Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IIxDe4etQOd2xm05l7GIiAgVFRk.roa
File: IIxDe4etQOd2xm05l7GIiAgVFRk.roa (raw, json)
Hash identifier: nufDyIWcCwbAJSpo3tAlQaolQXGlQowbBKacZpakYp0=
Subject key identifier: 20:8C:43:7B:87:AD:40:E7:76:C6:6D:39:97:B1:88:88:08:15:15:19
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 019426D97DDC0E80A5D689B692B0447BFB3A
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IIxDe4etQOd2xm05l7GIiAgVFRk.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40995
IP address blocks: 5.44.172.0/23 maxlen: 24
109.111.160.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7d:dc:0e:80:a5:d6:89:b6:92:b0:44:7b:fb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=208c437b87ad40e776c66d3997b1888808151519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:56:eb:f7:a6:bf:0f:ac:79:d8:9d:ee:2a:36:
ba:02:57:92:9c:6d:ce:f8:43:03:cb:0e:81:bc:43:
ff:97:1c:cd:a9:cd:c4:5d:d4:b4:f6:5c:f9:61:fb:
78:c7:70:1e:5a:65:8f:38:e7:f0:fc:d8:a8:cc:87:
fc:10:6f:51:e1:70:05:e9:27:1a:c8:9f:0e:49:05:
fd:f5:b8:ac:eb:fa:26:2c:1e:fb:db:f0:30:68:aa:
ee:ec:6f:ae:f4:8e:fe:41:3c:44:aa:e5:97:52:f1:
fd:99:7a:fe:8f:4c:37:be:89:e7:78:82:55:38:21:
c0:71:9d:9e:57:38:64:3d:a5:b5:0b:56:9a:88:e0:
f6:bb:b3:42:8e:37:63:cc:2e:2d:8c:e7:99:ab:e7:
8c:47:af:5d:c9:b7:dc:24:11:6c:b8:42:f2:5d:04:
cc:22:13:8a:e5:31:5c:c5:da:30:74:10:e9:2f:73:
82:38:e3:81:fc:95:3b:c7:a8:dd:d2:08:4f:6a:00:
7e:2a:c3:3b:a9:8e:a4:b4:de:94:ec:aa:bc:6e:b3:
3e:19:c3:3e:b4:46:4c:32:92:34:a1:ee:69:5b:fe:
75:f1:a8:e6:fc:51:40:90:63:a4:42:ff:fa:a6:cc:
5d:cc:d9:79:59:1a:db:a5:70:e6:e5:04:d2:79:e4:
fe:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8C:43:7B:87:AD:40:E7:76:C6:6D:39:97:B1:88:88:08:15:15:19
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/IIxDe4etQOd2xm05l7GIiAgVFRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.172.0/23
109.111.160.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:fd:e3:46:03:78:09:fd:d5:e2:76:83:78:0d:a1:f8:56:07:
14:9e:cc:b9:c2:a3:9e:bf:6e:8c:7e:f2:cf:93:3d:d4:08:c9:
79:9f:b3:01:ba:91:3d:e5:26:b6:44:b9:8a:d0:6b:af:ee:95:
6f:a8:3a:bb:1d:60:33:a8:8f:34:8e:51:1c:01:cc:e8:04:05:
3f:26:a1:39:d6:f0:a7:30:7e:0a:6f:29:e3:0a:56:a7:21:e1:
c9:2c:49:07:f4:21:5f:05:56:04:a1:f0:ea:fb:60:2c:15:3d:
74:3f:dd:91:ec:a9:39:8c:eb:a4:19:ed:ae:fa:cf:b3:ca:1d:
09:f5:a6:25:61:31:c0:9b:61:fd:4c:a2:c2:43:18:3b:1d:cb:
5a:c1:f9:bb:75:b6:fe:31:61:3a:4d:20:72:46:30:26:2a:08:
5a:ea:f7:d7:5a:49:7a:3e:0c:91:10:64:d4:81:71:bc:48:cc:
3c:83:0a:64:ae:26:89:cd:c2:8c:08:d2:37:e0:31:ed:82:bd:
40:e6:aa:6d:bf:61:46:2c:e0:46:3b:61:02:3d:f4:5f:69:0e:
a9:19:ab:cf:a8:c6:d4:5e:c0:f2:47:a1:ff:eb:bd:8f:7e:ec:
c9:42:cd:eb:03:b2:75:95:e7:8a:5a:ca:d3:ea:e9:51:75:43:
49:0c:0a:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2X3cDoCl1om2krBEe/s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhjNDM3Yjg3YWQ0MGU3NzZjNjZkMzk5N2IxODg4ODA4MTUxNTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFbr96a/D6x52J3uKja6AleSnG3O
+EMDyw6BvEP/lxzNqc3EXdS09lz5Yft4x3AeWmWPOOfw/NiozIf8EG9R4XAF6Sca
yJ8OSQX99bis6/omLB772/AwaKru7G+u9I7+QTxEquWXUvH9mXr+j0w3vonneIJV
OCHAcZ2eVzhkPaW1C1aaiOD2u7NCjjdjzC4tjOeZq+eMR69dybfcJBFsuELyXQTM
IhOK5TFcxdowdBDpL3OCOOOB/JU7x6jd0ghPagB+KsM7qY6ktN6U7Kq8brM+GcM+
tEZMMpI0oe5pW/518ajm/FFAkGOkQv/6psxdzNl5WRrbpXDm5QTSeeT+cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCMQ3uHrUDndsZtOZexiIgIFRUZMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvSUl4RGU0ZXRRT2QyeG0wNWw3R0lpQWdWRlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBSysAwQE
bW+gMA0GCSqGSIb3DQEBCwUAA4IBAQB9/eNGA3gJ/dXidoN4DaH4VgcUnsy5wqOe
v26MfvLPkz3UCMl5n7MBupE95Sa2RLmK0Guv7pVvqDq7HWAzqI80jlEcAczoBAU/
JqE51vCnMH4KbynjClanIeHJLEkH9CFfBVYEofDq+2AsFT10P92R7Kk5jOukGe2u
+s+zyh0J9aYlYTHAm2H9TKLCQxg7Hctawfm7dbb+MWE6TSByRjAmKgha6vfXWkl6
PgyREGTUgXG8SMw8gwpkriaJzcKMCNI34DHtgr1A5qptv2FGLOBGO2ECPfRfaQ6p
GavPqMbUXsDyR6H/672PfuzJQs3rA7J1leeKWsrT6ulRdUNJDApd
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:31:36 2025 by rpki-client