Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/eb3207-8410-4046-a449-760ba7436c24/1/aLfo3q6L0mVOuK0za6OIf6mWxIg.roa
File: aLfo3q6L0mVOuK0za6OIf6mWxIg.roa (raw, json)
Hash identifier: 7LeZnYMqXpBceqMPtLfdcEQrWgVh8yNUNh6lUyY5uzc=
Subject key identifier: 68:B7:E8:DE:AE:8B:D2:65:4E:B8:AD:33:6B:A3:88:7F:A9:96:C4:88
Certificate issuer: /CN=1b328303be7720013b70838e48eba93b420387dd
Certificate serial: 019428283A127B85A95CC310D5F3186ABED4
Authority key identifier: 1B:32:83:03:BE:77:20:01:3B:70:83:8E:48:EB:A9:3B:42:03:87:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzKDA753IAE7cIOOSOupO0IDh90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/eb3207-8410-4046-a449-760ba7436c24/1/aLfo3q6L0mVOuK0za6OIf6mWxIg.roa
Signing time: Thu 02 Jan 2025 17:55:12 +0000
ROA not before: Thu 02 Jan 2025 17:55:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 141.98.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:3a:12:7b:85:a9:5c:c3:10:d5:f3:18:6a:be:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b328303be7720013b70838e48eba93b420387dd
Validity
Not Before: Jan 2 17:55:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68b7e8deae8bd2654eb8ad336ba3887fa996c488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:cf:35:59:2f:ca:53:ed:50:81:d6:2b:45:
41:7f:c4:9d:a4:86:8a:64:14:fd:f0:1b:dc:02:04:
25:ba:6f:bd:ba:81:84:6d:fd:5d:b9:13:71:7a:95:
c2:14:00:87:92:3d:d2:d6:b6:42:a1:2b:33:f9:b4:
67:66:ea:8b:93:81:71:ab:5b:4d:73:ac:f3:ae:e3:
5f:db:13:25:33:36:27:31:13:ad:64:44:27:1b:03:
06:59:74:ea:25:65:01:32:87:77:40:34:70:11:6b:
7c:97:e2:fe:f5:26:f3:b1:3a:d1:cd:5e:df:dc:38:
57:75:83:28:30:7b:90:65:90:91:6c:90:3f:9f:15:
68:e7:9b:a8:3f:e0:ec:bc:ec:8f:fa:d4:40:da:88:
b7:ad:3d:c0:9f:bf:dd:a4:23:c1:09:f1:0d:19:69:
55:f5:6a:69:57:40:70:2d:50:4c:1f:fc:a1:af:9f:
42:c5:7d:58:f2:c3:85:64:2c:3b:ea:1c:15:7e:0f:
c3:90:81:09:a8:ae:93:3b:7a:f0:ee:c4:c8:b3:e7:
cb:07:bd:65:1e:12:e5:d3:1e:61:b7:15:0e:41:b0:
5f:6d:df:95:2f:a4:6d:ae:8c:66:ba:89:39:f2:3c:
2d:c5:c2:52:ef:c3:39:3b:1e:5d:0b:20:31:07:35:
61:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B7:E8:DE:AE:8B:D2:65:4E:B8:AD:33:6B:A3:88:7F:A9:96:C4:88
X509v3 Authority Key Identifier:
keyid:1B:32:83:03:BE:77:20:01:3B:70:83:8E:48:EB:A9:3B:42:03:87:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzKDA753IAE7cIOOSOupO0IDh90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/eb3207-8410-4046-a449-760ba7436c24/1/aLfo3q6L0mVOuK0za6OIf6mWxIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/eb3207-8410-4046-a449-760ba7436c24/1/GzKDA753IAE7cIOOSOupO0IDh90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.104.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:c9:86:92:ae:7e:27:e0:77:64:cd:74:9b:d5:06:cf:8a:ba:
