Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/17xelIZ1hlIUuFxHGjY7q1Rga1c.roa
File: 17xelIZ1hlIUuFxHGjY7q1Rga1c.roa (raw, json)
Hash identifier: qGseiUfd5IFcITsclcI1uIFfpA5aFyoVyJT3z5Hf4KE=
Subject key identifier: D7:BC:5E:94:86:75:86:52:14:B8:5C:47:1A:36:3B:AB:54:60:6B:57
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD2EDAE11C7A3A1B5DB10F75F09498
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/17xelIZ1hlIUuFxHGjY7q1Rga1c.roa
Signing time: Thu 02 Jan 2025 07:48:57 +0000
ROA not before: Thu 02 Jan 2025 07:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215391
IP address blocks: 45.43.143.0/24 maxlen: 24
104.238.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:2e:da:e1:1c:7a:3a:1b:5d:b1:0f:75:f0:94:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7bc5e948675865214b85c471a363bab54606b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:df:a9:da:fa:5c:3e:a2:58:f2:9f:9d:5b:6a:
9e:0c:90:a2:28:d3:c1:56:63:89:7f:fe:db:52:c6:
98:66:c6:0c:63:fc:ec:2d:58:c1:09:24:3c:f8:f5:
be:0f:3d:2b:aa:f3:12:3e:de:70:b6:24:aa:74:d4:
20:26:20:40:f7:b2:71:fe:c9:e5:91:3a:4d:cd:5e:
34:80:4f:9c:c1:21:4d:e3:60:c9:69:d0:4c:97:38:
8b:52:b2:9a:8e:99:7f:91:5b:6c:ce:4a:e1:4f:ad:
26:9a:91:1b:d4:ff:e6:9d:e3:9f:22:71:50:b4:5c:
75:3b:5e:02:30:09:db:1f:3e:f1:b4:64:47:50:ad:
d2:0c:c2:de:05:bf:5e:e5:af:a2:e7:0b:fb:0f:ee:
b0:6d:e2:e5:5d:18:8a:25:e2:44:07:06:18:b6:2f:
88:f2:fd:4a:e2:63:e4:36:bd:ba:06:82:7b:73:9f:
90:81:55:88:95:73:87:96:12:65:1c:4d:6d:49:2a:
92:4b:c2:b8:ed:2a:a1:15:e6:00:62:82:2f:c7:76:
2e:c2:8e:09:33:ae:84:5c:77:e1:b6:7e:cd:01:34:
e1:dc:bf:3e:d9:a2:7c:60:54:3b:cf:c9:44:ec:9e:
23:5c:6f:ba:99:a3:7a:e8:b9:2a:ca:91:c9:5c:a0:
37:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:BC:5E:94:86:75:86:52:14:B8:5C:47:1A:36:3B:AB:54:60:6B:57
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/17xelIZ1hlIUuFxHGjY7q1Rga1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.143.0/24
104.238.23.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b1:ef:97:7c:5e:fa:1f:19:e5:2d:91:e4:4c:7a:f0:ad:86:
23:45:22:e4:ef:55:f2:de:ac:2f:2c:73:7c:6c:f7:ff:0a:f0:
41:f4:ff:47:00:79:94:c2:fc:53:a1:40:ee:8e:aa:a1:3a:ce:
ff:41:fd:cd:cc:6c:a5:bb:88:13:1d:96:63:48:83:9f:43:8f:
42:cb:37:92:a6:97:c8:81:d9:30:d6:2b:9c:77:60:5c:f4:ac:
44:c4:61:e4:a9:9d:c5:e3:a4:30:3d:ea:d2:a4:de:85:c8:80:
23:ee:7e:6d:e9:fd:df:73:19:5a:e6:23:98:ed:22:f5:cb:fe:
94:50:fa:fa:bd:f7:ec:b2:df:f1:fc:1c:53:12:de:7f:f8:d6:
e7:b3:8a:54:db:c0:9e:a0:0c:f9:fe:80:e0:2d:ac:ae:48:64:
37:eb:53:a5:cf:33:d3:07:15:db:4a:80:78:1e:35:67:43:e8:
5c:46:6e:32:84:ec:52:80:eb:ec:c0:78:72:64:6a:3f:11:3d:
91:29:8c:95:52:d7:c9:18:6e:dc:0b:33:a1:5c:52:e8:08:01:
b8:bf:40:a8:aa:93:00:78:02:40:f9:af:ec:2a:73:ce:dd:d5:
c3:33:08:fb:dd:f1:fb:bc:03:80:0a:17:6f:70:2a:8d:71:ee:
30:e2:74:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/S7a4Rx6OhtdsQ918JSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2JjNWU5NDg2NzU4NjUyMTRiODVjNDcxYTM2M2JhYjU0NjA2YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9+p2vpcPqJY8p+dW2qeDJCiKNPB
VmOJf/7bUsaYZsYMY/zsLVjBCSQ8+PW+Dz0rqvMSPt5wtiSqdNQgJiBA97Jx/snl
kTpNzV40gE+cwSFN42DJadBMlziLUrKajpl/kVtszkrhT60mmpEb1P/mneOfInFQ
tFx1O14CMAnbHz7xtGRHUK3SDMLeBb9e5a+i5wv7D+6wbeLlXRiKJeJEBwYYti+I
8v1K4mPkNr26BoJ7c5+QgVWIlXOHlhJlHE1tSSqSS8K47SqhFeYAYoIvx3Yuwo4J
M66EXHfhtn7NATTh3L8+2aJ8YFQ7z8lE7J4jXG+6maN66LkqypHJXKA3zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNe8XpSGdYZSFLhcRxo2O6tUYGtXMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMTd4ZWxJWjFobElVdUZ4SEdqWTdxMVJnYTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSuPAwQA
aO4XMA0GCSqGSIb3DQEBCwUAA4IBAQAWse+XfF76HxnlLZHkTHrwrYYjRSLk71Xy
3qwvLHN8bPf/CvBB9P9HAHmUwvxToUDujqqhOs7/Qf3NzGylu4gTHZZjSIOfQ49C
yzeSppfIgdkw1iucd2Bc9KxExGHkqZ3F46QwPerSpN6FyIAj7n5t6f3fcxla5iOY
7SL1y/6UUPr6vffsst/x/BxTEt5/+Nbns4pU28CeoAz5/oDgLayuSGQ361OlzzPT
BxXbSoB4HjVnQ+hcRm4yhOxSgOvswHhyZGo/ET2RKYyVUtfJGG7cCzOhXFLoCAG4
v0CoqpMAeAJA+a/sKnPO3dXDMwj73fH7vAOAChdvcCqNce4w4nRK
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:26:17 2025 by rpki-client