Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a3f06e-ac6c-4b66-a96c-29b97b990555/1/33gnBpH0C9HBydNwmORPQljFqOs.roa
File: 33gnBpH0C9HBydNwmORPQljFqOs.roa (raw, json)
Hash identifier: hIM4M5xZf5eTHBdYMjfQeT35s9vSAe+7pUOsTdNdrnc=
Subject key identifier: DF:78:27:06:91:F4:0B:D1:C1:C9:D3:70:98:E4:4F:42:58:C5:A8:EB
Certificate issuer: /CN=2a8d3d3bdb06f00e6bb445f4db2d97f9b7c4beba
Certificate serial: 018FE50567ACB05AA304E50112AD347EEFD0
Authority key identifier: 2A:8D:3D:3B:DB:06:F0:0E:6B:B4:45:F4:DB:2D:97:F9:B7:C4:BE:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ko09O9sG8A5rtEX02y2X-bfEvro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/a3f06e-ac6c-4b66-a96c-29b97b990555/1/33gnBpH0C9HBydNwmORPQljFqOs.roa
Signing time: Tue 04 Jun 2024 20:51:27 +0000
ROA not before: Tue 04 Jun 2024 20:51:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215248
IP address blocks: 104.167.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e5:05:67:ac:b0:5a:a3:04:e5:01:12:ad:34:7e:ef:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a8d3d3bdb06f00e6bb445f4db2d97f9b7c4beba
Validity
Not Before: Jun 4 20:51:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df78270691f40bd1c1c9d37098e44f4258c5a8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:53:11:31:c5:c2:5a:8b:0d:ff:04:51:f4:da:
dc:02:2d:7b:f1:3a:30:68:6d:6d:d0:6b:6b:83:31:
ac:d7:ac:4f:4f:91:0e:a0:cd:18:e9:f9:03:12:e3:
08:f6:7c:25:20:0d:02:b8:00:0d:09:c8:cf:5f:5d:
11:52:ef:3e:aa:a4:d3:c4:11:d6:6c:ed:7a:c5:53:
94:bd:7b:80:e1:e1:1f:51:a9:9a:c9:44:42:8d:f8:
55:76:c0:40:b6:ab:c6:72:66:6e:ef:c1:ea:d0:a4:
12:f7:fb:02:42:d3:69:0c:81:64:cb:b4:98:6b:0d:
82:aa:39:38:9b:0f:a5:44:65:60:a0:f1:9a:ae:2f:
f0:ef:e8:c1:ad:7f:f7:0d:d5:72:15:a4:9d:d6:6f:
97:51:6e:d2:64:e4:b8:b3:ce:e0:34:72:1a:f5:6e:
25:d7:3a:6b:d6:e4:f4:75:5e:a5:4c:95:fb:84:17:
8a:f4:fd:ce:18:c7:8c:b4:cb:92:59:73:d9:3d:ff:
63:4f:e4:7b:01:23:f8:3d:1b:5b:b3:1c:1c:81:f1:
c3:dd:0d:93:b1:6a:f2:b3:81:a6:98:10:b7:cc:51:
fc:21:c9:07:20:f8:f1:40:72:49:dc:5a:9c:f5:de:
c3:a1:4c:02:4c:43:9e:30:82:ec:4b:49:8e:16:8e:
63:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:78:27:06:91:F4:0B:D1:C1:C9:D3:70:98:E4:4F:42:58:C5:A8:EB
X509v3 Authority Key Identifier:
keyid:2A:8D:3D:3B:DB:06:F0:0E:6B:B4:45:F4:DB:2D:97:F9:B7:C4:BE:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ko09O9sG8A5rtEX02y2X-bfEvro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a3f06e-ac6c-4b66-a96c-29b97b990555/1/33gnBpH0C9HBydNwmORPQljFqOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a3f06e-ac6c-4b66-a96c-29b97b990555/1/Ko09O9sG8A5rtEX02y2X-bfEvro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.19.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:63:21:1a:d2:64:76:e2:ec:9e:e5:0e:f9:66:f7:1d:85:75:
