Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4RUU0H0CZEoC5gpDEekjR1R9h6M.roa
File: 4RUU0H0CZEoC5gpDEekjR1R9h6M.roa (raw, json)
Hash identifier: 7bUqUDqc0oZAQM1cK+gYfpWx2QDOpoAMGvH2pmehKPc=
Subject key identifier: E1:15:14:D0:7D:02:64:4A:02:E6:0A:43:11:E9:23:47:54:7D:87:A3
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD1C4B94D4292D5D4B73657E2DD558
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4RUU0H0CZEoC5gpDEekjR1R9h6M.roa
Signing time: Thu 02 Jan 2025 07:48:52 +0000
ROA not before: Thu 02 Jan 2025 07:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 104.239.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:1c:4b:94:d4:29:2d:5d:4b:73:65:7e:2d:d5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e11514d07d02644a02e60a4311e92347547d87a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:d8:e4:fc:85:29:91:c6:df:69:0d:9b:a1:
74:71:dd:1d:cb:c9:56:b0:de:c1:c4:a2:61:ec:c2:
24:e0:d9:0d:a6:86:f5:9e:79:a9:27:ad:73:ea:ef:
fa:ce:05:55:cb:d2:2b:7d:d0:dc:69:94:a6:84:f5:
f9:a5:54:f9:a3:66:ba:b0:88:b7:c5:6b:86:ec:d0:
0b:ab:21:9d:41:ff:01:6e:d8:78:24:d4:b0:cd:78:
d1:5f:03:fd:e5:7f:c1:90:4c:f6:f7:49:b7:e2:e8:
80:ce:a4:d5:2c:f1:82:a7:74:79:a4:bd:43:88:87:
3e:d3:2d:36:23:0e:29:1e:b1:ea:c7:af:37:ac:d1:
50:89:cc:58:c2:63:25:34:03:1f:89:48:60:5a:be:
80:d0:6c:c6:41:2b:b9:dd:10:5f:3f:ab:20:a1:e1:
28:3a:41:d8:eb:0d:17:7c:b5:8c:77:be:8d:53:f9:
6b:5c:01:00:41:01:eb:1f:7d:60:ca:3b:ec:ac:3e:
22:98:79:20:dc:63:9c:9b:0e:4f:6d:a5:01:55:d4:
de:b5:e8:50:c0:72:f2:42:bb:a0:70:0f:3b:51:a0:
a7:11:06:96:87:6b:07:0e:8a:68:12:c0:b5:7f:75:
e1:b5:5c:0f:20:5c:07:28:fa:27:43:a5:84:f0:98:
40:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:15:14:D0:7D:02:64:4A:02:E6:0A:43:11:E9:23:47:54:7D:87:A3
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4RUU0H0CZEoC5gpDEekjR1R9h6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.239.87.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:48:b9:d8:90:9a:56:4b:c2:4d:f5:3e:4e:21:95:24:f1:c8:
05:4c:5e:8e:8b:cf:77:14:4c:e3:99:21:76:d0:4e:c9:56:ef:
65:eb:35:05:bc:ce:f3:1c:78:23:a0:78:15:05:8d:19:22:b2:
8e:af:7f:b8:c7:d1:7d:eb:53:3b:4c:8b:18:67:10:14:a9:7c:
e1:dd:2d:12:98:5e:9a:b3:ee:92:a6:28:a3:13:f6:a2:99:91:
ed:0f:1b:e5:db:a9:44:6c:1c:e1:7a:dc:c7:9f:d1:68:a9:c1:
96:4a:3e:8c:36:d2:22:ed:1c:82:79:23:b1:d8:0c:69:10:4d:
40:87:49:0d:c9:37:44:97:2b:04:ce:60:ed:d4:f7:d5:32:c3:
76:f8:60:33:3f:48:b7:56:fa:d4:62:9c:4f:35:84:6d:a9:25:
e4:a9:c7:fa:43:f4:81:48:db:94:f1:94:44:55:88:0b:6a:b7:
e3:fd:5f:a4:82:cf:18:45:ca:e6:b5:ef:d6:70:ff:39:2d:24:
2b:8c:63:2b:2e:0e:cf:f8:1a:5f:aa:cb:db:2c:d2:1d:27:9c:
52:b3:f2:3b:14:95:f3:bd:ad:37:38:e6:d9:ca:9a:51:7c:51:
b4:56:12:84:ad:02:8f:c8:f7:88:a3:bf:a1:78:73:7b:e0:07:
12:c5:ec:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/RxLlNQpLV1Lc2V+LdVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTE1MTRkMDdkMDI2NDRhMDJlNjBhNDMxMWU5MjM0NzU0N2Q4N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQLY5PyFKZHG32kNm6F0cd0dy8lW
sN7BxKJh7MIk4NkNpob1nnmpJ61z6u/6zgVVy9IrfdDcaZSmhPX5pVT5o2a6sIi3
xWuG7NALqyGdQf8Bbth4JNSwzXjRXwP95X/BkEz290m34uiAzqTVLPGCp3R5pL1D
iIc+0y02Iw4pHrHqx683rNFQicxYwmMlNAMfiUhgWr6A0GzGQSu53RBfP6sgoeEo
OkHY6w0XfLWMd76NU/lrXAEAQQHrH31gyjvsrD4imHkg3GOcmw5PbaUBVdTetehQ
wHLyQrugcA87UaCnEQaWh2sHDopoEsC1f3XhtVwPIFwHKPonQ6WE8JhAZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEVFNB9AmRKAuYKQxHpI0dUfYejMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNFJVVTBIMENaRW9DNWdwREVla2pSMVI5aDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaO9XMA0G
CSqGSIb3DQEBCwUAA4IBAQAMSLnYkJpWS8JN9T5OIZUk8cgFTF6Oi893FEzjmSF2
0E7JVu9l6zUFvM7zHHgjoHgVBY0ZIrKOr3+4x9F961M7TIsYZxAUqXzh3S0SmF6a
s+6SpiijE/aimZHtDxvl26lEbBzhetzHn9FoqcGWSj6MNtIi7RyCeSOx2AxpEE1A
h0kNyTdElysEzmDt1PfVMsN2+GAzP0i3VvrUYpxPNYRtqSXkqcf6Q/SBSNuU8ZRE
VYgLarfj/V+kgs8YRcrmte/WcP85LSQrjGMrLg7P+BpfqsvbLNIdJ5xSs/I7FJXz
va03OObZyppRfFG0VhKErQKPyPeIo7+heHN74AcSxex8
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:51 2025 by rpki-client