Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/1kHURLGCgDrhi9IHuZm9V5RPr7o.roa
File: 1kHURLGCgDrhi9IHuZm9V5RPr7o.roa (raw, json)
Hash identifier: QOJumlfbHeKteqZFgdexa+53Le46L9xrcfm0BrIrj/w=
Subject key identifier: D6:41:D4:44:B1:82:80:3A:E1:8B:D2:07:B9:99:BD:57:94:4F:AF:BA
Certificate issuer: /CN=317067e81a61a21fdc148598ef6ba59757fa0380
Certificate serial: 019423D738B5BB9B69C8D7950C893D6C18D8
Authority key identifier: 31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/1kHURLGCgDrhi9IHuZm9V5RPr7o.roa
Signing time: Wed 01 Jan 2025 21:48:14 +0000
ROA not before: Wed 01 Jan 2025 21:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209440
IP address blocks: 92.118.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:38:b5:bb:9b:69:c8:d7:95:0c:89:3d:6c:18:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317067e81a61a21fdc148598ef6ba59757fa0380
Validity
Not Before: Jan 1 21:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d641d444b182803ae18bd207b999bd57944fafba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:be:e6:7c:7c:2f:96:83:45:af:66:5f:e1:83:
bb:cb:b9:14:67:4e:d5:10:29:38:68:13:e7:39:b1:
fb:74:f5:30:1d:ea:f8:d4:3c:4e:16:ec:40:09:5a:
09:99:99:51:eb:6d:ff:dc:c9:3e:28:79:68:32:87:
9a:5a:ab:26:99:92:4f:04:8e:c2:90:23:84:bb:ee:
eb:19:07:18:83:91:66:15:8a:d9:10:28:a0:6a:34:
98:a5:48:5b:93:6f:d8:cb:d9:81:c2:9a:95:74:92:
88:e9:7a:a7:ff:31:9b:10:72:f9:79:08:43:73:1c:
c7:49:e3:17:a6:8b:6b:25:e0:36:e7:cf:98:4f:9f:
7b:10:db:37:51:15:b4:73:ad:a4:8d:c0:86:58:e7:
53:2b:2a:16:18:ec:41:48:11:fa:f9:9f:3d:66:71:
b2:25:e9:a6:a4:48:ee:99:9d:b2:35:88:c3:54:bb:
0b:25:d8:dd:ba:d4:24:96:45:e8:af:95:ac:69:a5:
e8:43:1d:c0:93:3a:8a:f6:9f:05:d3:0d:69:62:97:
0c:3e:ed:d3:79:32:0d:01:a4:c5:d3:15:a3:2e:fc:
ac:c9:7f:66:8a:a1:e4:38:d8:3f:b8:6f:6c:72:6c:
a3:db:9e:58:92:55:c4:c4:66:2d:b3:bb:59:43:da:
4d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:41:D4:44:B1:82:80:3A:E1:8B:D2:07:B9:99:BD:57:94:4F:AF:BA
X509v3 Authority Key Identifier:
keyid:31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/1kHURLGCgDrhi9IHuZm9V5RPr7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.109.0/24
Signature Algorithm: sha256WithRSAEncryption
55:42:54:7b:21:73:4e:c3:3d:48:32:5f:9e:f2:16:64:02:19:
1e:0a:97:50:51:35:e4:77:f1:9f:a7:f2:78:80:89:83:f1:cc:
16:91:d4:4d:dd:ef:dc:16:c9:66:05:da:c8:d2:6b:e0:98:4f:
9f:df:2b:01:20:37:43:3f:07:8e:de:e9:c0:0c:39:7f:0a:6f:
77:9b:e9:f4:5c:ed:2d:bf:26:1b:c9:f0:47:85:b3:46:1b:f8:
14:8b:7f:47:8b:50:13:6a:a6:ec:c2:18:b0:95:b2:45:d0:b0:
f0:fa:0e:af:85:c9:60:59:bb:fd:92:c1:e1:c6:90:50:3f:14:
1a:9c:09:83:2c:fe:4d:9b:43:e3:01:81:57:77:f7:16:5c:46:
18:7a:51:6e:70:b7:1b:a1:19:e3:d9:2b:8b:dc:df:c5:f5:ba:
34:9d:7b:a8:e2:e9:56:9b:6b:64:ba:c8:b7:0a:0f:77:e8:3b:
7e:75:6d:14:29:48:db:63:2d:02:83:65:c1:20:9c:3f:6f:e4:
53:5b:41:80:f1:9b:df:9a:82:05:78:ba:c1:94:bc:60:46:92:
95:ad:d2:d2:3a:91:d0:ed:86:61:a5:35:d8:36:cb:dd:41:78:
a0:e9:3d:0f:1f:33:af:11:2c:cf:d3:54:44:aa:e6:cf:6a:16:
60:51:b1:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1zi1u5tpyNeVDIk9bBjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNzA2N2U4MWE2MWEyMWZkYzE0ODU5OGVmNmJhNTk3NTdm
YTAzODAwHhcNMjUwMTAxMjE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQxZDQ0NGIxODI4MDNhZTE4YmQyMDdiOTk5YmQ1Nzk0NGZhZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL7mfHwvloNFr2Zf4YO7y7kUZ07V
ECk4aBPnObH7dPUwHer41DxOFuxACVoJmZlR623/3Mk+KHloMoeaWqsmmZJPBI7C
kCOEu+7rGQcYg5FmFYrZECigajSYpUhbk2/Yy9mBwpqVdJKI6Xqn/zGbEHL5eQhD
cxzHSeMXpotrJeA258+YT597ENs3URW0c62kjcCGWOdTKyoWGOxBSBH6+Z89ZnGy
JemmpEjumZ2yNYjDVLsLJdjdutQklkXor5WsaaXoQx3AkzqK9p8F0w1pYpcMPu3T
eTINAaTF0xWjLvysyX9miqHkONg/uG9scmyj255YklXExGYts7tZQ9pNfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZB1ESxgoA64YvSB7mZvVeUT6+6MB8GA1UdIwQY
MBaAFDFwZ+gaYaIf3BSFmO9rpZdX+gOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYt
MjE2NTk3ZTAzZjExLzEvMWtIVVJMR0NnRHJoaTlJSHVabTlWNVJQcjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYtMjE2NTk3ZTAzZjEx
LzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHZtMA0G
CSqGSIb3DQEBCwUAA4IBAQBVQlR7IXNOwz1IMl+e8hZkAhkeCpdQUTXkd/Gfp/J4
gImD8cwWkdRN3e/cFslmBdrI0mvgmE+f3ysBIDdDPweO3unADDl/Cm93m+n0XO0t
vyYbyfBHhbNGG/gUi39Hi1ATaqbswhiwlbJF0LDw+g6vhclgWbv9ksHhxpBQPxQa
nAmDLP5Nm0PjAYFXd/cWXEYYelFucLcboRnj2SuL3N/F9bo0nXuo4ulWm2tkusi3
Cg936Dt+dW0UKUjbYy0Cg2XBIJw/b+RTW0GA8ZvfmoIFeLrBlLxgRpKVrdLSOpHQ
7YZhpTXYNsvdQXig6T0PHzOvESzP01REqubPahZgUbH+
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:23:28 2025 by rpki-client