b5:8d:a6:3d:14:6b:87:10:2c:30:99:0d:20:72:ab:d9:de:1a:
56:d8:d6:14:a7:f9:1a:df:32:d4:e9:49:a3:ea:52:a1:84:66:
be:a6:06:4e:a0:d9:b6:46:c1:d6:88:69:79:40:2e:8b:84:a7:
ad:41:70:1c:ea:4a:be:c7:b4:66:18:35:fe:b3:3e:66:1e:d1:
16:14:01:49:2c:16:17:bc:c2:11:5e:6b:af:35:2d:42:cd:83:
d7:85:d5:7e:f2:42:0c:96:b3:20:00:88:10:ce:bc:2e:48:87:
2b:73:70:dc:dc:27:7b:97:43:bf:ca:3f:4c:2b:0c:fe:ec:d2:
00:78:e5:31:fc:3e:6f:29:45:7f:da:f2:e8:a5:5e:37:c9:65:
46:62:2a:9e:e1:42:ce:2b:ad:e4:ef:7e:ec:3e:79:3b:80:97:
36:cc:01:a8:0d:09:98:f3:fc:c0:44:55:aa:ba:40:9b:ce:35:
aa:9e:34:df:05:cb:da:d7:c5:0e:c1:26:29:18:4b:bd:f1:5c:
3f:44:c3:69:cf:00:9b:99:01:c5:4f:30:97:74:0c:35:48:4e:
89:37:c3:b2:39:48:89:c0:fa:18:ae:e4:8b:23:83:f2:ce:f8:
01:69:44:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/lBWessFqjBOUBEq00fu/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOGQzZDNiZGIwNmYwMGU2YmI0NDVmNGRiMmQ5N2Y5Yjdj
NGJlYmEwHhcNMjQwNjA0MjA1MTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc4MjcwNjkxZjQwYmQxYzFjOWQzNzA5OGU0NGY0MjU4YzVhOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lMRMcXCWosN/wRR9NrcAi178Tow
aG1t0GtrgzGs16xPT5EOoM0Y6fkDEuMI9nwlIA0CuAANCcjPX10RUu8+qqTTxBHW
bO16xVOUvXuA4eEfUamayURCjfhVdsBAtqvGcmZu78Hq0KQS9/sCQtNpDIFky7SY
aw2Cqjk4mw+lRGVgoPGari/w7+jBrX/3DdVyFaSd1m+XUW7SZOS4s87gNHIa9W4l
1zpr1uT0dV6lTJX7hBeK9P3OGMeMtMuSWXPZPf9jT+R7ASP4PRtbsxwcgfHD3Q2T
sWrys4GmmBC3zFH8IckHIPjxQHJJ3Fqc9d7DoUwCTEOeMILsS0mOFo5jyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN94JwaR9AvRwcnTcJjkT0JYxajrMB8GA1UdIwQY
MBaAFCqNPTvbBvAOa7RF9Nstl/m3xL66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS28wOU85c0c4QTVydEVYMDJ5MlgtYmZFdnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hM2YwNmUtYWM2Yy00YjY2LWE5NmMt
MjliOTdiOTkwNTU1LzEvMzNnbkJwSDBDOUhCeWROd21PUlBRbGpGcU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hM2YwNmUtYWM2Yy00YjY2LWE5NmMtMjliOTdiOTkwNTU1
LzEvS28wOU85c0c4QTVydEVYMDJ5MlgtYmZFdnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaKcTMA0G
CSqGSIb3DQEBCwUAA4IBAQA+YyEa0mR24uye5Q75ZvcdhXW1jaY9FGuHECwwmQ0g
cqvZ3hpW2NYUp/ka3zLU6Umj6lKhhGa+pgZOoNm2RsHWiGl5QC6LhKetQXAc6kq+
x7RmGDX+sz5mHtEWFAFJLBYXvMIRXmuvNS1CzYPXhdV+8kIMlrMgAIgQzrwuSIcr
c3Dc3Cd7l0O/yj9MKwz+7NIAeOUx/D5vKUV/2vLopV43yWVGYiqe4ULOK63k737s
Pnk7gJc2zAGoDQmY8/zARFWqukCbzjWqnjTfBcva18UOwSYpGEu98Vw/RMNpzwCb
mQHFTzCXdAw1SE6JN8OyOUiJwPoYruSLI4PyzvgBaUTy
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:33:33 2025 by rpki-client