Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/nNCkOfG_W5tXBcfy3ePAuNExXn4.roa
File: nNCkOfG_W5tXBcfy3ePAuNExXn4.roa (raw, json)
Hash identifier: Veh+B3lJzCP5HGhQvtAXGs8A6jPedDNBSb38EUASDkY=
Subject key identifier: 9C:D0:A4:39:F1:BF:5B:9B:57:05:C7:F2:DD:E3:C0:B8:D1:31:5E:7E
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9D263017D251EE3E968457E10BEC
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/nNCkOfG_W5tXBcfy3ePAuNExXn4.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205334
IP address blocks: 109.167.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9d:26:30:17:d2:51:ee:3e:96:84:57:e1:0b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cd0a439f1bf5b9b5705c7f2dde3c0b8d1315e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9e:14:e9:03:ac:1f:00:f3:e9:b3:d2:a5:29:
ef:74:47:90:38:b5:6a:85:a1:87:61:32:da:5a:6f:
ef:00:cd:0b:b1:d6:74:a7:97:a2:23:a0:e5:1f:a5:
44:18:a2:02:4a:fa:e1:14:4a:12:88:86:2c:f6:d4:
76:96:a3:e6:27:c6:da:69:b6:3c:6a:bc:d2:84:54:
48:8e:97:c2:1c:15:2e:93:b0:38:cd:b3:90:87:16:
cb:93:e9:29:90:c9:5c:3b:cb:89:68:27:b7:c9:31:
0e:f1:21:34:b8:f7:bc:de:2c:99:9e:6f:a5:45:ce:
23:47:f3:c6:28:05:f0:ab:78:b0:ff:b1:49:80:b8:
3a:ee:b7:13:30:35:78:4b:f6:b0:a3:fb:b8:28:a9:
2d:85:89:06:26:e3:dc:c6:30:00:48:c6:f0:50:13:
f7:4a:9b:6a:27:21:b4:73:27:11:cb:4a:69:01:e6:
d7:ae:6a:06:0e:ab:7f:a0:7d:93:5e:07:8c:6b:e9:
60:69:dc:2b:a9:1f:d5:c4:18:88:de:28:1b:05:5a:
b5:a9:56:31:8e:1f:39:71:34:fc:59:4b:be:68:40:
bf:a5:f0:df:28:4b:15:7a:7e:ee:04:dc:1c:58:02:
2f:12:c4:4d:90:1c:27:05:10:82:05:85:39:03:59:
bd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D0:A4:39:F1:BF:5B:9B:57:05:C7:F2:DD:E3:C0:B8:D1:31:5E:7E
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/nNCkOfG_W5tXBcfy3ePAuNExXn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.114.0/24
Signature Algorithm: sha256WithRSAEncryption
24:dc:bc:6b:7f:db:36:cb:20:4f:70:72:61:c4:4a:a3:1b:a0:
82:6f:50:88:db:f8:4a:e2:0f:8d:a6:5b:85:b9:64:ee:64:9d:
14:ea:2d:92:59:2c:e6:a6:29:46:16:6d:c5:05:af:9f:93:68:
90:80:52:ff:dd:9f:ad:47:d6:45:32:00:53:aa:a6:1c:30:cb:
b5:2b:04:2a:da:b1:53:33:8f:6c:58:96:6b:6d:1e:db:77:97:
15:d6:e9:f1:5d:1f:4b:c9:55:96:d4:95:8d:d2:25:e2:30:73:
2b:64:3b:87:39:0c:c6:1d:ee:9a:a7:dc:d7:ac:03:1b:c8:c9:
35:31:82:a0:b4:fd:50:ea:52:58:af:d9:82:ac:1b:e0:29:6d:
87:05:72:0c:83:95:c8:26:3d:d2:d3:42:f1:8c:8f:66:76:47:
23:c2:95:63:9e:3c:d8:72:c0:8d:75:ae:8d:ff:9e:b2:5d:f3:
09:64:7e:b4:4b:29:4b:fd:a3:4f:f0:0e:56:85:75:e0:a0:5b:
a3:60:a9:2b:e0:f2:ea:2a:3b:88:c8:c9:73:d2:16:f1:e8:3c:
50:08:dc:58:2a:5f:2c:9c:58:4c:bb:d3:a4:02:61:9d:a6:83:
60:79:b8:95:9c:e8:0d:ae:4b:90:b4:3d:c3:ea:f9:44:e0:1a:
6d:7a:e0:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma50mMBfSUe4+loRX4QvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QwYTQzOWYxYmY1YjliNTcwNWM3ZjJkZGUzYzBiOGQxMzE1ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjp4U6QOsHwDz6bPSpSnvdEeQOLVq
haGHYTLaWm/vAM0LsdZ0p5eiI6DlH6VEGKICSvrhFEoSiIYs9tR2lqPmJ8baabY8
arzShFRIjpfCHBUuk7A4zbOQhxbLk+kpkMlcO8uJaCe3yTEO8SE0uPe83iyZnm+l
Rc4jR/PGKAXwq3iw/7FJgLg67rcTMDV4S/awo/u4KKkthYkGJuPcxjAASMbwUBP3
SptqJyG0cycRy0ppAebXrmoGDqt/oH2TXgeMa+lgadwrqR/VxBiI3igbBVq1qVYx
jh85cTT8WUu+aEC/pfDfKEsVen7uBNwcWAIvEsRNkBwnBRCCBYU5A1m9oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzQpDnxv1ubVwXH8t3jwLjRMV5+MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvbk5Da09mR19XNXRYQmNmeTNlUEF1TkV4WG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbadyMA0G
CSqGSIb3DQEBCwUAA4IBAQAk3Lxrf9s2yyBPcHJhxEqjG6CCb1CI2/hK4g+NpluF
uWTuZJ0U6i2SWSzmpilGFm3FBa+fk2iQgFL/3Z+tR9ZFMgBTqqYcMMu1KwQq2rFT
M49sWJZrbR7bd5cV1unxXR9LyVWW1JWN0iXiMHMrZDuHOQzGHe6ap9zXrAMbyMk1
MYKgtP1Q6lJYr9mCrBvgKW2HBXIMg5XIJj3S00LxjI9mdkcjwpVjnjzYcsCNda6N
/56yXfMJZH60SylL/aNP8A5WhXXgoFujYKkr4PLqKjuIyMlz0hbx6DxQCNxYKl8s
nFhMu9OkAmGdpoNgebiVnOgNrkuQtD3D6vlE4BpteuC6
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:08:48 2025 by rpki-client