Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/f7195b-dd00-4290-9f78-abd90f329c0c/1/cWQ3FcXIpgayQfqlmppdKMwVQXo.roa
File: cWQ3FcXIpgayQfqlmppdKMwVQXo.roa (raw, json)
Hash identifier: psm2EXD7JYCfSDQE9D3Rxu9Bj66wyGfDywECDIfOm7Y=
Subject key identifier: 71:64:37:15:C5:C8:A6:06:B2:41:FA:A5:9A:9A:5D:28:CC:15:41:7A
Certificate issuer: /CN=e02d792c97dbd4482eb815cc9a4fb9f547af7a09
Certificate serial: 019427483FBF3A477D243A8970160F58E8C1
Authority key identifier: E0:2D:79:2C:97:DB:D4:48:2E:B8:15:CC:9A:4F:B9:F5:47:AF:7A:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4C15LJfb1EguuBXMmk-59Uevegk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/f7195b-dd00-4290-9f78-abd90f329c0c/1/cWQ3FcXIpgayQfqlmppdKMwVQXo.roa
Signing time: Thu 02 Jan 2025 13:50:33 +0000
ROA not before: Thu 02 Jan 2025 13:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210309
IP address blocks: 109.73.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3f:bf:3a:47:7d:24:3a:89:70:16:0f:58:e8:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e02d792c97dbd4482eb815cc9a4fb9f547af7a09
Validity
Not Before: Jan 2 13:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71643715c5c8a606b241faa59a9a5d28cc15417a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:17:3a:92:a7:2d:c3:9f:2d:0b:37:68:53:7c:
ac:ef:46:9f:c1:e1:35:0b:a2:29:d1:16:48:ab:d8:
80:9d:20:79:f7:5e:cb:37:20:fd:8a:95:ff:8b:e5:
38:a8:dc:bc:4b:c8:45:55:50:74:9b:77:93:88:e4:
d2:e8:ca:a3:b8:50:3b:fe:79:79:51:34:71:33:c9:
af:d4:bc:46:67:94:cb:32:b3:7a:f1:53:f2:47:97:
26:f1:f9:08:08:29:45:1d:90:e0:34:07:b0:f6:ab:
84:26:77:ff:9b:8c:1b:14:dd:bc:e8:4c:64:0a:6e:
28:95:88:ef:7f:4a:48:f2:08:a0:55:16:b6:8e:7e:
54:b2:02:03:7e:bf:8a:2a:eb:c3:47:3a:38:23:bb:
7c:e0:31:0b:70:16:56:a1:a9:c1:0c:c1:fd:a8:73:
ab:8b:a9:1c:8a:16:0f:d1:42:47:e6:2f:a9:fe:aa:
80:d5:2d:27:e0:78:b6:5a:09:71:df:13:41:0d:dc:
2f:52:74:3c:90:55:65:32:83:22:84:1b:1b:43:08:
70:38:25:01:20:34:da:bf:7e:d5:50:a2:01:cc:82:
50:ed:40:79:64:d1:bc:c0:e4:73:6a:13:2c:a9:ce:
e9:3f:90:83:39:ee:72:40:85:b4:1f:e6:7b:3c:e6:
90:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:64:37:15:C5:C8:A6:06:B2:41:FA:A5:9A:9A:5D:28:CC:15:41:7A
X509v3 Authority Key Identifier:
keyid:E0:2D:79:2C:97:DB:D4:48:2E:B8:15:CC:9A:4F:B9:F5:47:AF:7A:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4C15LJfb1EguuBXMmk-59Uevegk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f7195b-dd00-4290-9f78-abd90f329c0c/1/cWQ3FcXIpgayQfqlmppdKMwVQXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/f7195b-dd00-4290-9f78-abd90f329c0c/1/4C15LJfb1EguuBXMmk-59Uevegk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.73.136.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:ce:53:be:0d:35:1f:54:25:2f:84:1a:19:8e:6a:1e:86:f0:
