Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4a-l7KeCd73NNS-hO2LE97xThI8.roa
File: 4a-l7KeCd73NNS-hO2LE97xThI8.roa (raw, json)
Hash identifier: rdmF2Q7n1d0bMyg+wxPnutQJogrFcOfjBIYFoXMZlCo=
Subject key identifier: E1:AF:A5:EC:A7:82:77:BD:CD:35:2F:A1:3B:62:C4:F7:BC:53:84:8F
Certificate issuer: /CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Certificate serial: 3887E78E
Authority key identifier: E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4a-l7KeCd73NNS-hO2LE97xThI8.roa
Signing time: Sun 19 Jun 2022 08:38:45 +0000
ROA not before: Sun 19 Jun 2022 08:38:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51420
IP address blocks: 109.164.64.0/19 maxlen: 24
109.164.96.0/24 maxlen: 24
109.164.96.0/23 maxlen: 23
2a03:3a06::/31 maxlen: 32
2a03:3a05::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948430734 (0x3887e78e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Validity
Not Before: Jun 19 08:38:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1afa5eca78277bdcd352fa13b62c4f7bc53848f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9a:31:91:a4:d2:0c:22:13:7f:c0:17:ea:d4:
0b:2b:ad:b7:6b:b5:6d:6f:c9:eb:4c:cc:7b:6b:54:
6e:1b:82:9a:27:7b:93:04:93:a4:5e:e2:68:af:fe:
a0:95:df:aa:77:54:e7:96:98:96:53:b0:05:e8:86:
d3:b9:60:a9:9f:0f:be:f6:02:fe:b4:4d:00:a3:2c:
73:83:84:fc:7f:04:07:d8:94:11:c1:45:5b:c2:d4:
42:fc:ca:ed:6e:c0:f8:01:5b:c0:56:13:d3:28:b5:
57:e2:39:cd:89:e3:87:77:e5:48:31:df:46:a1:45:
4b:ca:8c:40:01:98:02:1a:b9:67:eb:9d:31:59:ef:
6d:ae:fe:7c:50:52:a8:bb:92:a2:d4:b2:be:91:72:
60:d2:56:df:b1:0d:ca:a0:b2:75:da:08:fa:52:22:
bf:46:94:4f:59:77:22:2e:02:18:fa:39:6f:60:86:
07:19:dd:2f:3a:c5:94:88:dd:c7:8f:19:14:16:9d:
53:a3:b1:65:2d:df:25:bf:cc:b8:a7:2c:e7:ce:b7:
3d:ba:fb:00:9d:35:16:44:d0:4e:dd:6d:8e:9f:14:
ca:4b:6a:1a:c5:cd:c8:f2:9a:6f:36:42:66:d8:1e:
9b:53:ac:f6:00:0e:34:3f:90:b2:81:9b:a4:09:4d:
08:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AF:A5:EC:A7:82:77:BD:CD:35:2F:A1:3B:62:C4:F7:BC:53:84:8F
X509v3 Authority Key Identifier:
keyid:E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4a-l7KeCd73NNS-hO2LE97xThI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4LnGXclQU-Q34yyZrPO9xelcse4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.164.64.0-109.164.97.255
IPv6:
2a03:3a05::-2a03:3a07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:31:94:c2:07:ca:40:f9:77:c5:4d:d1:40:48:52:a8:d4:cd:
d2:0a:5f:16:6f:f0:bf:bf:35:6f:1e:02:19:ee:ae:ee:ac:6f:
9f:43:da:7c:5b:7c:6b:b2:f3:36:3c:3c:d6:44:7e:ff:3b:06:
78:0b:0b:88:d9:7c:92:89:cf:36:f7:35:b5:3e:24:0f:bf:dd:
9d:bc:87:97:47:e6:65:61:f0:62:f2:0d:a1:3e:3a:63:38:14:
3e:a9:2b:ca:72:00:ca:19:8a:e4:b3:16:24:c9:a4:cf:9b:ee:
af:90:3f:60:cf:c4:67:d2:0e:12:1f:20:e1:97:82:2a:fe:9a:
ff:f8:fc:6b:ed:73:c2:80:ed:dd:58:dd:b3:3d:b7:ed:a2:12:
a2:ec:95:5d:b1:37:6f:47:d8:85:a9:9c:26:a2:fd:27:c6:28:
44:79:22:90:01:2d:0d:ee:a0:a0:32:19:b8:58:a1:d6:c9:9a:
32:28:5d:60:69:ee:5a:cb:9b:c7:7a:60:c9:81:40:92:65:11:
88:d8:9d:e3:45:88:77:88:c3:1e:5c:cd:b9:f5:f1:b2:81:d6:
3e:ef:16:87:00:aa:26:65:c6:f5:ea:69:12:4e:d6:e9:b2:24:
e2:91:28:eb:cc:a3:c3:47:02:44:e6:b6:13:0f:cd:84:79:ad:
8b:0d:52:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEOIfnjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MGI5YzY1ZGM5NTA1M2U0MzdlMzJjOTlhY2YzYmRjNWU5NWNiMWVlMB4XDTIyMDYx
OTA4Mzg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFhZmE1ZWNhNzgy
NzdiZGNkMzUyZmExM2I2MmM0ZjdiYzUzODQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJaaMZGk0gwiE3/AF+rUCyutt2u1bW/J60zMe2tUbhuCmid7
kwSTpF7iaK/+oJXfqndU55aYllOwBeiG07lgqZ8PvvYC/rRNAKMsc4OE/H8EB9iU
EcFFW8LUQvzK7W7A+AFbwFYT0yi1V+I5zYnjh3flSDHfRqFFS8qMQAGYAhq5Z+ud
MVnvba7+fFBSqLuSotSyvpFyYNJW37ENyqCyddoI+lIiv0aUT1l3Ii4CGPo5b2CG
BxndLzrFlIjdx48ZFBadU6OxZS3fJb/MuKcs5863Pbr7AJ01FkTQTt1tjp8Uyktq
GsXNyPKabzZCZtgem1Os9gAOND+QsoGbpAlNCJkCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBThr6Xsp4J3vc01L6E7YsT3vFOEjzAfBgNVHSMEGDAWgBTgucZdyVBT5Dfj
LJms873F6Vyx7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRMbkdYY2xRVS1RMzR5eVpyUE85eGVsY3NlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvZDAxOWJiLTg3NjgtNDQ3OC1hMzlhLWI5NGY3NjU0YThjNy8x
LzRhLWw3S2VDZDczTk5TLWhPMkxFOTd4VGhJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ZDAxOWJiLTg3NjgtNDQ3OC1hMzlhLWI5NGY3NjU0YThjNy8xLzRMbkdYY2xRVS1R
MzR5eVpyUE85eGVsY3NlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wFAQCAAEwDjAMAwQGbaRAAwQBbaRgMBYEAgACMBAw
DgMFACoDOgUDBQMqAzoAMA0GCSqGSIb3DQEBCwUAA4IBAQBeMZTCB8pA+XfFTdFA
SFKo1M3SCl8Wb/C/vzVvHgIZ7q7urG+fQ9p8W3xrsvM2PDzWRH7/OwZ4CwuI2XyS
ic829zW1PiQPv92dvIeXR+ZlYfBi8g2hPjpjOBQ+qSvKcgDKGYrksxYkyaTPm+6v
kD9gz8Rn0g4SHyDhl4Iq/pr/+Pxr7XPCgO3dWN2zPbftohKi7JVdsTdvR9iFqZwm
ov0nxihEeSKQAS0N7qCgMhm4WKHWyZoyKF1gae5ay5vHemDJgUCSZRGI2J3jRYh3
iMMeXM259fGygdY+7xaHAKomZcb16mkSTtbpsiTikSjrzKPDRwJE5rYTD82Eea2L
DVLF
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:56:02 2025 by rpki-client