Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4EfNGR4wiWbi_y1y433ICACWCZ0.roa
File: 4EfNGR4wiWbi_y1y433ICACWCZ0.roa (raw, json)
Hash identifier: W3KUBln3jDDd0cmmpR54v75Ll2wQ3RHqXSQ0s5O+eAU=
Subject key identifier: E0:47:CD:19:1E:30:89:66:E2:FF:2D:72:E3:7D:C8:08:00:96:09:9D
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8EB8FF334F69B2470434069304C12
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4EfNGR4wiWbi_y1y433ICACWCZ0.roa
Signing time: Thu 02 Jan 2025 11:48:57 +0000
ROA not before: Thu 02 Jan 2025 11:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21413
IP address blocks: 153.96.26.0/24 maxlen: 24
192.44.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:eb:8f:f3:34:f6:9b:24:70:43:40:69:30:4c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e047cd191e308966e2ff2d72e37dc8080096099d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:3c:08:0a:fe:2c:11:6a:fa:71:00:49:26:
dc:a3:d9:a2:b6:39:30:2f:06:62:6a:59:a1:59:ee:
75:18:2e:30:88:af:81:02:b4:9d:ac:3b:85:7b:45:
31:58:6e:21:75:36:95:4d:e8:ef:63:df:d0:db:ec:
7f:bb:3a:ab:36:ce:39:a9:d2:4c:5c:ec:59:7c:85:
84:0a:af:93:f1:e4:ba:64:66:98:5b:3a:38:00:ec:
6f:08:94:ac:82:3f:c6:7c:e6:71:6f:72:da:b3:13:
d7:ae:5d:bd:3f:76:9e:4d:e4:da:ce:ce:a2:ef:24:
25:17:70:2e:87:c3:79:92:6e:7d:b9:45:d1:64:08:
db:97:bb:ad:4a:86:20:c3:f6:9f:30:3e:17:85:ac:
13:c8:50:f2:d2:15:81:0e:0c:c4:ee:1e:4d:34:2d:
c3:2c:b3:de:37:2e:52:b5:13:1d:94:8b:b3:ad:0b:
2d:b0:be:24:ea:20:22:1d:9e:10:02:70:07:d5:c9:
4d:ee:95:b4:50:da:52:bb:8a:c0:75:91:68:2d:96:
cd:70:4f:cb:2a:40:71:1e:ea:4f:fa:06:c8:ee:fe:
6d:ef:d3:5b:b8:81:93:ca:c1:ab:0a:a8:a5:6e:2d:
a7:27:81:ec:9d:6c:c7:71:16:f3:f2:79:02:3f:4a:
83:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:47:CD:19:1E:30:89:66:E2:FF:2D:72:E3:7D:C8:08:00:96:09:9D
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/4EfNGR4wiWbi_y1y433ICACWCZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.26.0/24
192.44.4.0/24
Signature Algorithm: sha256WithRSAEncryption
20:e7:b7:bb:34:81:05:13:68:e5:2e:8e:b5:98:43:de:62:f4:
c6:bb:cd:a7:78:7d:26:42:7e:5d:1d:b1:1e:ba:02:7a:70:94:
a6:a7:0d:21:74:c8:2c:79:ff:54:dc:5b:6f:c4:8e:d5:bc:6c:
70:a7:7d:c0:31:88:19:1c:34:c2:43:14:27:c5:e2:bd:67:c3:
09:1e:a9:31:62:5f:41:3f:89:5c:38:8c:e1:69:2d:fe:4a:91:
25:4d:8d:71:7d:e4:00:28:07:ec:1f:b6:13:de:ae:ab:ab:9d:
54:d2:df:28:04:cf:e6:60:63:af:10:c2:89:b0:28:43:ed:41:
dd:6b:65:00:5c:5e:08:87:a9:dd:85:d8:bf:62:49:b5:df:c3:
ca:d8:67:14:ff:68:10:01:c6:20:6f:3b:a2:18:b8:8f:48:80:
fa:fb:a2:c9:78:f8:6b:f0:23:86:c0:9e:31:98:3b:6a:15:8d:
e0:c9:b7:0f:d3:01:bc:9b:a1:49:97:c4:d3:a8:a4:6a:8c:15:
7e:c6:34:98:56:1c:8e:cb:8a:12:04:d4:32:cf:c1:62:45:08:
ef:41:4b:e7:a5:f4:d2:cc:a0:93:d3:70:2c:af:5e:43:78:6a:
37:da:c3:67:16:3c:41:63:61:1c:bc:32:84:1f:cb:44:f5:01:
76:1a:4f:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2OuP8zT2myRwQ0BpMEwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQ3Y2QxOTFlMzA4OTY2ZTJmZjJkNzJlMzdkYzgwODAwOTYwOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytw8CAr+LBFq+nEASSbco9mitjkw
LwZialmhWe51GC4wiK+BArSdrDuFe0UxWG4hdTaVTejvY9/Q2+x/uzqrNs45qdJM
XOxZfIWECq+T8eS6ZGaYWzo4AOxvCJSsgj/GfOZxb3LasxPXrl29P3aeTeTazs6i
7yQlF3Auh8N5km59uUXRZAjbl7utSoYgw/afMD4XhawTyFDy0hWBDgzE7h5NNC3D
LLPeNy5StRMdlIuzrQstsL4k6iAiHZ4QAnAH1clN7pW0UNpSu4rAdZFoLZbNcE/L
KkBxHupP+gbI7v5t79NbuIGTysGrCqilbi2nJ4HsnWzHcRbz8nkCP0qD8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOBHzRkeMIlm4v8tcuN9yAgAlgmdMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvNEVmTkdSNHdpV2JpX3kxeTQzM0lDQUNXQ1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmWAaAwQA
wCwEMA0GCSqGSIb3DQEBCwUAA4IBAQAg57e7NIEFE2jlLo61mEPeYvTGu82neH0m
Qn5dHbEeugJ6cJSmpw0hdMgsef9U3FtvxI7VvGxwp33AMYgZHDTCQxQnxeK9Z8MJ
HqkxYl9BP4lcOIzhaS3+SpElTY1xfeQAKAfsH7YT3q6rq51U0t8oBM/mYGOvEMKJ
sChD7UHda2UAXF4Ih6ndhdi/Ykm138PK2GcU/2gQAcYgbzuiGLiPSID6+6LJePhr
8COGwJ4xmDtqFY3gybcP0wG8m6FJl8TTqKRqjBV+xjSYVhyOy4oSBNQyz8FiRQjv
QUvnpfTSzKCT03Asr15DeGo32sNnFjxBY2EcvDKEH8tE9QF2Gk/x
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:14 2025 by rpki-client