Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/8amVsBf6Rhthq0LOH2jtd5Ak8NU.roa
File: 8amVsBf6Rhthq0LOH2jtd5Ak8NU.roa (raw, json)
Hash identifier: NGEhW7LRVeaw2TBQxBIHZrUliwZIiLzCW8GJp3R15DI=
Subject key identifier: F1:A9:95:B0:17:FA:46:1B:61:AB:42:CE:1F:68:ED:77:90:24:F0:D5
Certificate issuer: /CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Certificate serial: 3F66B0
Authority key identifier: CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/8amVsBf6Rhthq0LOH2jtd5Ak8NU.roa
Signing time: Sat 01 Jan 2022 01:00:50 +0000
ROA not before: Sat 01 Jan 2022 01:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210920
IP address blocks: 74.220.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4155056 (0x3f66b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Validity
Not Before: Jan 1 01:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1a995b017fa461b61ab42ce1f68ed779024f0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:92:94:35:43:d6:1f:5f:eb:02:c2:2d:f8:
80:33:b1:eb:c6:58:04:45:a3:0c:18:d0:7d:f7:b1:
0b:51:5a:86:a9:97:b0:dd:13:71:e9:1e:da:1a:eb:
2e:b7:5d:a9:b1:a1:26:53:f3:88:c0:6e:22:46:a4:
05:14:7e:d2:2a:3b:5a:09:02:67:61:0a:3f:8c:fa:
98:f7:f1:35:88:7a:a7:77:96:b6:96:16:69:41:d7:
a8:44:af:21:65:df:4d:0d:59:ad:8a:68:72:54:41:
0f:7b:ca:ab:c0:c5:ac:f9:3e:8a:76:0f:c2:a2:d7:
31:75:b4:4f:5f:9b:02:d2:34:6d:6d:61:b1:3c:69:
30:d8:2a:c3:3b:af:44:c1:c3:75:7a:db:2d:ef:73:
38:8c:da:18:26:81:f5:80:c8:45:2b:15:ac:be:24:
17:22:2f:92:be:f5:13:65:60:77:41:25:3d:57:59:
d8:23:b2:cf:f0:7f:61:72:34:96:a2:a9:f4:15:cc:
de:54:4f:9f:5e:b7:72:ce:6c:0d:32:36:64:94:1f:
18:18:7f:2b:d1:2a:68:25:d0:e1:79:dd:d1:31:b3:
8a:5e:ad:35:3c:c7:12:45:71:86:bf:7d:73:69:cc:
dc:0b:a5:22:3c:03:5a:96:e8:8a:50:41:e2:05:c7:
cc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A9:95:B0:17:FA:46:1B:61:AB:42:CE:1F:68:ED:77:90:24:F0:D5
X509v3 Authority Key Identifier:
keyid:CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/8amVsBf6Rhthq0LOH2jtd5Ak8NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/yvJIiCS3FKHzDCyAn722hXVlK0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.220.24.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:08:b5:45:f2:10:96:50:99:f2:9e:09:9c:0e:ef:65:63:2f:
43:30:7f:c3:3f:9c:ef:2d:ea:3b:c2:b0:2c:6f:dc:68:5a:b5:
93:2c:01:29:71:93:ad:c0:82:80:48:5c:8a:22:ef:f4:0f:7b:
70:84:70:26:25:40:63:1e:89:18:cc:c3:1c:cd:c7:e6:c3:bf:
7f:db:13:cb:1c:03:9d:05:b4:28:2c:8d:88:b3:ce:d0:b0:45:
f3:56:7d:10:9c:6f:fb:18:e1:7a:a3:4c:b1:ab:1d:a9:49:f1:
2b:91:63:5f:d6:cf:0f:b2:4c:e9:d7:b0:c0:dd:92:0a:1d:39:
6c:dc:9c:7b:39:82:a9:09:63:78:24:64:a9:36:34:49:7d:5e:
cf:a3:f8:3f:aa:1b:ae:11:01:10:e6:2c:f3:5b:cb:d9:90:ff:
5f:40:9f:39:0d:89:fa:71:48:ee:bf:62:ad:87:5d:fd:bf:cc:
7a:a5:20:c6:06:c8:b6:b9:47:9f:86:b5:4f:5c:e8:f4:e2:8c:
ac:63:c6:9a:0e:03:95:50:91:74:1e:bf:03:1b:68:8a:1a:c0:
49:3f:f8:72:89:38:22:f0:c6:64:73:93:65:e4:ec:64:a5:59:
eb:b1:26:0b:bc:7f:ad:d2:f1:55:b5:03:64:5a:8f:0e:d5:0b:
44:79:3c:6e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDP2awMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
ZjI0ODg4MjRiNzE0YTFmMzBjMmM4MDlmYmRiNjg1NzU2NTJiNGEwHhcNMjIwMTAx
MDEwMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMWE5OTViMDE3ZmE0
NjFiNjFhYjQyY2UxZjY4ZWQ3NzkwMjRmMGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoDqSlDVD1h9f6wLCLfiAM7HrxlgERaMMGNB997ELUVqGqZew
3RNx6R7aGusut12psaEmU/OIwG4iRqQFFH7SKjtaCQJnYQo/jPqY9/E1iHqnd5a2
lhZpQdeoRK8hZd9NDVmtimhyVEEPe8qrwMWs+T6Kdg/CotcxdbRPX5sC0jRtbWGx
PGkw2CrDO69EwcN1etst73M4jNoYJoH1gMhFKxWsviQXIi+SvvUTZWB3QSU9V1nY
I7LP8H9hcjSWoqn0FczeVE+fXrdyzmwNMjZklB8YGH8r0SpoJdDhed3RMbOKXq01
PMcSRXGGv31zaczcC6UiPANaluiKUEHiBcfMzQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFPGplbAX+kYbYatCzh9o7XeQJPDVMB8GA1UdIwQYMBaAFMrySIgktxSh8wws
gJ+9toV1ZStKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGItZDIzN2E5ZTZhYjE0LzEv
OGFtVnNCZjZSaHRocTBMT0gyanRkNUFrOE5VLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83
YTkzNmMtZDZlMi00Y2MxLTllNGItZDIzN2E5ZTZhYjE0LzEveXZKSWlDUzNGS0h6
REN5QW43MjJoWFZsSzBvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDStwYMA0GCSqGSIb3DQEBCwUAA4IB
AQAvCLVF8hCWUJnyngmcDu9lYy9DMH/DP5zvLeo7wrAsb9xoWrWTLAEpcZOtwIKA
SFyKIu/0D3twhHAmJUBjHokYzMMczcfmw79/2xPLHAOdBbQoLI2Is87QsEXzVn0Q
nG/7GOF6o0yxqx2pSfErkWNf1s8Pskzp17DA3ZIKHTls3Jx7OYKpCWN4JGSpNjRJ
fV7Po/g/qhuuEQEQ5izzW8vZkP9fQJ85DYn6cUjuv2Kth139v8x6pSDGBsi2uUef
hrVPXOj04oysY8aaDgOVUJF0Hr8DG2iKGsBJP/hyiTgi8MZkc5Nl5OxkpVnrsSYL
vH+t0vFVtQNkWo8O1QtEeTxu
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:10:40 2025 by rpki-client