Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/71iuHhnjyMau6dRuVZxIZ-aHD6o.roa
File: 71iuHhnjyMau6dRuVZxIZ-aHD6o.roa (raw, json)
Hash identifier: 6pikJCy9Nh7pkhX7m11NEA9DArPLhaL64o6XpR/q7jo=
Subject key identifier: EF:58:AE:1E:19:E3:C8:C6:AE:E9:D4:6E:55:9C:48:67:E6:87:0F:AA
Certificate issuer: /CN=7ddf809131ee56531939d05f607271bdf01d19b5
Certificate serial: 019424B3B37FD34A9F94BD4B438586650542
Authority key identifier: 7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/71iuHhnjyMau6dRuVZxIZ-aHD6o.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35360
IP address blocks: 45.66.4.0/22 maxlen: 24
2a09:5fc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b3:7f:d3:4a:9f:94:bd:4b:43:85:86:65:05:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddf809131ee56531939d05f607271bdf01d19b5
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef58ae1e19e3c8c6aee9d46e559c4867e6870faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:d0:b6:21:95:90:35:05:5b:45:cf:c7:0a:
ee:5f:5d:df:3e:85:c0:c3:d1:ab:56:dc:05:95:5d:
96:49:e2:17:ee:92:8e:89:b1:3b:98:e3:ad:97:df:
a5:6f:fd:0e:fe:a5:f2:f8:05:0c:20:ed:7b:54:1e:
a6:d0:8d:91:56:b5:7f:6f:df:37:be:ab:77:6d:77:
d6:a8:be:f6:fc:0b:d0:11:e0:b8:44:5e:0a:cb:63:
5e:10:82:4a:30:f3:f4:bf:dc:23:c5:be:19:c1:6f:
4f:58:1d:a7:6e:74:d2:b2:12:7a:d1:7c:0a:f1:78:
a9:3d:3f:4d:89:a8:00:d6:91:3b:53:7b:b5:38:a2:
2b:7e:5c:31:79:93:77:00:e0:dd:49:fd:c1:09:85:
95:ae:c2:f9:f5:a5:c2:19:15:e4:4f:71:7f:a5:93:
6d:ea:dc:8c:fa:7e:4b:89:c8:3f:dc:0f:63:56:16:
80:ff:82:8a:b2:56:d0:5d:da:8c:19:e2:35:98:e4:
9e:71:83:d4:7d:28:98:70:98:e8:77:af:69:5b:cc:
43:f3:c5:dd:cc:1f:0b:5c:ff:9c:10:b0:81:75:27:
21:bf:d1:05:ff:b2:06:b8:6d:9e:a7:1c:4b:37:e1:
be:9a:81:56:c9:ea:b1:5a:c3:09:09:19:f3:f4:88:
d5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:58:AE:1E:19:E3:C8:C6:AE:E9:D4:6E:55:9C:48:67:E6:87:0F:AA
X509v3 Authority Key Identifier:
keyid:7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/71iuHhnjyMau6dRuVZxIZ-aHD6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.4.0/22
IPv6:
2a09:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
b6:c6:bf:ca:5e:50:9f:ff:f1:f6:5d:fa:25:67:71:69:d7:54:
9f:88:43:ba:9b:cd:e4:00:9a:19:6c:98:18:b4:53:e1:9e:21:
31:bc:eb:13:6b:78:87:a6:9a:c9:da:ea:46:33:0b:38:b3:9c:
0e:6a:76:c8:41:91:db:32:e0:96:5b:da:0f:d2:53:f2:2f:aa:
d3:d7:43:2d:42:58:e8:02:05:a0:21:7a:f2:24:a0:ed:ca:91:
ba:7b:da:e9:f5:ff:c3:9a:6a:ea:4c:25:48:9d:fe:50:51:30:
3b:e0:7b:a7:7c:7f:c8:5c:2a:2c:53:e3:72:7f:b2:1a:9d:d2:
db:02:b1:d2:d5:92:9c:07:92:23:13:41:d3:0e:7e:77:25:a9:
fc:ab:30:68:b7:4d:95:28:93:9b:9c:a2:ec:c8:f6:7e:0a:a0:
e1:de:bc:1d:55:14:ea:e3:1d:ce:df:0f:cf:b4:56:56:cd:11:
23:be:20:6b:a9:c0:b9:79:4f:c5:23:1f:c5:4d:54:77:4e:17:
c8:97:3f:54:6d:b9:fd:66:6a:22:2b:a0:08:8c:1c:21:1d:8e:
66:cd:d7:ae:65:9b:0d:ee:7b:f2:3e:d2:c7:47:8a:84:0b:6a:
f8:2d:ff:56:b4:c5:a0:3b:d8:53:b5:51:1a:7e:99:58:f6:fa:
e0:3b:a0:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks7N/00qflL1LQ4WGZQVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZGY4MDkxMzFlZTU2NTMxOTM5ZDA1ZjYwNzI3MWJkZjAx
ZDE5YjUwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU4YWUxZTE5ZTNjOGM2YWVlOWQ0NmU1NTljNDg2N2U2ODcwZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvATQtiGVkDUFW0XPxwruX13fPoXA
w9GrVtwFlV2WSeIX7pKOibE7mOOtl9+lb/0O/qXy+AUMIO17VB6m0I2RVrV/b983
vqt3bXfWqL72/AvQEeC4RF4Ky2NeEIJKMPP0v9wjxb4ZwW9PWB2nbnTSshJ60XwK
8XipPT9NiagA1pE7U3u1OKIrflwxeZN3AODdSf3BCYWVrsL59aXCGRXkT3F/pZNt
6tyM+n5Licg/3A9jVhaA/4KKslbQXdqMGeI1mOSecYPUfSiYcJjod69pW8xD88Xd
zB8LXP+cELCBdSchv9EF/7IGuG2epxxLN+G+moFWyeqxWsMJCRnz9IjViQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO9Yrh4Z48jGrunUblWcSGfmhw+qMB8GA1UdIwQY
MBaAFH3fgJEx7lZTGTnQX2Bycb3wHRm1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEt
Yjk0ZWI5ZTZiOWViLzEvNzFpdUhobmp5TWF1NmRSdVZaeElaLWFIRDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEtYjk0ZWI5ZTZiOWVi
LzEvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIEMA0E
AgACMAcDBQMqCV/AMA0GCSqGSIb3DQEBCwUAA4IBAQC2xr/KXlCf//H2XfolZ3Fp
11SfiEO6m83kAJoZbJgYtFPhniExvOsTa3iHpprJ2upGMws4s5wOanbIQZHbMuCW
W9oP0lPyL6rT10MtQljoAgWgIXryJKDtypG6e9rp9f/DmmrqTCVInf5QUTA74Hun
fH/IXCosU+Nyf7IandLbArHS1ZKcB5IjE0HTDn53Jan8qzBot02VKJObnKLsyPZ+
CqDh3rwdVRTq4x3O3w/PtFZWzREjviBrqcC5eU/FIx/FTVR3ThfIlz9Ubbn9Zmoi
K6AIjBwhHY5mzdeuZZsN7nvyPtLHR4qEC2r4Lf9WtMWgO9hTtVEafplY9vrgO6AH
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:15 2025 by rpki-client