:a8:2d:
93:7c:5c:49:36:b4:03:aa:d4:37:e1:7e:51:72:3a:
f9:87:2b:e2:98:bf:e6:65:2f:dc:96:01:a1:a0:c3:
7a:18:3e:f1:4b:e2:cf:31:05:3b:4c:69:be:cd:0c:
af:b2:c1:02:dd:26:f4:e0:07:fa:0e:81:47:e4:42:
f6:4a:bd:b1:df:6a:f6:e6:25:78:87:ed:80:8b:11:
c8:b4:43:5f:52:7d:19:a5:0f:71:26:58:d3:ef:02:
bd:77:59:a6:a5:04:92:19:8b:09:e1:6f:84:d7:81:
0e:8b:b1:61:e5:4f:ab:60:41:3c:b2:32:c2:77:30:
89:4e:c1:37:20:a2:da:eb:8d:cf:1b:c8:6b:da:e6:
f4:d8:67:b3:4b:07:09:c2:d7:d4:c6:2e:30:a3:89:
66:99:9a:ad:79:41:fc:b3:13:48:15:09:8d:d2:35:
45:73:db:28:a9:66:9d:c7:f3:89:5d:a8:6d:e0:4d:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B0:57:A4:6C:E9:0A:5D:88:66:21:8A:EF:44:CC:E2:B5:FC:85:0A
X509v3 Authority Key Identifier:
keyid:63:27:60:75:63:49:33:37:68:7A:D6:9C:E1:06:4E:63:62:65:BE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YydgdWNJMzdoetac4QZOY2Jlvj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/srBXpGzpCl2IZiGK70TM4rX8hQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72a67b-1d1c-4235-a487-fc9093fedb1b/1/YydgdWNJMzdoetac4QZOY2Jlvj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.18.0-104.160.21.255
Signature Algorithm: sha256WithRSAEncryption
32:0a:49:a1:56:88:fc:01:8f:58:ef:d0:5d:df:d1:f3:62:d9:
3e:e6:21:1a:f9:f1:b9:e1:ad:a4:a6:a9:63:74:59:a5:e1:d3:
2b:82:b2:42:a4:6e:4a:94:f2:5e:c6:6c:11:9b:71:81:be:b6:
9f:bb:46:8a:a0:35:f2:3b:2e:e5:5a:fb:f1:26:b1:38:ab:ac:
e2:46:94:0f:6e:02:5c:41:e7:7e:01:2f:f3:0a:30:63:6c:3a:
dd:0a:e9:d4:05:ab:a0:61:ef:31:d3:79:d9:04:09:3b:a5:13:
ea:b3:40:f4:93:4b:4a:d9:8f:e3:79:28:44:f7:4c:9c:a4:b5:
3a:f0:82:a2:6d:0f:fd:e6:7f:51:02:f2:ae:52:0a:9e:a1:d3:
a3:fe:08:82:07:0d:9e:b2:58:aa:eb:c0:d8:3d:ad:4f:9a:77:
05:78:d5:7e:5f:b4:a5:19:95:0f:a7:2a:1a:5a:79:5a:0c:6c:
e3:d7:36:b5:1e:cf:c3:48:e5:ce:3a:33:42:58:d1:de:e4:35:
2e:32:c3:d5:c4:40:be:1b:e9:23:1b:de:ad:ca:91:7c:c9:b3:
94:63:3d:36:79:6b:f4:c7:63:a8:55:75:45:f3:9f:d2:3c:38:
85:0e:19:99:5e:f6:81:31:21:29:4b:70:8f:d0:6e:6d:e8:df:
c0:87:94:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSN6zcXWbVqH/b+OBWX2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMjc2MDc1NjM0OTMzMzc2ODdhZDY5Y2UxMDY0ZTYzNjI2
NWJlM2YwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmIwNTdhNDZjZTkwYTVkODg2NjIxOGFlZjQ0Y2NlMmI1ZmM4NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qG4X5R/wqr/EK37E/TjkbYI1Mot
3kuFvh3JXTaWyWTkarUIqPk0uVlichLvmSJdWoM0xacLE/tnjGlYe0OHGkzd3GoU
plghqC2TfFxJNrQDqtQ34X5Rcjr5hyvimL/mZS/clgGhoMN6GD7xS+LPMQU7TGm+
zQyvssEC3Sb04Af6DoFH5EL2Sr2x32r25iV4h+2AixHItENfUn0ZpQ9xJljT7wK9
d1mmpQSSGYsJ4W+E14EOi7Fh5U+rYEE8sjLCdzCJTsE3IKLa643PG8hr2ub02Gez
SwcJwtfUxi4wo4lmmZqteUH8sxNIFQmN0jVFc9soqWadx/OJXaht4E1kpQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLKwV6Rs6QpdiGYhiu9EzOK1/IUKMB8GA1UdIwQY
MBaAFGMnYHVjSTM3aHrWnOEGTmNiZb4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODct
ZmM5MDkzZmVkYjFiLzEvc3JCWHBHenBDbDJJWmlHSzcwVE00clg4aFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmE2N2ItMWQxYy00MjM1LWE0ODctZmM5MDkzZmVkYjFi
LzEvWXlkZ2RXTkpNemRvZXRhYzRRWk9ZMkpsdmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFooBID
BAFooBQwDQYJKoZIhvcNAQELBQADggEBADIKSaFWiPwBj1jv0F3f0fNi2T7mIRr5
8bnhraSmqWN0WaXh0yuCskKkbkqU8l7GbBGbcYG+tp+7RoqgNfI7LuVa+/EmsTir
rOJGlA9uAlxB534BL/MKMGNsOt0K6dQFq6Bh7zHTedkECTulE+qzQPSTS0rZj+N5
KET3TJyktTrwgqJtD/3mf1EC8q5SCp6h06P+CIIHDZ6yWKrrwNg9rU+adwV41X5f
tKUZlQ+nKhpaeVoMbOPXNrUez8NI5c46M0JY0d7kNS4yw9XEQL4b6SMb3q3KkXzJ
s5RjPTZ5a/THY6hVdUXzn9I8OIUOGZle9oExISlLcI/Qbm3o38CHlGY=
-----END CERTIFICATE-----
Generated at Mon May 6 07:18:13 2024 by rpki-client on console-ams.rpki-client.org