Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6M2WewtvohzBCpFj9eGKBc_wUck.roa
File: 6M2WewtvohzBCpFj9eGKBc_wUck.roa (raw, json)
Hash identifier: GtHrne2OsJ2aixOVwYaGAaC31E9k1B9/xfA47302VQI=
Subject key identifier: E8:CD:96:7B:0B:6F:A2:1C:C1:0A:91:63:F5:E1:8A:05:CF:F0:51:C9
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD285900F7D10031753335FD347D03
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6M2WewtvohzBCpFj9eGKBc_wUck.roa
Signing time: Thu 02 Jan 2025 07:48:55 +0000
ROA not before: Thu 02 Jan 2025 07:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 104.239.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:28:59:00:f7:d1:00:31:75:33:35:fd:34:7d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8cd967b0b6fa21cc10a9163f5e18a05cff051c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5c:4f:c4:69:a7:14:a3:91:28:d2:86:a9:9c:
39:bd:f7:37:e0:11:22:9a:cf:cb:14:f1:40:86:14:
62:6f:87:ed:df:8f:8c:f9:f3:27:87:06:67:41:ff:
b7:64:cf:f8:1d:cb:dc:cf:d7:b3:1c:19:96:0c:6b:
fd:8e:ca:b3:5f:5e:4b:43:51:13:51:de:66:7e:c2:
48:b0:1f:14:a9:99:88:8e:ce:ec:36:0f:74:9b:c1:
e6:59:d5:4b:0f:80:3e:a5:33:28:87:30:4e:83:b6:
4f:25:74:44:45:33:e1:20:b8:7d:fc:4e:a9:51:c3:
9a:60:dd:c1:34:8e:36:8e:f5:9f:28:c6:48:47:cd:
51:38:68:66:8f:78:74:39:2f:23:bd:00:8c:89:62:
34:02:34:f4:0c:47:14:70:02:64:d0:08:d2:db:13:
1f:af:0a:76:0f:52:1c:75:1d:a1:78:89:e6:79:90:
11:ea:11:c0:9d:38:f5:75:f9:0f:fb:15:82:ee:3c:
28:7d:6c:b3:a2:f7:c4:d0:a6:e4:ee:67:ca:c2:26:
30:a8:d5:71:d0:2d:1d:26:c6:e5:a3:b3:2d:0b:b4:
92:40:a5:e0:b4:c3:00:0d:f4:54:2a:7b:45:f6:7e:
a6:98:33:c6:4e:27:1e:7c:ef:ee:ad:1a:1a:4e:9d:
1d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CD:96:7B:0B:6F:A2:1C:C1:0A:91:63:F5:E1:8A:05:CF:F0:51:C9
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/6M2WewtvohzBCpFj9eGKBc_wUck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.239.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:60:a6:2d:d8:50:d6:bc:81:c0:0b:96:18:31:7f:1f:15:84:
b7:d4:d6:8a:06:43:bf:f5:b8:8a:03:d4:f0:02:c4:a1:e5:1c:
6c:44:43:13:37:04:2d:ac:e7:13:5d:6d:bd:d6:8d:99:1d:50:
df:40:6b:5b:cd:16:57:49:85:43:65:ba:b2:14:06:aa:d3:f2:
57:08:c3:20:ed:9f:46:7f:34:41:06:9a:2e:d3:e1:1b:91:53:
eb:09:80:87:1d:c7:5c:af:da:cb:b0:c8:0b:31:22:13:60:be:
21:11:dd:49:59:4e:b2:ad:6a:81:6b:bc:db:b0:9c:ef:14:9b:
02:95:c1:97:55:89:9e:02:88:77:d6:52:d9:32:4c:ec:0d:a8:
d6:50:5a:01:f6:0d:fe:70:ec:2b:a2:b7:05:d6:92:73:f3:eb:
27:ea:6d:43:60:92:21:83:86:50:9a:8c:c3:4a:4f:0e:af:83:
72:67:0a:6b:b4:21:61:4b:69:87:df:08:72:77:6b:6b:50:d5:
83:d0:f9:33:2f:2f:c7:7c:fe:90:19:cf:41:6f:54:d1:df:77:
d1:f4:9c:83:ee:e5:9f:02:95:e5:eb:74:96:66:ab:fc:f3:74:
7c:49:96:1f:ed:80:f5:29:49:77:8c:97:1b:68:a9:32:2e:0a:
3e:6c:23:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/ShZAPfRADF1MzX9NH0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNkOTY3YjBiNmZhMjFjYzEwYTkxNjNmNWUxOGEwNWNmZjA1MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VxPxGmnFKORKNKGqZw5vfc34BEi
ms/LFPFAhhRib4ft34+M+fMnhwZnQf+3ZM/4Hcvcz9ezHBmWDGv9jsqzX15LQ1ET
Ud5mfsJIsB8UqZmIjs7sNg90m8HmWdVLD4A+pTMohzBOg7ZPJXRERTPhILh9/E6p
UcOaYN3BNI42jvWfKMZIR81ROGhmj3h0OS8jvQCMiWI0AjT0DEcUcAJk0AjS2xMf
rwp2D1IcdR2heInmeZAR6hHAnTj1dfkP+xWC7jwofWyzovfE0Kbk7mfKwiYwqNVx
0C0dJsblo7MtC7SSQKXgtMMADfRUKntF9n6mmDPGTicefO/urRoaTp0dBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjNlnsLb6IcwQqRY/XhigXP8FHJMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNk0yV2V3dHZvaHpCQ3BGajllR0tCY193VWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaO9IMA0G
CSqGSIb3DQEBCwUAA4IBAQCLYKYt2FDWvIHAC5YYMX8fFYS31NaKBkO/9biKA9Tw
AsSh5RxsREMTNwQtrOcTXW291o2ZHVDfQGtbzRZXSYVDZbqyFAaq0/JXCMMg7Z9G
fzRBBpou0+EbkVPrCYCHHcdcr9rLsMgLMSITYL4hEd1JWU6yrWqBa7zbsJzvFJsC
lcGXVYmeAoh31lLZMkzsDajWUFoB9g3+cOwrorcF1pJz8+sn6m1DYJIhg4ZQmozD
Sk8Or4NyZwprtCFhS2mH3whyd2trUNWD0PkzLy/HfP6QGc9Bb1TR33fR9JyD7uWf
ApXl63SWZqv883R8SZYf7YD1KUl3jJcbaKkyLgo+bCP2
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:48:52 2025 by rpki-client