Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yjOw5zpX7c4ixOoQ9yfVmtuy9fQ.roa
File: yjOw5zpX7c4ixOoQ9yfVmtuy9fQ.roa (raw, json)
Hash identifier: sXuPuujrB5h7YFj7wSxFAKLYLbkMm7phgdXg7ElP6Wg=
Subject key identifier: CA:33:B0:E7:3A:57:ED:CE:22:C4:EA:10:F7:27:D5:9A:DB:B2:F5:F4
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD2E19DDCD3874C6E316CFC054FC13
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yjOw5zpX7c4ixOoQ9yfVmtuy9fQ.roa
Signing time: Thu 02 Jan 2025 07:48:56 +0000
ROA not before: Thu 02 Jan 2025 07:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213918
IP address blocks: 104.238.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:2e:19:dd:cd:38:74:c6:e3:16:cf:c0:54:fc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca33b0e73a57edce22c4ea10f727d59adbb2f5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:29:90:dd:37:ff:4e:de:58:54:10:b6:ca:f4:
41:03:95:3b:33:e8:bb:c5:35:d2:f5:8c:94:f5:7a:
cb:d1:fe:6c:37:3c:17:e6:d3:95:a7:00:22:77:a9:
a9:43:00:51:2b:c9:51:ee:2a:0e:ce:7b:23:2b:ec:
3d:b3:d9:e6:9d:3c:f3:34:92:74:3f:cb:b8:5c:55:
5f:26:ec:9b:71:dc:c1:49:f3:64:14:ea:fc:be:3d:
57:f4:aa:a9:c5:10:9e:1b:fa:89:5e:15:4e:c9:c6:
fc:1d:ec:4e:c4:f3:31:6e:78:90:19:c1:e3:21:cc:
31:43:b5:c1:04:9f:60:f7:d7:29:df:90:b5:a2:3b:
55:5f:b2:6e:b2:6a:8b:db:af:5d:c1:d3:45:57:b9:
1e:25:b9:45:02:ea:b5:3a:9b:05:40:73:b9:12:51:
31:c7:b8:57:b8:ad:16:c9:04:d4:f1:76:d5:63:54:
7b:15:87:52:5b:5a:92:ad:96:5f:a0:4b:fe:f2:09:
07:32:7e:c7:6d:12:76:81:31:31:b7:44:c9:5a:44:
0b:d0:b4:10:e9:b6:de:a2:c3:48:5a:2e:3a:66:0c:
73:5f:16:34:43:1a:ff:02:03:ff:a5:b0:3f:8f:c2:
a0:99:6e:9d:5e:a2:6b:6c:1d:40:84:85:f6:97:a7:
a7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:B0:E7:3A:57:ED:CE:22:C4:EA:10:F7:27:D5:9A:DB:B2:F5:F4
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/yjOw5zpX7c4ixOoQ9yfVmtuy9fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.31.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4f:f3:ab:cc:cd:7d:ba:c1:84:21:37:9f:2e:f2:32:70:98:
f6:ed:96:9d:e8:7a:d5:d4:1b:73:85:65:66:a7:c2:35:09:41:
29:1f:51:5f:13:90:2c:c8:70:d3:ab:31:9e:f3:3e:9e:6e:c4:
7b:37:1a:e9:64:09:82:49:08:f1:b7:5f:d9:c6:1d:67:8e:b7:
29:72:9e:26:9e:72:1c:80:c2:64:15:bb:0d:57:3a:bf:93:3d:
2c:a9:15:8c:96:f2:b4:9a:b6:3a:42:28:6c:bb:8d:d7:23:ff:
6d:fb:49:59:51:e7:52:bb:a6:e5:bf:ba:17:ef:3e:d8:83:e6:
30:a6:0d:88:7f:c2:2a:ae:d8:4d:e9:47:c3:d8:18:ed:4f:af:
91:6e:9e:7b:87:a2:88:10:24:23:4e:2b:23:85:98:85:b6:c1:
20:b3:1f:26:a2:43:06:08:6f:9c:dc:43:28:bb:a0:9a:f4:06:
e3:dc:20:db:ad:a9:cb:4c:b1:77:25:ee:6c:24:06:0a:74:44:
fd:5c:e6:b4:19:6b:10:bf:5a:86:6f:a2:b4:69:de:53:1e:94:
3f:2f:63:7e:fb:f8:59:62:ab:ae:64:c6:55:92:a2:b3:28:f2:
3c:bf:fd:09:da:f8:58:bc:52:bf:2f:f4:3c:6f:ce:cc:f8:c5:
24:a9:5c:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/S4Z3c04dMbjFs/AVPwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMzYjBlNzNhNTdlZGNlMjJjNGVhMTBmNzI3ZDU5YWRiYjJmNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSmQ3Tf/Tt5YVBC2yvRBA5U7M+i7
xTXS9YyU9XrL0f5sNzwX5tOVpwAid6mpQwBRK8lR7ioOznsjK+w9s9nmnTzzNJJ0
P8u4XFVfJuybcdzBSfNkFOr8vj1X9KqpxRCeG/qJXhVOycb8HexOxPMxbniQGcHj
IcwxQ7XBBJ9g99cp35C1ojtVX7JusmqL269dwdNFV7keJblFAuq1OpsFQHO5ElEx
x7hXuK0WyQTU8XbVY1R7FYdSW1qSrZZfoEv+8gkHMn7HbRJ2gTExt0TJWkQL0LQQ
6bbeosNIWi46ZgxzXxY0Qxr/AgP/pbA/j8KgmW6dXqJrbB1AhIX2l6enRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMozsOc6V+3OIsTqEPcn1ZrbsvX0MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveWpPdzV6cFg3YzRpeE9vUTl5ZlZtdHV5OWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaO4fMA0G
CSqGSIb3DQEBCwUAA4IBAQAIT/OrzM19usGEITefLvIycJj27Zad6HrV1BtzhWVm
p8I1CUEpH1FfE5AsyHDTqzGe8z6ebsR7NxrpZAmCSQjxt1/Zxh1njrcpcp4mnnIc
gMJkFbsNVzq/kz0sqRWMlvK0mrY6Qihsu43XI/9t+0lZUedSu6blv7oX7z7Yg+Yw
pg2If8IqrthN6UfD2BjtT6+Rbp57h6KIECQjTisjhZiFtsEgsx8mokMGCG+c3EMo
u6Ca9Abj3CDbranLTLF3Je5sJAYKdET9XOa0GWsQv1qGb6K0ad5THpQ/L2N++/hZ
YquuZMZVkqKzKPI8v/0J2vhYvFK/L/Q8b87M+MUkqVz5
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:28:59 2025 by rpki-client