Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Hifc0702XiDz-jeJfzC2ajKIyOY.roa
File: Hifc0702XiDz-jeJfzC2ajKIyOY.roa (raw, json)
Hash identifier: J3bLlXI7IzbpB/dKPV5vec+HK0BihbXKKbE2TQWAPFg=
Subject key identifier: 1E:27:DC:D3:BD:36:5E:20:F3:FA:37:89:7F:30:B6:6A:32:88:C8:E6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD1601DD4569A3D8EBAB3FEB6948FB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Hifc0702XiDz-jeJfzC2ajKIyOY.roa
Signing time: Thu 02 Jan 2025 07:48:50 +0000
ROA not before: Thu 02 Jan 2025 07:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.94.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:16:01:dd:45:69:a3:d8:eb:ab:3f:eb:69:48:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e27dcd3bd365e20f3fa37897f30b66a3288c8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:4c:67:fc:28:e7:2d:cd:56:06:ae:53:9e:
e3:fa:97:1e:ce:3e:2d:17:f8:b3:78:5e:b7:45:17:
d1:9d:3d:1a:01:be:6f:d5:2e:5a:d2:84:c7:40:dc:
c1:71:68:4c:55:35:53:24:ad:08:00:b7:32:8c:09:
10:8a:ee:5a:de:e0:bc:0c:ba:6a:7a:cd:8b:36:d3:
49:f2:27:6a:ca:0c:2c:67:f4:24:ee:b8:24:7e:34:
9d:7b:79:6c:f8:18:9b:10:6d:b9:b9:e8:7f:55:18:
3e:34:f8:81:bf:5b:b0:7c:9c:46:f1:a2:48:df:d4:
a1:07:8c:97:c7:02:78:3f:75:71:78:c7:d3:18:c2:
73:90:10:a8:a8:2f:fb:b1:67:be:c3:c1:8a:b8:99:
80:09:e5:9a:13:79:52:a0:91:ee:0c:d5:a3:8c:81:
a1:7c:c8:c9:40:02:69:2a:06:f0:a4:b0:56:73:74:
49:98:48:e1:2d:fa:53:53:be:e2:ee:81:ad:d8:44:
53:ec:38:7a:b8:34:49:59:38:bc:6a:43:8b:09:6b:
4e:a6:bc:32:fb:d7:c4:6a:b9:69:3f:dd:11:a3:75:
d0:c6:12:d0:f0:a6:7c:70:78:78:36:5e:a0:46:3a:
da:82:8d:32:2f:4c:1a:a1:c2:78:9a:81:62:b9:f5:
16:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:27:DC:D3:BD:36:5E:20:F3:FA:37:89:7F:30:B6:6A:32:88:C8:E6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Hifc0702XiDz-jeJfzC2ajKIyOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:6c:57:5a:69:4b:69:a2:df:9b:d1:4a:83:cb:c9:b8:dc:1a:
bd:52:74:02:3a:47:63:37:29:ed:c4:e5:f3:0c:af:c2:73:0a:
b1:68:a1:92:c4:33:8e:5f:cd:d1:8f:c3:61:0c:6d:ce:b8:9b:
c5:cd:04:e7:93:65:53:fb:31:90:80:21:1e:da:a7:c1:56:f7:
1e:66:70:27:27:a6:b2:ab:ab:1d:96:dd:e3:1d:10:ba:ee:33:
1e:57:0b:df:6a:40:f3:b9:dc:44:a7:c1:87:43:5f:be:49:48:
16:a9:90:cf:9b:67:fd:98:53:ba:c7:01:61:47:b8:aa:51:d1:
ce:7e:78:18:7a:61:a7:9a:bd:94:d2:24:07:c0:ee:36:12:54:
86:0c:17:31:da:58:6e:3d:68:ef:4a:f5:70:ad:08:1a:ac:c6:
79:5c:e3:27:7e:41:7c:10:91:5e:0f:8b:8a:f3:ef:f6:ba:5e:
d2:6f:cc:1c:88:a5:ed:d3:dd:2e:5d:80:31:47:ca:9a:cf:61:
a8:9d:88:1d:eb:18:8a:50:6d:8d:62:4e:b0:57:51:d4:64:da:
73:bb:9d:f8:c7:81:60:9b:63:37:1f:51:70:6f:0d:11:33:cc:
18:ee:a9:f5:68:7c:9d:ea:70:a6:25:45:a9:07:be:aa:b4:bd:
4a:0e:e8:61
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/RYB3UVpo9jrqz/raUj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI3ZGNkM2JkMzY1ZTIwZjNmYTM3ODk3ZjMwYjY2YTMyODhjOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulMZ/wo5y3NVgauU57j+pcezj4t
F/izeF63RRfRnT0aAb5v1S5a0oTHQNzBcWhMVTVTJK0IALcyjAkQiu5a3uC8DLpq
es2LNtNJ8idqygwsZ/Qk7rgkfjSde3ls+BibEG25ueh/VRg+NPiBv1uwfJxG8aJI
39ShB4yXxwJ4P3VxeMfTGMJzkBCoqC/7sWe+w8GKuJmACeWaE3lSoJHuDNWjjIGh
fMjJQAJpKgbwpLBWc3RJmEjhLfpTU77i7oGt2ERT7Dh6uDRJWTi8akOLCWtOprwy
+9fEarlpP90Ro3XQxhLQ8KZ8cHh4Nl6gRjrago0yL0waocJ4moFiufUW4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB4n3NO9Nl4g8/o3iX8wtmoyiMjmMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSGlmYzA3MDJYaUR6LWplSmZ6QzJhaktJeU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB
aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQCbbFdaaUtp
ot+b0UqDy8m43Bq9UnQCOkdjNyntxOXzDK/CcwqxaKGSxDOOX83Rj8NhDG3OuJvF
zQTnk2VT+zGQgCEe2qfBVvceZnAnJ6ayq6sdlt3jHRC67jMeVwvfakDzudxEp8GH
Q1++SUgWqZDPm2f9mFO6xwFhR7iqUdHOfngYemGnmr2U0iQHwO42ElSGDBcx2lhu
PWjvSvVwrQgarMZ5XOMnfkF8EJFeD4uK8+/2ul7Sb8wciKXt090uXYAxR8qaz2Go
nYgd6xiKUG2NYk6wV1HUZNpzu534x4Fgm2M3H1Fwbw0RM8wY7qn1aHyd6nCmJUWp
B76qtL1KDuhh
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:11:04 2025 by rpki-client