Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uF4YNJsU3xRn5CWRgdMY3ssOP8Y.roa
File: uF4YNJsU3xRn5CWRgdMY3ssOP8Y.roa (raw, json)
Hash identifier: XsztkUEqbhC6uorOZt6E6+xl15oRNXauhHgIURyOdaY=
Subject key identifier: B8:5E:18:34:9B:14:DF:14:67:E4:25:91:81:D3:18:DE:CB:0E:3F:C6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD153DE8BB7700A39F0E89F33B6D17
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uF4YNJsU3xRn5CWRgdMY3ssOP8Y.roa
Signing time: Thu 02 Jan 2025 07:48:50 +0000
ROA not before: Thu 02 Jan 2025 07:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 104.243.199.0/24 maxlen: 24
104.243.200.0/24 maxlen: 24
104.243.201.0/24 maxlen: 24
104.243.202.0/24 maxlen: 24
104.243.204.0/24 maxlen: 24
216.173.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:15:3d:e8:bb:77:00:a3:9f:0e:89:f3:3b:6d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b85e18349b14df1467e4259181d318decb0e3fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:23:2e:fe:ab:02:a0:5e:be:2c:e7:41:7b:ac:
9e:37:e1:81:f4:32:94:12:86:14:db:6d:00:f7:3c:
bf:2d:de:71:e7:35:b6:da:6b:f6:0b:cc:19:57:36:
2a:8c:ef:e7:ea:dd:76:59:27:95:16:2e:78:a2:b2:
96:2a:99:43:53:86:3c:2d:f2:b9:f7:76:8a:fb:aa:
f3:80:c9:c6:a8:e1:b0:17:8d:b2:f0:9b:76:07:0a:
1f:eb:93:48:31:36:f6:1a:93:47:15:b2:8d:a0:c6:
96:86:bd:d4:74:71:13:9e:ef:46:ab:bb:55:52:0d:
d5:a2:12:03:8d:37:d3:7f:e6:ab:27:7e:0e:28:24:
c3:1f:54:76:2b:df:5e:f4:81:ab:38:0f:c4:0d:e2:
a6:42:e4:ee:92:59:49:9e:ee:d5:0a:73:99:ba:37:
5e:f3:64:63:61:3c:79:16:d1:c1:42:e3:79:69:aa:
7c:d5:82:03:db:ee:9d:78:aa:f9:72:ec:e8:d7:a4:
65:e2:40:d0:31:51:9e:75:e9:bc:9c:43:86:a6:ce:
62:4c:04:40:b6:7f:36:d3:0f:a1:a9:ea:38:be:51:
f0:8a:86:3f:a0:55:b1:57:f1:16:08:e8:40:5d:a1:
95:18:dd:50:f0:08:81:66:38:bf:07:ae:83:b1:ab:
61:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5E:18:34:9B:14:DF:14:67:E4:25:91:81:D3:18:DE:CB:0E:3F:C6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uF4YNJsU3xRn5CWRgdMY3ssOP8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.243.199.0-104.243.202.255
104.243.204.0/24
216.173.87.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7a:04:71:cf:7c:13:d4:43:ff:c9:dd:85:59:b5:7e:23:7e:
a9:6f:02:53:41:73:0c:b3:78:09:af:1c:2e:6d:9e:c4:d8:f9:
6d:1d:17:9b:a6:52:84:ed:a9:1f:78:b9:02:2b:0d:d7:02:b7:
1e:87:df:51:4b:7f:3f:b8:68:ac:25:60:be:6e:b6:41:ef:c7:
f4:9f:ee:04:f8:41:e0:22:83:c2:9b:15:ee:a5:0b:4c:cf:6f:
e7:fa:bd:55:da:a5:6f:e0:29:11:81:6b:7b:c0:7d:4a:e7:cc:
63:8c:78:07:d0:a1:8b:a9:2b:5e:da:72:48:1c:b3:6b:22:81:
cb:96:39:33:f8:ed:23:17:22:f6:a2:40:ca:b4:ff:3f:d9:4f:
92:7c:17:44:e7:28:6a:9f:2e:4a:29:db:f7:4a:b6:58:9b:62:
b2:25:27:12:76:27:0b:07:b3:7c:75:34:d8:2d:1f:76:0d:b9:
54:58:2b:e9:d5:ec:6f:b5:b0:17:b7:34:1b:13:31:b5:20:9b:
d8:f6:9e:35:b2:35:a8:80:71:fe:7d:37:13:ec:e7:9c:c3:3a:
c4:56:6c:3b:9e:89:99:b1:be:e6:24:f6:ad:ac:9c:65:44:e0:
3d:bd:38:24:d7:d9:2a:cc:bd:26:f2:fc:ff:dd:42:4f:fd:fc:
8a:d3:33:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/RU96Lt3AKOfDonzO20XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVlMTgzNDliMTRkZjE0NjdlNDI1OTE4MWQzMThkZWNiMGUzZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiMu/qsCoF6+LOdBe6yeN+GB9DKU
EoYU220A9zy/Ld5x5zW22mv2C8wZVzYqjO/n6t12WSeVFi54orKWKplDU4Y8LfK5
93aK+6rzgMnGqOGwF42y8Jt2Bwof65NIMTb2GpNHFbKNoMaWhr3UdHETnu9Gq7tV
Ug3VohIDjTfTf+arJ34OKCTDH1R2K99e9IGrOA/EDeKmQuTukllJnu7VCnOZujde
82RjYTx5FtHBQuN5aap81YID2+6deKr5cuzo16Rl4kDQMVGedem8nEOGps5iTARA
tn820w+hqeo4vlHwioY/oFWxV/EWCOhAXaGVGN1Q8AiBZji/B66DsathJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLheGDSbFN8UZ+QlkYHTGN7LDj/GMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdUY0WU5Kc1UzeFJuNUNXUmdkTVkzc3NPUDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABo88cD
BABo88oDBABo88wDBADYrVcwDQYJKoZIhvcNAQELBQADggEBAIp6BHHPfBPUQ//J
3YVZtX4jfqlvAlNBcwyzeAmvHC5tnsTY+W0dF5umUoTtqR94uQIrDdcCtx6H31FL
fz+4aKwlYL5utkHvx/Sf7gT4QeAig8KbFe6lC0zPb+f6vVXapW/gKRGBa3vAfUrn
zGOMeAfQoYupK17ackgcs2sigcuWOTP47SMXIvaiQMq0/z/ZT5J8F0TnKGqfLkop
2/dKtlibYrIlJxJ2JwsHs3x1NNgtH3YNuVRYK+nV7G+1sBe3NBsTMbUgm9j2njWy
NaiAcf59NxPs55zDOsRWbDueiZmxvuYk9q2snGVE4D29OCTX2SrMvSby/P/dQk/9
/IrTM3w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:12:22 2025 by rpki-client