Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0L2cXT0P06ikhCVT8kI7dchS4xM.roa
File: 0L2cXT0P06ikhCVT8kI7dchS4xM.roa (raw, json)
Hash identifier: hHkCwUsabCtgoVjM/fwEwUjOas1rOjQ5vQlqYV58+lo=
Subject key identifier: D0:BD:9C:5D:3D:0F:D3:A8:A4:84:25:53:F2:42:3B:75:C8:52:E3:13
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D7048FC09C03AB092BE44F5B2681EF
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0L2cXT0P06ikhCVT8kI7dchS4xM.roa
Signing time: Wed 01 Jan 2025 21:48:01 +0000
ROA not before: Wed 01 Jan 2025 21:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20860
IP address blocks: 107.181.136.0/24 maxlen: 24
162.220.244.0/24 maxlen: 24
162.220.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:04:8f:c0:9c:03:ab:09:2b:e4:4f:5b:26:81:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0bd9c5d3d0fd3a8a4842553f2423b75c852e313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:83:7d:77:1d:90:b4:16:1c:d2:77:54:06:c7:
2b:89:05:63:63:8f:2b:eb:bf:ff:51:5a:52:0a:8c:
19:f4:33:23:f3:1e:6a:12:c8:c9:27:f1:3c:4d:b3:
ec:28:0a:36:13:ea:30:f6:ec:94:0d:b5:b7:70:aa:
a3:34:38:77:99:cd:46:7d:a3:a9:c1:27:10:39:a1:
a0:56:5a:3a:84:a3:24:5c:e0:45:19:66:ff:99:ec:
2d:2d:6f:82:06:96:7f:51:35:f7:5b:3f:3c:e8:5b:
3e:25:07:f5:00:23:39:e8:8e:35:96:60:73:3b:86:
11:ca:46:4d:67:dd:49:f7:f3:99:0b:8f:7e:92:80:
dd:98:56:93:54:65:d3:4a:ef:e6:30:46:30:02:21:
79:76:27:ca:33:4f:78:71:f8:f8:f8:0a:e2:53:ef:
f3:50:eb:d0:46:57:4a:84:aa:02:b8:6b:59:c5:0c:
c7:ac:ea:5d:a7:b8:13:d8:c9:f1:65:c0:e5:18:51:
86:cd:ad:ad:dc:7b:78:5b:c4:24:af:a5:d3:e6:05:
d3:e4:99:86:93:c8:c7:ef:20:e4:31:97:e9:b3:10:
b7:a8:95:6f:12:b7:86:f5:09:cc:21:64:02:be:18:
d6:44:4f:80:8b:8e:72:6d:c2:7b:44:4d:53:5d:59:
bb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BD:9C:5D:3D:0F:D3:A8:A4:84:25:53:F2:42:3B:75:C8:52:E3:13
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0L2cXT0P06ikhCVT8kI7dchS4xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.136.0/24
162.220.244.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:1e:b2:81:be:a9:1c:25:af:0b:af:a1:ef:02:50:6e:01:66:
4d:9e:a3:3d:71:90:cc:50:07:f9:82:9a:f6:40:bf:c6:76:f2:
9a:6c:c9:1c:11:11:3d:05:b6:c9:77:03:3c:68:07:38:18:6e:
60:ba:2a:b4:59:c0:48:06:6e:83:8f:d4:b0:e4:b5:ef:a6:60:
88:17:c7:ec:57:6e:e9:c1:44:5a:f9:7a:aa:24:cf:27:05:58:
db:d6:2b:ab:e7:32:65:86:70:37:54:7b:ef:3c:cd:4f:ed:7f:
24:40:4f:22:0f:cc:46:5b:93:9f:66:47:6a:c7:19:60:ce:9b:
99:7b:67:7d:d2:4c:74:05:21:55:a0:31:cd:95:aa:64:58:c3:
2d:32:80:46:88:47:ed:49:8a:e6:90:a0:f6:fa:d0:73:ef:22:
69:bc:42:f8:36:10:0c:62:b1:c6:2d:de:08:bb:f7:da:87:db:
e0:2f:66:e5:cb:74:5d:38:53:dd:b3:85:fb:96:27:45:00:eb:
e7:66:2c:3f:f4:d8:b6:4e:56:64:8d:3f:a8:f7:bb:a3:78:50:
47:60:85:9d:69:7b:5e:3a:1c:9b:2e:f0:77:6c:00:60:b5:78:
e4:1b:ef:a1:cb:07:7e:01:fd:5f:8b:b2:f9:01:7c:e9:df:a0:
ae:a0:20:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1wSPwJwDqwkr5E9bJoHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJkOWM1ZDNkMGZkM2E4YTQ4NDI1NTNmMjQyM2I3NWM4NTJlMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7oN9dx2QtBYc0ndUBscriQVjY48r
67//UVpSCowZ9DMj8x5qEsjJJ/E8TbPsKAo2E+ow9uyUDbW3cKqjNDh3mc1GfaOp
wScQOaGgVlo6hKMkXOBFGWb/mewtLW+CBpZ/UTX3Wz886Fs+JQf1ACM56I41lmBz
O4YRykZNZ91J9/OZC49+koDdmFaTVGXTSu/mMEYwAiF5difKM094cfj4+AriU+/z
UOvQRldKhKoCuGtZxQzHrOpdp7gT2MnxZcDlGFGGza2t3Ht4W8Qkr6XT5gXT5JmG
k8jH7yDkMZfpsxC3qJVvEreG9QnMIWQCvhjWRE+Ai45ybcJ7RE1TXVm7hQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNC9nF09D9OopIQlU/JCO3XIUuMTMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvMEwyY1hUMFAwNmlraENWVDhrSTdkY2hTNHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAa7WIAwQB
otz0MA0GCSqGSIb3DQEBCwUAA4IBAQAPHrKBvqkcJa8Lr6HvAlBuAWZNnqM9cZDM
UAf5gpr2QL/GdvKabMkcERE9BbbJdwM8aAc4GG5guiq0WcBIBm6Dj9Sw5LXvpmCI
F8fsV27pwURa+XqqJM8nBVjb1iur5zJlhnA3VHvvPM1P7X8kQE8iD8xGW5OfZkdq
xxlgzpuZe2d90kx0BSFVoDHNlapkWMMtMoBGiEftSYrmkKD2+tBz7yJpvEL4NhAM
YrHGLd4Iu/fah9vgL2bly3RdOFPds4X7lidFAOvnZiw/9Ni2TlZkjT+o97ujeFBH
YIWdaXteOhybLvB3bABgtXjkG++hywd+Af1fi7L5AXzp36CuoCC4
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:50:20 2025 by rpki-client