88:8f:20:fe:de:08:d4:e4:f3:4b:89:1f:1f:15:0d:07:46:87:
92:62:29:82:8d:37:0a:0a:4b:d2:70:0b:a8:98:f8:64:2f:de:
d3:05:3e:44:6d:8f:43:73:ed:a6:64:fe:eb:04:ea:2f:05:17:
ff:c7:db:fc:8f:db:49:04:4d:85:95:af:41:32:8b:7d:40:9e:
9f:21:96:5b:c1:1a:cf:d2:16:41:ca:ff:c1:00:ca:70:db:ea:
4f:27:54:a6:26:2b:24:f7:80:3c:c8:e2:7b:f3:54:f9:ec:e7:
50:42:f8:5c:43:e2:a9:f1:e8:a0:d3:00:97:23:76:38:01:78:
d1:18:49:32:df:b9:35:38:57:35:c9:f2:6a:82:08:60:d0:80:
c0:b7:bb:e6:80:22:7a:06:a0:1f:6c:80:75:f1:87:d1:58:b8:
20:fa:c8:65:66:b4:85:f7:c4:ea:3b:42:6f:a3:53:f7:cb:dd:
04:01:55:4e:58:ea:20:e3:f2:94:6c:95:78:da:05:ef:f5:86:
1d:78:29:5b:50:39:68:2f:9d:3c:39:6c:96:dd:51:cd:8e:9a:
3b:2d:f4:1c:ec:d7:83:07:76:eb:83:94:47:99:43:7f:c8:a6:
77:bf:95:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSD+/Okd9JDqJcBYPWOjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMmQ3OTJjOTdkYmQ0NDgyZWI4MTVjYzlhNGZiOWY1NDdh
ZjdhMDkwHhcNMjUwMTAyMTM1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTY0MzcxNWM1YzhhNjA2YjI0MWZhYTU5YTlhNWQyOGNjMTU0MTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBc6kqctw58tCzdoU3ys70afweE1
C6Ip0RZIq9iAnSB5917LNyD9ipX/i+U4qNy8S8hFVVB0m3eTiOTS6MqjuFA7/nl5
UTRxM8mv1LxGZ5TLMrN68VPyR5cm8fkICClFHZDgNAew9quEJnf/m4wbFN286Exk
Cm4olYjvf0pI8gigVRa2jn5UsgIDfr+KKuvDRzo4I7t84DELcBZWoanBDMH9qHOr
i6kcihYP0UJH5i+p/qqA1S0n4Hi2Wglx3xNBDdwvUnQ8kFVlMoMihBsbQwhwOCUB
IDTav37VUKIBzIJQ7UB5ZNG8wORzahMsqc7pP5CDOe5yQIW0H+Z7POaQiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFkNxXFyKYGskH6pZqaXSjMFUF6MB8GA1UdIwQY
MBaAFOAteSyX29RILrgVzJpPufVHr3oJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEMxNUxKZmIxRWd1dUJYTW1rLTU5VWV2ZWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mNzE5NWItZGQwMC00MjkwLTlmNzgt
YWJkOTBmMzI5YzBjLzEvY1dRM0ZjWElwZ2F5UWZxbG1wcGRLTXdWUVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mNzE5NWItZGQwMC00MjkwLTlmNzgtYWJkOTBmMzI5YzBj
LzEvNEMxNUxKZmIxRWd1dUJYTW1rLTU5VWV2ZWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbUmIMA0G
CSqGSIb3DQEBCwUAA4IBAQBazlO+DTUfVCUvhBoZjmoehvCIjyD+3gjU5PNLiR8f
FQ0HRoeSYimCjTcKCkvScAuomPhkL97TBT5EbY9Dc+2mZP7rBOovBRf/x9v8j9tJ
BE2Fla9BMot9QJ6fIZZbwRrP0hZByv/BAMpw2+pPJ1SmJisk94A8yOJ781T57OdQ
QvhcQ+Kp8eig0wCXI3Y4AXjRGEky37k1OFc1yfJqgghg0IDAt7vmgCJ6BqAfbIB1
8YfRWLgg+shlZrSF98TqO0Jvo1P3y90EAVVOWOog4/KUbJV42gXv9YYdeClbUDlo
L508OWyW3VHNjpo7LfQc7NeDB3brg5RHmUN/yKZ3v5W5
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:08:39 2025 by rpki-client