Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bWcbnZuU2zQRtUG4Gb0aWgvvLTY.roa
File: bWcbnZuU2zQRtUG4Gb0aWgvvLTY.roa (raw, json)
Hash identifier: eEDM3RLXJgKYAraHWBM57oJLSLSqwWR/2Smj9+M69yw=
Subject key identifier: 6D:67:1B:9D:9B:94:DB:34:11:B5:41:B8:19:BD:1A:5A:0B:EF:2D:36
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD1D6A236DC1837B27EB93EBCB17E2
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bWcbnZuU2zQRtUG4Gb0aWgvvLTY.roa
Signing time: Thu 02 Jan 2025 07:48:52 +0000
ROA not before: Thu 02 Jan 2025 07:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 104.222.160.0/24 maxlen: 24
104.222.163.0/24 maxlen: 24
104.222.164.0/24 maxlen: 24
104.222.165.0/24 maxlen: 24
104.222.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:1d:6a:23:6d:c1:83:7b:27:eb:93:eb:cb:17:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d671b9d9b94db3411b541b819bd1a5a0bef2d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f0:3e:7a:75:2b:b7:35:1a:f3:da:c2:0f:7f:
21:4f:0a:23:30:20:d5:8a:d1:66:01:93:a8:b7:62:
cb:e5:32:16:ab:87:52:5a:83:33:02:fd:32:a2:2e:
f4:c3:43:c6:26:56:33:07:8e:a9:83:13:8a:02:4b:
95:db:22:57:bc:32:ea:4e:e9:e6:c5:73:9e:98:66:
5c:f2:1d:eb:6e:f9:e0:6b:aa:78:2d:d3:09:1c:17:
bf:ec:95:5f:66:e3:c9:31:ed:da:09:f6:ae:cb:34:
74:59:4a:35:99:0d:39:55:1a:6b:71:f6:e1:7b:ef:
33:90:8e:fd:71:e3:cf:e6:58:f1:dd:fb:b2:8a:c9:
90:7b:87:c6:07:d9:69:e8:89:8e:65:f3:c9:fb:fe:
3c:2b:9c:e4:96:c6:f7:93:74:77:51:0f:2c:43:43:
27:fd:5c:a4:30:91:7a:60:f1:43:94:51:a3:ee:2f:
35:e7:e1:fb:6a:02:a8:84:81:89:6d:9a:41:13:9d:
7b:64:e6:ce:ec:fe:2a:76:74:d8:29:84:89:6d:c6:
f3:a6:36:82:28:ed:3b:cc:8e:30:40:c2:3d:e6:40:
53:78:43:f8:1b:03:32:93:7f:90:17:f0:f4:4b:7f:
73:8f:ce:c4:79:86:23:d9:96:e8:be:07:8a:d4:f7:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:67:1B:9D:9B:94:DB:34:11:B5:41:B8:19:BD:1A:5A:0B:EF:2D:36
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/bWcbnZuU2zQRtUG4Gb0aWgvvLTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.222.160.0/24
104.222.163.0-104.222.166.255
Signature Algorithm: sha256WithRSAEncryption
07:43:8f:15:9c:6d:8e:9d:ad:84:20:a2:0e:4b:55:ed:7f:37:
15:37:c4:d6:c9:52:cb:04:cd:44:15:77:11:65:a0:16:b1:9d:
94:3b:f7:6b:8c:37:09:03:9b:d4:79:66:e8:c0:2d:c9:3b:9b:
be:65:23:55:f3:da:9e:8d:44:1a:0a:63:a5:20:a3:55:e3:31:
a6:2a:49:71:d0:82:aa:1e:75:db:fd:11:6a:f3:3b:a5:d9:13:
19:52:fb:d7:47:e8:a4:69:76:9d:82:a0:09:28:6f:be:56:0c:
ed:69:da:1a:89:9a:86:7e:1e:63:8f:76:57:3d:d3:98:11:65:
8d:53:54:38:ec:cf:1e:10:41:31:54:b3:a5:e3:e9:e6:e5:31:
e5:d1:31:9f:12:5d:00:c0:ab:b6:ed:0f:e5:19:4d:2e:d0:4d:
87:d9:de:cc:59:99:76:78:67:ee:c7:ce:20:46:97:48:ea:f2:
89:1f:cd:d1:d1:56:c5:48:48:33:fc:75:c0:61:2e:d0:68:cc:
87:44:bc:07:cc:d1:ef:7f:56:b2:50:b3:24:3d:1d:ad:56:b5:
39:02:6c:95:f3:cf:33:bc:23:a4:fd:83:35:39:c2:8e:5b:35:
1a:bc:9b:7e:bf:b1:7b:9c:94:fb:cc:5e:44:c0:bd:2e:63:c0:
44:b8:db:b6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/R1qI23Bg3sn65PryxfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY3MWI5ZDliOTRkYjM0MTFiNTQxYjgxOWJkMWE1YTBiZWYyZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvA+enUrtzUa89rCD38hTwojMCDV
itFmAZOot2LL5TIWq4dSWoMzAv0yoi70w0PGJlYzB46pgxOKAkuV2yJXvDLqTunm
xXOemGZc8h3rbvnga6p4LdMJHBe/7JVfZuPJMe3aCfauyzR0WUo1mQ05VRprcfbh
e+8zkI79cePP5ljx3fuyismQe4fGB9lp6ImOZfPJ+/48K5zklsb3k3R3UQ8sQ0Mn
/VykMJF6YPFDlFGj7i815+H7agKohIGJbZpBE517ZObO7P4qdnTYKYSJbcbzpjaC
KO07zI4wQMI95kBTeEP4GwMyk3+QF/D0S39zj87EeYYj2ZbovgeK1PezFQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG1nG52blNs0EbVBuBm9GloL7y02MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYldjYm5adVUyelFSdFVHNEdiMGFXZ3Z2TFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAaN6gMAwD
BABo3qMDBABo3qYwDQYJKoZIhvcNAQELBQADggEBAAdDjxWcbY6drYQgog5LVe1/
NxU3xNbJUssEzUQVdxFloBaxnZQ792uMNwkDm9R5ZujALck7m75lI1Xz2p6NRBoK
Y6Ugo1XjMaYqSXHQgqoeddv9EWrzO6XZExlS+9dH6KRpdp2CoAkob75WDO1p2hqJ
moZ+HmOPdlc905gRZY1TVDjszx4QQTFUs6Xj6eblMeXRMZ8SXQDAq7btD+UZTS7Q
TYfZ3sxZmXZ4Z+7HziBGl0jq8okfzdHRVsVISDP8dcBhLtBozIdEvAfM0e9/VrJQ
syQ9Ha1WtTkCbJXzzzO8I6T9gzU5wo5bNRq8m36/sXuclPvMXkTAvS5jwES427Y=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:22 2025 by rpki-client on console.sobornost.net