Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ao5kHB6uQR7dTkWrMfH1pOh3vT8.roa
File: ao5kHB6uQR7dTkWrMfH1pOh3vT8.roa (raw, json)
Hash identifier: K6xsq9gjDkswE1JX6e2BmIRfZg9kSk6bV3B5UrlUmoE=
Subject key identifier: 6A:8E:64:1C:1E:AE:41:1E:DD:4E:45:AB:31:F1:F5:A4:E8:77:BD:3F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C5BCD30099F144EEB04671C6FF17
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ao5kHB6uQR7dTkWrMfH1pOh3vT8.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45671
IP address blocks: 170.62.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c5:bc:d3:00:99:f1:44:ee:b0:46:71:c6:ff:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a8e641c1eae411edd4e45ab31f1f5a4e877bd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e7:72:4d:a6:3a:c2:69:cb:3b:41:d0:99:fe:
37:0d:36:f7:06:f9:66:39:3d:4a:7b:0f:00:0d:37:
6e:02:aa:2e:51:56:76:f8:f9:ea:73:cd:05:bd:29:
f3:62:96:cd:fa:4a:83:83:c6:61:40:ef:5f:37:dd:
c7:3f:96:28:4c:7a:f7:76:8f:d9:be:89:a7:9e:48:
c3:ac:48:32:55:c7:cf:4e:be:f3:0a:1d:1d:87:64:
d8:18:72:27:a6:20:41:50:b3:8b:f7:d6:34:77:39:
c4:17:28:a0:c9:e3:27:cd:8a:65:22:6b:4a:62:d1:
b3:69:4d:c4:21:9d:a4:e6:5b:0a:91:d2:0f:06:dc:
fc:5c:f7:ce:93:3c:d8:ed:ab:3d:e2:da:fb:ad:31:
ee:76:0b:43:a1:9c:5b:3a:ad:61:b3:b4:40:94:87:
cc:84:91:2a:d9:94:8c:72:ff:ad:42:24:02:1f:d8:
33:d4:2b:ed:06:28:0d:c7:ad:6e:79:25:68:8f:77:
b3:e5:bf:c4:47:26:f1:03:b1:d4:66:0d:2f:9e:1b:
20:6e:ee:1c:0d:bd:88:38:09:2f:43:2c:75:9b:16:
23:d3:17:d9:c2:9c:59:17:c7:b4:b2:7a:ef:04:bd:
a4:d6:b4:14:7f:d9:60:41:f6:0b:ae:ce:2b:65:8b:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8E:64:1C:1E:AE:41:1E:DD:4E:45:AB:31:F1:F5:A4:E8:77:BD:3F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ao5kHB6uQR7dTkWrMfH1pOh3vT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.62.88.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:04:93:b0:36:21:5d:bb:07:8d:e9:5c:8e:f6:84:cf:f5:5b:
f9:20:68:a2:9c:20:38:92:ba:18:72:6c:ca:c1:a4:39:6a:f8:
9f:3d:61:02:6a:33:66:fe:18:f1:b7:98:df:44:13:c7:f6:0f:
6d:70:bf:ec:65:f5:c7:9b:da:fe:be:e6:03:70:11:f0:d9:00:
8b:c9:5e:18:7f:38:2b:8d:01:89:34:02:29:49:e2:c6:f2:24:
b3:38:59:b7:9e:2f:99:ee:26:08:17:f5:c0:b4:c8:ff:ef:46:
67:d4:b8:f2:74:84:0c:dc:78:c7:66:e1:11:70:4d:2e:d6:46:
97:f9:83:aa:5a:bd:49:32:29:40:16:ef:05:eb:9c:87:04:42:
fa:34:0f:c2:32:de:6e:92:5b:c4:d6:eb:7e:b6:94:57:8f:83:
d4:5b:95:9f:7f:7a:c8:97:b8:6f:ed:78:b0:07:37:b3:df:37:
17:42:bd:7b:5b:e6:21:0e:a8:83:bb:45:f0:ea:42:24:dd:53:
a7:e8:2f:5f:23:f4:2a:92:df:b0:ef:c6:03:b8:2a:73:c2:29:
33:d4:6e:4e:da:a8:1e:99:e7:87:da:1f:b8:9d:2d:5d:f3:43:
32:6f:1f:c2:91:53:b6:7a:aa:31:7f:ac:60:f6:7d:84:f7:54:
64:fa:09:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjacW80wCZ8UTusEZxxv8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThlNjQxYzFlYWU0MTFlZGQ0ZTQ1YWIzMWYxZjVhNGU4NzdiZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+dyTaY6wmnLO0HQmf43DTb3Bvlm
OT1Kew8ADTduAqouUVZ2+Pnqc80FvSnzYpbN+kqDg8ZhQO9fN93HP5YoTHr3do/Z
vomnnkjDrEgyVcfPTr7zCh0dh2TYGHInpiBBULOL99Y0dznEFyigyeMnzYplImtK
YtGzaU3EIZ2k5lsKkdIPBtz8XPfOkzzY7as94tr7rTHudgtDoZxbOq1hs7RAlIfM
hJEq2ZSMcv+tQiQCH9gz1CvtBigNx61ueSVoj3ez5b/ERybxA7HUZg0vnhsgbu4c
Db2IOAkvQyx1mxYj0xfZwpxZF8e0snrvBL2k1rQUf9lgQfYLrs4rZYvOZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqOZBwerkEe3U5FqzHx9aTod70/MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvYW81a0hCNnVRUjdkVGtXck1mSDFwT2gzdlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqj5YMA0G
CSqGSIb3DQEBCwUAA4IBAQDXBJOwNiFduweN6VyO9oTP9Vv5IGiinCA4kroYcmzK
waQ5avifPWECajNm/hjxt5jfRBPH9g9tcL/sZfXHm9r+vuYDcBHw2QCLyV4Yfzgr
jQGJNAIpSeLG8iSzOFm3ni+Z7iYIF/XAtMj/70Zn1LjydIQM3HjHZuERcE0u1kaX
+YOqWr1JMilAFu8F65yHBEL6NA/CMt5uklvE1ut+tpRXj4PUW5Wff3rIl7hv7Xiw
Bzez3zcXQr17W+YhDqiDu0Xw6kIk3VOn6C9fI/Qqkt+w78YDuCpzwikz1G5O2qge
meeH2h+4nS1d80Mybx/CkVO2eqoxf6xg9n2E91Rk+glr
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:59 2025 by rpki-client