Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/90IBFTm1n0EdouWYts1bm2C2AV0.roa
File: 90IBFTm1n0EdouWYts1bm2C2AV0.roa (raw, json)
Hash identifier: ERgPNr6bXt5OGFwKPUno3LLiwFJjlAJ5vniWmV4rL9o=
Subject key identifier: F7:42:01:15:39:B5:9F:41:1D:A2:E5:98:B6:CD:5B:9B:60:B6:01:5D
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 019421B1A2CF9142AD49F77EC531A6DFBB94
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/90IBFTm1n0EdouWYts1bm2C2AV0.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56974
IP address blocks: 109.104.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a2:cf:91:42:ad:49:f7:7e:c5:31:a6:df:bb:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f742011539b59f411da2e598b6cd5b9b60b6015d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:38:82:77:43:b0:42:ca:de:13:1d:d4:9f:f2:
b5:94:25:bb:38:11:9f:1b:fa:49:bb:a7:19:92:39:
0d:12:9d:b1:84:80:e4:46:8a:73:90:59:b6:35:c3:
fe:84:6a:28:3c:d1:ae:e7:95:3b:69:3a:87:d9:cc:
4c:63:85:0a:f6:5d:29:83:50:58:55:b2:7c:43:ad:
86:6d:5c:29:a7:13:f3:b9:a2:0d:e0:f2:cf:46:b8:
f7:ab:51:52:f4:84:56:b9:98:a9:84:9c:21:d5:ff:
b1:2a:d5:62:31:74:33:bb:55:9b:89:50:9f:f2:ee:
97:41:39:2f:7d:ff:c5:33:e8:3b:ca:e7:7b:ab:4e:
2f:ac:76:cf:28:ec:4b:d4:a8:a0:86:a1:24:bc:ac:
e8:9f:09:2c:91:35:fe:14:00:85:8c:e5:70:fa:36:
ba:5c:92:47:53:ea:9e:d9:17:24:9f:d5:c6:38:45:
f0:98:a3:7a:e3:2b:35:90:12:16:71:51:28:dc:4f:
7f:90:31:a0:c5:30:e8:97:2b:f6:67:e5:7f:52:54:
8d:73:06:f7:90:2b:89:24:7e:ed:3d:55:64:ee:2d:
3e:99:b1:91:9b:25:74:bc:52:a3:54:9f:9d:9b:35:
bc:48:ee:de:4e:35:6e:21:f9:4f:30:87:22:e6:fe:
66:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:42:01:15:39:B5:9F:41:1D:A2:E5:98:B6:CD:5B:9B:60:B6:01:5D
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/90IBFTm1n0EdouWYts1bm2C2AV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.248.0/22
Signature Algorithm: sha256WithRSAEncryption
65:03:a5:cc:03:a6:7f:67:2a:75:4a:01:83:63:17:b9:5c:62:
4b:f6:f6:62:d1:8e:45:ef:be:a7:01:bc:56:b5:78:95:0b:af:
fd:7e:f5:a8:9d:c9:90:c5:96:5f:3d:27:63:5a:88:41:01:a6:
b7:f0:19:a7:45:f7:fa:6c:20:cf:f6:65:92:fa:93:f3:b9:52:
50:57:29:32:54:8b:09:87:9b:06:43:92:aa:71:15:f4:aa:12:
27:b3:2f:5a:b1:ab:d2:57:5c:58:c3:23:7c:c1:1b:f6:9b:48:
6f:f1:07:68:16:53:dd:cd:7c:4b:25:e1:83:63:1c:26:4c:f4:
a8:a8:56:7e:58:d2:fa:2c:cf:51:b5:8d:d1:fe:e8:9c:c9:85:
a9:fb:cc:75:a6:85:b2:35:e9:72:cb:bb:31:e8:e8:55:e9:fa:
5b:19:e9:31:27:64:b3:d1:55:41:22:04:b9:ed:11:c2:5e:77:
db:63:73:10:1e:8d:0e:79:cd:bd:0d:cc:79:80:94:45:d2:0f:
5a:9f:5e:f6:f7:91:80:52:76:86:bf:17:94:9e:cd:1f:4d:dd:
81:bd:86:89:7f:96:35:ae:8e:6f:f3:69:d5:dd:a2:aa:5a:bf:
7f:08:f1:2b:4e:9b:db:20:ac:b2:ed:f8:d0:a2:0d:39:a0:c8:
2e:97:90:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaLPkUKtSfd+xTGm37uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzQyMDExNTM5YjU5ZjQxMWRhMmU1OThiNmNkNWI5YjYwYjYwMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DiCd0OwQsreEx3Un/K1lCW7OBGf
G/pJu6cZkjkNEp2xhIDkRopzkFm2NcP+hGooPNGu55U7aTqH2cxMY4UK9l0pg1BY
VbJ8Q62GbVwppxPzuaIN4PLPRrj3q1FS9IRWuZiphJwh1f+xKtViMXQzu1WbiVCf
8u6XQTkvff/FM+g7yud7q04vrHbPKOxL1KighqEkvKzonwkskTX+FACFjOVw+ja6
XJJHU+qe2Rckn9XGOEXwmKN64ys1kBIWcVEo3E9/kDGgxTDolyv2Z+V/UlSNcwb3
kCuJJH7tPVVk7i0+mbGRmyV0vFKjVJ+dmzW8SO7eTjVuIflPMIci5v5mEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdCARU5tZ9BHaLlmLbNW5tgtgFdMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvOTBJQkZUbTFuMEVkb3VXWXRzMWJtMkMyQVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWj4MA0G
CSqGSIb3DQEBCwUAA4IBAQBlA6XMA6Z/Zyp1SgGDYxe5XGJL9vZi0Y5F776nAbxW
tXiVC6/9fvWoncmQxZZfPSdjWohBAaa38BmnRff6bCDP9mWS+pPzuVJQVykyVIsJ
h5sGQ5KqcRX0qhInsy9asavSV1xYwyN8wRv2m0hv8QdoFlPdzXxLJeGDYxwmTPSo
qFZ+WNL6LM9RtY3R/uicyYWp+8x1poWyNelyy7sx6OhV6fpbGekxJ2Sz0VVBIgS5
7RHCXnfbY3MQHo0Oec29Dcx5gJRF0g9an17295GAUnaGvxeUns0fTd2BvYaJf5Y1
ro5v82nV3aKqWr9/CPErTpvbIKyy7fjQog05oMgul5AY
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:44:35 2025 by rpki-client