2a:4d:41:a5:d9:a3:d4:b5:1c:38:17:fd:6e:f1:da:8d:c5:34:
ce:c4:de:2d:9c:3d:35:ae:1b:72:d7:f0:2f:4a:bc:fe:e7:e9:
6d:39:74:27:59:3a:e6:68:5d:eb:e2:5d:65:88:d0:a3:c5:4a:
4f:ed:94:43:3d:c9:49:8c:ad:18:ec:a4:f1:d8:dd:46:c8:e2:
13:96:e3:77:a5:6a:ca:d2:c8:08:68:7a:e1:53:ab:1a:a6:8c:
e2:e4:8d:b7:d9:36:74:f8:9a:35:21:ed:57:25:ab:f9:d0:51:
cb:c4:a4:b5:a6:b2:06:1f:0b:1e:ab:22:fc:19:af:d5:d4:c1:
0a:16:c6:35:9f:3d:90:ef:d5:28:0f:18:11:58:9b:bb:f9:df:
a7:51:78:4c:99:1e:a9:6a:16:ed:8b:62:9a:5e:ef:22:5d:e9:
d6:a9:25:f9:4e:47:84:57:0b:d9:ac:09:7b:8a:64:ce:a6:ca:
61:1d:c2:20:3b:e1:7b:72:8c:9a:f0:be:25:11:2e:7a:ff:00:
46:87:88:94:18:73:2a:a4:c5:a7:1a:ec:a1:4b:8a:34:78:4c:
28:27:f2:0f:8f:b3:04:25:4b:26:c7:de:e8:b3:1e:7c:a3:48:
48:78:5f:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKDoSe4WpXMMQ1fMYar7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzI4MzAzYmU3NzIwMDEzYjcwODM4ZTQ4ZWJhOTNiNDIw
Mzg3ZGQwHhcNMjUwMTAyMTc1NTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI3ZThkZWFlOGJkMjY1NGViOGFkMzM2YmEzODg3ZmE5OTZjNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7LPNVkvylPtUIHWK0VBf8SdpIaK
ZBT98BvcAgQlum+9uoGEbf1duRNxepXCFACHkj3S1rZCoSsz+bRnZuqLk4Fxq1tN
c6zzruNf2xMlMzYnMROtZEQnGwMGWXTqJWUBMod3QDRwEWt8l+L+9SbzsTrRzV7f
3DhXdYMoMHuQZZCRbJA/nxVo55uoP+DsvOyP+tRA2oi3rT3An7/dpCPBCfENGWlV
9WppV0BwLVBMH/yhr59CxX1Y8sOFZCw76hwVfg/DkIEJqK6TO3rw7sTIs+fLB71l
HhLl0x5htxUOQbBfbd+VL6Rtroxmuok58jwtxcJS78M5Ox5dCyAxBzVh4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGi36N6ui9JlTritM2ujiH+plsSIMB8GA1UdIwQY
MBaAFBsygwO+dyABO3CDjkjrqTtCA4fdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3pLREE3NTNJQUU3Y0lPT1NPdXBPMElEaDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lYjMyMDctODQxMC00MDQ2LWE0NDkt
NzYwYmE3NDM2YzI0LzEvYUxmbzNxNkwwbVZPdUswemE2T0lmNm1XeElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lYjMyMDctODQxMC00MDQ2LWE0NDktNzYwYmE3NDM2YzI0
LzEvR3pLREE3NTNJQUU3Y0lPT1NPdXBPMElEaDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjWJoMA0G
CSqGSIb3DQEBCwUAA4IBAQBeyYaSrn4n4HdkzXSb1QbPiroqTUGl2aPUtRw4F/1u
8dqNxTTOxN4tnD01rhty1/AvSrz+5+ltOXQnWTrmaF3r4l1liNCjxUpP7ZRDPclJ
jK0Y7KTx2N1GyOITluN3pWrK0sgIaHrhU6sapozi5I232TZ0+Jo1Ie1XJav50FHL
xKS1prIGHwseqyL8Ga/V1MEKFsY1nz2Q79UoDxgRWJu7+d+nUXhMmR6pahbti2Ka
Xu8iXenWqSX5TkeEVwvZrAl7imTOpsphHcIgO+F7coya8L4lES56/wBGh4iUGHMq
pMWnGuyhS4o0eEwoJ/IPj7MEJUsmx97osx58o0hIeF/O
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:12:35 2025 by rpki-client