Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/iXldcpMNtu5kim9vQXhjht5Ha_0.roa
File: iXldcpMNtu5kim9vQXhjht5Ha_0.roa (raw, json)
Hash identifier: OZZlPHrzKaaexsTtY7l0u4aOhC15J2UaGXg/fHHU/6k=
Subject key identifier: 89:79:5D:72:93:0D:B6:EE:64:8A:6F:6F:41:78:63:86:DE:47:6B:FD
Certificate issuer: /CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Certificate serial: 0194236911F209466FA8CBB41952983A7D71
Authority key identifier: 70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/iXldcpMNtu5kim9vQXhjht5Ha_0.roa
Signing time: Wed 01 Jan 2025 19:47:55 +0000
ROA not before: Wed 01 Jan 2025 19:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207009
IP address blocks: 209.251.195.0/24 maxlen: 24
209.251.196.0/23 maxlen: 23
2a06:6747::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:11:f2:09:46:6f:a8:cb:b4:19:52:98:3a:7d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Validity
Not Before: Jan 1 19:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89795d72930db6ee648a6f6f41786386de476bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2c:4f:fe:00:7b:01:94:98:02:43:84:e1:27:
1a:1f:86:14:43:75:f4:ef:ed:56:4b:b9:35:84:0e:
45:63:a0:76:16:48:84:b8:7a:19:32:30:fd:25:87:
91:64:7f:13:82:89:5c:e5:40:44:93:b8:e5:ca:c5:
cc:34:73:c8:9e:ab:35:48:10:78:66:20:3e:7d:03:
84:d4:cf:7e:48:ed:e3:a8:d4:32:d1:4e:8f:a4:99:
06:0c:bb:1b:17:6f:d1:e7:f8:5a:fd:3d:68:c4:f7:
a7:63:cb:35:75:68:81:7d:3a:dd:a0:23:83:79:25:
9a:37:56:ba:30:a6:e7:c3:a4:61:60:22:1a:19:c8:
77:b7:7f:47:f6:27:62:09:11:d8:7f:47:b2:99:e5:
89:02:bb:77:26:0f:1a:6d:af:ba:6d:a6:1b:e5:0e:
70:22:d8:d0:d8:20:59:6a:b5:ae:9d:d4:21:f4:a6:
ab:fc:4d:68:e7:c5:3a:39:12:70:63:ae:27:7f:bf:
92:b6:d8:90:5d:16:b3:de:10:57:32:46:a5:e3:26:
a6:9d:4a:ec:a9:68:d5:14:96:c6:00:d3:d3:e4:7d:
35:61:a4:8c:a5:0c:ab:f6:a3:0d:a9:16:6c:82:a5:
fa:27:8f:87:82:40:99:7c:8b:d0:28:48:25:65:0d:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:79:5D:72:93:0D:B6:EE:64:8A:6F:6F:41:78:63:86:DE:47:6B:FD
X509v3 Authority Key Identifier:
keyid:70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/iXldcpMNtu5kim9vQXhjht5Ha_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.251.195.0-209.251.197.255
IPv6:
2a06:6747::/32
Signature Algorithm: sha256WithRSAEncryption
1d:34:66:84:76:ec:d2:93:23:d0:23:51:8f:d0:9e:75:db:a5:
7a:6d:6d:5b:3d:0d:cc:75:1b:96:8b:08:3d:e2:7b:a5:12:a7:
3e:b0:6f:26:d1:28:55:d0:87:20:d4:86:9c:ac:cf:2d:8c:66:
19:14:d1:6e:c2:55:e6:35:12:4b:60:b3:48:fe:a3:3e:d8:d7:
90:95:43:eb:11:95:42:55:f0:14:a3:f0:4b:a2:36:a8:5d:f5:
22:d8:cb:90:38:15:80:c3:8a:2d:0a:54:ef:1c:a6:1d:f4:87:
b0:dd:59:46:a4:06:52:db:75:6f:fc:cd:0d:3c:1b:f3:89:4d:
9e:81:29:a5:a8:c9:90:ed:d5:61:dd:06:17:23:0d:86:75:61:
9f:0f:a8:5e:fa:d8:4c:60:21:ee:44:a2:2a:14:dc:40:b9:b4:
04:f5:88:f8:d0:ac:ec:d0:bf:05:f8:55:0d:14:67:4b:34:2c:
a3:05:83:6e:19:6c:71:8d:c7:33:e0:40:0f:38:0a:fe:95:f2:
a9:cc:65:7e:32:da:e2:8c:bd:d3:b3:de:d1:3d:5d:9b:aa:a8:
4e:6d:df:f1:7a:cf:fb:ea:7d:91:fc:00:05:7c:0e:9c:af:a8:
49:3b:b5:e2:42:50:9f:94:a2:11:75:4e:3a:72:20:5c:20:47:
5c:cd:76:30
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjaRHyCUZvqMu0GVKYOn1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGMwMzA5MzBhOWQyZTRkYTg4ZDgxODUyYTQ0YzNmNzhi
ZmI0NDAwHhcNMjUwMTAxMTk0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc5NWQ3MjkzMGRiNmVlNjQ4YTZmNmY0MTc4NjM4NmRlNDc2YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwixP/gB7AZSYAkOE4ScaH4YUQ3X0
7+1WS7k1hA5FY6B2FkiEuHoZMjD9JYeRZH8Tgolc5UBEk7jlysXMNHPInqs1SBB4
ZiA+fQOE1M9+SO3jqNQy0U6PpJkGDLsbF2/R5/ha/T1oxPenY8s1dWiBfTrdoCOD
eSWaN1a6MKbnw6RhYCIaGch3t39H9idiCRHYf0eymeWJArt3Jg8aba+6baYb5Q5w
ItjQ2CBZarWundQh9Kar/E1o58U6ORJwY64nf7+SttiQXRaz3hBXMkal4yamnUrs
qWjVFJbGANPT5H01YaSMpQyr9qMNqRZsgqX6J4+HgkCZfIvQKEglZQ21fQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIl5XXKTDbbuZIpvb0F4Y4beR2v9MB8GA1UdIwQY
MBaAFHAMAwkwqdLk2ojYGFKkTD94v7RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEt
YzViYmY5NWY4NTg0LzEvaVhsZGNwTU50dTVraW05dlFYaGpodDVIYV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEtYzViYmY5NWY4NTg0
LzEvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBADR+8MD
BAHR+8QwDQQCAAIwBwMFACoGZ0cwDQYJKoZIhvcNAQELBQADggEBAB00ZoR27NKT
I9AjUY/QnnXbpXptbVs9Dcx1G5aLCD3ie6USpz6wbybRKFXQhyDUhpyszy2MZhkU
0W7CVeY1Ektgs0j+oz7Y15CVQ+sRlUJV8BSj8EuiNqhd9SLYy5A4FYDDii0KVO8c
ph30h7DdWUakBlLbdW/8zQ08G/OJTZ6BKaWoyZDt1WHdBhcjDYZ1YZ8PqF762Exg
Ie5EoioU3EC5tAT1iPjQrOzQvwX4VQ0UZ0s0LKMFg24ZbHGNxzPgQA84Cv6V8qnM
ZX4y2uKMvdOz3tE9XZuqqE5t3/F6z/vqfZH8AAV8DpyvqEk7teJCUJ+UohF1Tjpy
IFwgR1zNdjA=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:36:12 2025 by rpki-client