Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RJ12iqBIGMdg63G0MMvg2LDMix8.roa
File: RJ12iqBIGMdg63G0MMvg2LDMix8.roa (raw, json)
Hash identifier: sESw+q0gARk5gtp41IohBHW+APoentCrsvNrV3WWi+U=
Subject key identifier: 44:9D:76:8A:A0:48:18:C7:60:EB:71:B4:30:CB:E0:D8:B0:CC:8B:1F
Certificate issuer: /CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Certificate serial: 0194274808822C1DB678685F21D2CF5A4436
Authority key identifier: 8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RJ12iqBIGMdg63G0MMvg2LDMix8.roa
Signing time: Thu 02 Jan 2025 13:50:19 +0000
ROA not before: Thu 02 Jan 2025 13:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198819
IP address blocks: 109.235.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:08:82:2c:1d:b6:78:68:5f:21:d2:cf:5a:44:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Validity
Not Before: Jan 2 13:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=449d768aa04818c760eb71b430cbe0d8b0cc8b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0d:5e:48:bc:19:b5:da:4e:58:79:d7:9c:a9:
ce:1d:24:c8:aa:42:d3:bc:6b:54:66:58:81:4b:4e:
a5:13:ac:0b:d4:0f:78:98:01:10:d3:bd:f4:16:85:
46:e2:ba:d5:ad:26:c9:70:fd:60:11:3e:96:01:bc:
ef:8e:aa:a2:3d:f8:58:5e:3e:d9:a5:89:d5:42:cd:
54:2f:9e:41:fc:e4:b7:ed:d7:5a:17:73:55:b1:71:
67:9b:64:12:e6:bc:22:74:5c:35:20:54:06:0d:26:
b5:26:dd:7d:50:59:77:86:6c:fe:80:d2:05:6b:da:
98:67:96:33:5b:9d:c8:3f:3f:24:05:3f:98:3f:48:
3e:6e:d3:f8:80:e3:6f:83:e9:bb:f8:89:01:b8:bf:
c4:a2:1c:34:e3:e0:7e:cd:27:a9:4f:41:c5:bb:fd:
9f:c9:8a:f5:5e:db:11:dc:18:88:1d:98:78:8c:93:
65:c0:01:94:7d:c2:95:e8:c8:b0:99:5a:84:19:f1:
d9:ac:c6:e3:9c:17:bb:91:99:cb:18:9b:c3:4a:66:
be:66:4a:b4:59:46:1b:66:d8:50:dc:e8:c5:43:fe:
bd:11:2c:fb:51:6d:0c:d2:de:dc:67:6f:7e:64:71:
6e:54:5e:34:c4:c3:8a:1d:7e:db:5b:93:c0:15:52:
9d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9D:76:8A:A0:48:18:C7:60:EB:71:B4:30:CB:E0:D8:B0:CC:8B:1F
X509v3 Authority Key Identifier:
keyid:8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RJ12iqBIGMdg63G0MMvg2LDMix8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/jYQmVhd7QmerVeS6FlpewA9QhLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:cf:95:ee:c1:2f:6e:06:97:e5:1a:e2:44:58:37:c2:c8:0e:
c1:f9:b6:53:8f:a9:d4:d8:91:0c:fc:52:63:b3:4c:7d:b4:39:
c2:0b:0b:29:54:31:e4:90:6a:54:ed:74:8f:34:f4:64:69:39:
2e:77:00:1d:79:17:d3:46:0d:b6:2a:57:f8:b1:db:5d:94:4f:
4d:89:1a:e3:e1:78:20:9a:39:6e:0b:a9:16:14:ad:cc:66:77:
09:9b:bd:89:6e:04:ab:60:48:83:34:91:1c:ed:cc:30:d6:d6:
0a:5e:63:45:fb:67:52:fc:f8:ed:0f:6c:14:7e:77:d8:87:3f:
ac:4d:3d:f3:49:cc:57:8a:4b:9e:7a:60:b0:01:f8:0f:d4:fd:
a1:1f:aa:16:4b:68:e2:29:06:2c:a9:46:4c:97:20:00:bd:ae:
a6:cb:98:ab:54:61:11:9b:e3:0e:28:ea:4a:09:81:f0:90:34:
6a:ae:f0:a3:05:90:73:1d:dd:3e:77:8b:bd:31:ff:e5:82:22:
80:51:fa:af:96:e6:11:e8:39:b6:e0:8e:bc:85:d2:77:90:30:
11:bf:c5:45:b8:7f:02:28:c8:04:f5:ff:65:3a:c6:a3:09:2a:
52:5f:ec:98:bc:87:de:db:0c:ad:87:65:a6:dc:5d:20:7a:74:
06:1b:85:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSAiCLB22eGhfIdLPWkQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQyNjU2MTc3YjQyNjdhYjU1ZTRiYTE2NWE1ZWMwMGY1
MDg0YmMwHhcNMjUwMTAyMTM1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDlkNzY4YWEwNDgxOGM3NjBlYjcxYjQzMGNiZTBkOGIwY2M4YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw1eSLwZtdpOWHnXnKnOHSTIqkLT
vGtUZliBS06lE6wL1A94mAEQ0730FoVG4rrVrSbJcP1gET6WAbzvjqqiPfhYXj7Z
pYnVQs1UL55B/OS37ddaF3NVsXFnm2QS5rwidFw1IFQGDSa1Jt19UFl3hmz+gNIF
a9qYZ5YzW53IPz8kBT+YP0g+btP4gONvg+m7+IkBuL/Eohw04+B+zSepT0HFu/2f
yYr1XtsR3BiIHZh4jJNlwAGUfcKV6MiwmVqEGfHZrMbjnBe7kZnLGJvDSma+Zkq0
WUYbZthQ3OjFQ/69ESz7UW0M0t7cZ29+ZHFuVF40xMOKHX7bW5PAFVKdgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESddoqgSBjHYOtxtDDL4NiwzIsfMB8GA1UdIwQY
MBaAFI2EJlYXe0Jnq1XkuhZaXsAPUIS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2Njgt
OTRjMmY4MjY5ZTljLzEvUkoxMmlxQklHTWRnNjNHME1NdmcyTERNaXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2NjgtOTRjMmY4MjY5ZTlj
LzEvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbevRMA0G
CSqGSIb3DQEBCwUAA4IBAQCOz5XuwS9uBpflGuJEWDfCyA7B+bZTj6nU2JEM/FJj
s0x9tDnCCwspVDHkkGpU7XSPNPRkaTkudwAdeRfTRg22Klf4sdtdlE9NiRrj4Xgg
mjluC6kWFK3MZncJm72JbgSrYEiDNJEc7cww1tYKXmNF+2dS/PjtD2wUfnfYhz+s
TT3zScxXikueemCwAfgP1P2hH6oWS2jiKQYsqUZMlyAAva6my5irVGERm+MOKOpK
CYHwkDRqrvCjBZBzHd0+d4u9Mf/lgiKAUfqvluYR6Dm24I68hdJ3kDARv8VFuH8C
KMgE9f9lOsajCSpSX+yYvIfe2wyth2Wm3F0genQGG4Uz
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:06:59 2025 by rpki-client