Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/aKC4Ve_rwXPA5F4UwLOqVSzUoxQ.roa
File: aKC4Ve_rwXPA5F4UwLOqVSzUoxQ.roa (raw, json)
Hash identifier: C2m1c3bcRtr4/LzoB1kvIKIl5IupGv3jDqJQPFpHE+Y=
Subject key identifier: 68:A0:B8:55:EF:EB:C1:73:C0:E4:5E:14:C0:B3:AA:55:2C:D4:A3:14
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8E9BF5229639F743DF4A17495B23B
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/aKC4Ve_rwXPA5F4UwLOqVSzUoxQ.roa
Signing time: Thu 02 Jan 2025 11:48:57 +0000
ROA not before: Thu 02 Jan 2025 11:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15372
IP address blocks: 153.96.101.0/24 maxlen: 24
153.96.230.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e9:bf:52:29:63:9f:74:3d:f4:a1:74:95:b2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68a0b855efebc173c0e45e14c0b3aa552cd4a314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:d1:ea:93:ca:a8:d2:60:b9:e9:4f:7d:c1:
be:ec:b5:5b:f9:bd:53:4e:16:a9:9c:81:9c:6d:94:
f0:7b:05:29:25:4e:f1:e0:af:4b:e7:0e:40:10:6e:
9d:7a:50:e4:f2:06:a2:f3:27:1a:01:e4:c9:7c:07:
1d:a6:89:c8:c0:2c:5c:52:2f:6e:9f:4e:67:52:56:
b7:f9:0e:b1:07:11:66:e7:84:15:19:2b:d6:43:86:
d3:03:bd:a5:d7:05:eb:fe:8c:a0:42:9a:8d:ef:ca:
62:23:1d:99:fd:33:b3:4e:e1:72:74:4b:1a:fb:b6:
59:69:b1:79:33:94:8e:f8:96:2e:50:ec:0a:cc:2a:
ef:96:86:7d:95:a5:32:57:89:15:cc:ee:ba:ce:4f:
1b:4e:59:48:fd:7e:7d:19:3a:3a:3b:bf:0c:6c:66:
a4:ba:53:e5:55:f8:8d:32:2b:35:9f:f8:7a:be:e0:
87:fa:d4:b2:2b:0c:96:a7:f9:01:0a:bd:54:7f:3b:
38:91:52:b2:a9:ad:ab:a0:2b:69:9e:71:b6:17:74:
97:b0:c8:23:02:50:f9:3c:67:9a:30:66:2e:13:cc:
82:bd:3d:2d:d1:64:ae:e9:05:52:c1:4b:f6:59:c0:
7e:5f:9a:f5:e8:bf:ed:95:20:25:4a:4d:c3:87:99:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A0:B8:55:EF:EB:C1:73:C0:E4:5E:14:C0:B3:AA:55:2C:D4:A3:14
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/aKC4Ve_rwXPA5F4UwLOqVSzUoxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.101.0/24
153.96.230.0/24
Signature Algorithm: sha256WithRSAEncryption
25:b6:68:4c:83:86:cd:59:b1:e3:d6:b0:36:e6:6d:e3:ed:23:
1b:28:77:26:cc:44:dd:5b:92:25:42:5b:3d:3f:50:21:30:fd:
8c:eb:11:eb:57:c4:4c:1b:a7:59:1e:21:8a:f5:9f:77:d4:42:
27:e8:45:8c:4f:a0:e5:f7:c8:9e:71:3f:88:c5:26:6f:dd:cc:
a0:2e:17:c9:3f:14:8b:1c:1b:be:f0:54:54:7b:d3:6d:04:ae:
d6:64:c5:20:5c:cc:50:8d:5d:e1:9e:6f:10:c2:7c:ce:7b:ee:
73:0d:d6:26:7d:72:52:fc:d3:98:f2:13:3c:65:08:37:f1:19:
4c:82:59:a1:51:44:b0:82:5e:94:53:fb:f6:c1:ff:9c:8b:2f:
ab:30:3d:2c:81:7e:b9:70:6a:b5:c3:89:82:4c:c5:58:7d:13:
ec:e0:ff:72:5c:2b:69:5e:80:98:05:c4:a4:00:db:3f:2d:cc:
35:08:d6:87:3a:45:49:54:1d:80:70:87:b1:36:88:7c:63:40:
bb:07:02:23:51:d0:a0:a6:f4:02:cd:f0:ce:d1:38:98:92:32:
17:5b:60:ca:3b:aa:7d:f0:39:35:e5:7d:be:b0:33:a7:77:c9:
00:f0:55:f1:a9:bf:7c:2c:f2:04:f9:29:44:6c:57:52:ad:7d:
8f:3e:27:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2Om/Uiljn3Q99KF0lbI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGEwYjg1NWVmZWJjMTczYzBlNDVlMTRjMGIzYWE1NTJjZDRhMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCrR6pPKqNJguelPfcG+7LVb+b1T
ThapnIGcbZTwewUpJU7x4K9L5w5AEG6delDk8gai8ycaAeTJfAcdponIwCxcUi9u
n05nUla3+Q6xBxFm54QVGSvWQ4bTA72l1wXr/oygQpqN78piIx2Z/TOzTuFydEsa
+7ZZabF5M5SO+JYuUOwKzCrvloZ9laUyV4kVzO66zk8bTllI/X59GTo6O78MbGak
ulPlVfiNMis1n/h6vuCH+tSyKwyWp/kBCr1Ufzs4kVKyqa2roCtpnnG2F3SXsMgj
AlD5PGeaMGYuE8yCvT0t0WSu6QVSwUv2WcB+X5r16L/tlSAlSk3Dh5lLGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGiguFXv68FzwOReFMCzqlUs1KMUMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvYUtDNFZlX3J3WFBBNUY0VXdMT3FWU3pVb3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmWBlAwQA
mWDmMA0GCSqGSIb3DQEBCwUAA4IBAQAltmhMg4bNWbHj1rA25m3j7SMbKHcmzETd
W5IlQls9P1AhMP2M6xHrV8RMG6dZHiGK9Z931EIn6EWMT6Dl98iecT+IxSZv3cyg
LhfJPxSLHBu+8FRUe9NtBK7WZMUgXMxQjV3hnm8QwnzOe+5zDdYmfXJS/NOY8hM8
ZQg38RlMglmhUUSwgl6UU/v2wf+ciy+rMD0sgX65cGq1w4mCTMVYfRPs4P9yXCtp
XoCYBcSkANs/Lcw1CNaHOkVJVB2AcIexNoh8Y0C7BwIjUdCgpvQCzfDO0TiYkjIX
W2DKO6p98Dk15X2+sDOnd8kA8FXxqb98LPIE+SlEbFdSrX2PPif6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:01 2025 by rpki-client