Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4bZ0wnKlIyihMeUtfqas67KO4g.roa
File: a4bZ0wnKlIyihMeUtfqas67KO4g.roa (raw, json)
Hash identifier: v0pLlrl2mlPIUQl+B72iHlOicSw6LLpVWwF5dZGxyKc=
Subject key identifier: 6B:86:D9:D3:09:CA:94:8C:A2:84:C7:94:B5:FA:9A:B3:AE:CA:3B:88
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD221D7E0B59D5D449515ED88D4698
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4bZ0wnKlIyihMeUtfqas67KO4g.roa
Signing time: Thu 02 Jan 2025 07:48:53 +0000
ROA not before: Thu 02 Jan 2025 07:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56443
IP address blocks: 104.233.10.0/24 maxlen: 24
104.233.11.0/24 maxlen: 24
104.233.22.0/24 maxlen: 24
104.233.23.0/24 maxlen: 24
104.233.27.0/24 maxlen: 24
104.233.28.0/24 maxlen: 24
104.233.29.0/24 maxlen: 24
104.233.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:22:1d:7e:0b:59:d5:d4:49:51:5e:d8:8d:46:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b86d9d309ca948ca284c794b5fa9ab3aeca3b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ce:7e:52:a4:4a:34:ec:94:12:4a:6e:6c:76:
a3:9e:49:67:6d:b5:c3:73:c7:a6:47:da:45:6b:93:
aa:87:d0:a1:e6:4a:80:87:02:86:83:e2:a7:57:76:
89:ae:c4:e9:31:59:a2:af:9e:94:26:fe:8d:98:4a:
e9:30:52:d8:9d:6e:80:ee:dd:b0:a7:53:3d:0b:75:
47:a1:13:d7:57:a5:c7:6a:a4:36:25:00:b7:01:c6:
31:5b:30:d2:e2:1d:74:78:ce:92:fa:f8:39:30:1e:
c4:bb:db:85:43:e9:b3:89:78:62:2c:e3:6e:32:04:
33:24:65:f0:8b:74:6d:5e:76:e6:8f:0a:aa:30:47:
e1:69:93:fb:e3:8e:59:1f:a5:79:88:e9:8a:52:76:
b6:c4:bf:40:76:84:3e:20:59:24:55:b1:76:08:c8:
55:60:d7:a0:da:b9:66:d9:34:88:45:04:a2:cf:ad:
a9:da:f0:a5:e9:ea:df:ce:69:70:8b:02:d8:e1:49:
2f:04:d2:75:19:4e:83:69:9d:18:1a:1b:0f:e6:d0:
a3:b8:f6:9f:e7:53:76:ab:17:9d:9c:2f:89:25:18:
45:9b:71:cf:1a:84:11:b7:97:c5:59:0b:66:69:e6:
e0:37:9e:d7:54:f4:db:43:cd:ab:dc:d4:09:32:50:
57:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:86:D9:D3:09:CA:94:8C:A2:84:C7:94:B5:FA:9A:B3:AE:CA:3B:88
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4bZ0wnKlIyihMeUtfqas67KO4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.10.0/23
104.233.22.0/23
104.233.27.0-104.233.30.255
Signature Algorithm: sha256WithRSAEncryption
46:00:ac:1f:4b:9b:6a:69:28:18:c8:82:0b:ad:58:b1:fc:7b:
56:48:41:95:0c:78:48:dd:6c:bb:1a:22:33:8d:04:c1:5f:76:
c7:9f:ce:b1:f1:58:fe:c2:ef:30:5e:40:cf:5d:9a:59:88:1e:
14:b4:ce:b1:82:dd:f9:0a:2b:7a:1b:27:2b:bc:67:a1:70:d5:
68:22:a4:ae:38:0d:b4:4c:4a:12:1b:4d:e2:38:a8:75:f5:ab:
ce:99:80:3e:3d:5e:c1:8e:79:ab:53:fd:14:a3:34:b9:88:c6:
9c:ee:ac:8e:5c:5f:fd:d8:ab:0f:4f:13:44:9e:d6:e4:20:67:
39:23:c0:17:06:76:ed:c9:2c:54:e7:bf:46:23:bf:59:00:6b:
28:0a:8b:87:85:b8:5a:a8:e6:3e:85:0d:d5:9c:2d:5d:a6:b3:
5b:49:cc:f9:fd:08:8c:5a:1a:7e:27:e5:b2:e9:66:f8:36:a7:
e8:28:1e:29:77:ea:03:e3:88:ae:68:49:b9:a6:fc:cb:cd:5e:
31:4e:3c:c2:37:a7:13:e6:f5:85:3d:a9:14:f8:ee:70:2e:86:
9a:5b:49:e8:8c:a0:36:13:48:64:bc:91:04:8d:aa:51:4c:da:
8e:43:b7:54:31:4b:c7:69:16:23:f9:98:b8:4a:26:ba:89:fb:
e8:95:a2:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/SIdfgtZ1dRJUV7YjUaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg2ZDlkMzA5Y2E5NDhjYTI4NGM3OTRiNWZhOWFiM2FlY2EzYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA185+UqRKNOyUEkpubHajnklnbbXD
c8emR9pFa5Oqh9Ch5kqAhwKGg+KnV3aJrsTpMVmir56UJv6NmErpMFLYnW6A7t2w
p1M9C3VHoRPXV6XHaqQ2JQC3AcYxWzDS4h10eM6S+vg5MB7Eu9uFQ+mziXhiLONu
MgQzJGXwi3RtXnbmjwqqMEfhaZP7445ZH6V5iOmKUna2xL9AdoQ+IFkkVbF2CMhV
YNeg2rlm2TSIRQSiz62p2vCl6erfzmlwiwLY4UkvBNJ1GU6DaZ0YGhsP5tCjuPaf
51N2qxednC+JJRhFm3HPGoQRt5fFWQtmaebgN57XVPTbQ82r3NQJMlBX9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGuG2dMJypSMooTHlLX6mrOuyjuIMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYTRiWjB3bktsSXlpaE1lVXRmcWFzNjdLTzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBaOkKAwQB
aOkWMAwDBABo6RsDBABo6R4wDQYJKoZIhvcNAQELBQADggEBAEYArB9Lm2ppKBjI
ggutWLH8e1ZIQZUMeEjdbLsaIjONBMFfdsefzrHxWP7C7zBeQM9dmlmIHhS0zrGC
3fkKK3obJyu8Z6Fw1WgipK44DbRMShIbTeI4qHX1q86ZgD49XsGOeatT/RSjNLmI
xpzurI5cX/3Yqw9PE0Se1uQgZzkjwBcGdu3JLFTnv0Yjv1kAaygKi4eFuFqo5j6F
DdWcLV2ms1tJzPn9CIxaGn4n5bLpZvg2p+goHil36gPjiK5oSbmm/MvNXjFOPMI3
pxPm9YU9qRT47nAuhppbSeiMoDYTSGS8kQSNqlFM2o5Dt1QxS8dpFiP5mLhKJrqJ
++iVonU=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:33 2025 by rpki-client