Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/asX4JxZY70Wh1TkIKCgqO_mMec0.roa
File: asX4JxZY70Wh1TkIKCgqO_mMec0.roa (raw, json)
Hash identifier: UvUECOYX9pZrR+BBRmekI4gAoLk0RMd4U1+0xPQqJW4=
Subject key identifier: 6A:C5:F8:27:16:58:EF:45:A1:D5:39:08:28:28:2A:3B:F9:8C:79:CD
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 019424B274FE099FAA3F992725E1EC038897
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/asX4JxZY70Wh1TkIKCgqO_mMec0.roa
Signing time: Thu 02 Jan 2025 01:47:42 +0000
ROA not before: Thu 02 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204286
IP address blocks: 109.205.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:74:fe:09:9f:aa:3f:99:27:25:e1:ec:03:88:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jan 2 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ac5f8271658ef45a1d5390828282a3bf98c79cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c1:dc:b4:dd:96:8d:6c:be:85:21:87:77:9a:
6c:7c:5b:fd:45:47:7d:be:1f:51:43:54:a8:26:b9:
45:88:17:82:32:03:a7:81:b9:02:49:9c:d3:58:3d:
2f:73:61:7f:a0:e1:fb:3b:1c:b1:6e:41:55:0e:7d:
bb:fb:e3:94:71:a1:76:79:60:46:08:ec:c5:61:55:
0e:c5:d1:5d:14:55:a4:32:d8:60:55:e8:5c:10:7d:
96:af:bb:b8:13:a0:91:56:1d:68:06:8d:2d:a2:36:
b2:f3:48:9a:fc:57:50:7a:5b:f4:2e:79:b9:05:c8:
fb:44:ca:2d:68:72:e3:e1:ba:97:03:e3:eb:8e:00:
f1:51:5b:d3:19:89:88:31:ce:af:d8:2a:63:af:41:
43:9d:52:37:f4:24:da:68:a1:57:79:ca:6a:b2:be:
37:ab:2f:fc:4f:98:36:1e:7e:7b:c6:30:23:b1:fd:
18:bc:5d:88:ab:fb:25:bc:a7:fe:3c:46:a5:27:db:
61:ec:fc:02:b5:89:8e:0f:a3:16:b7:bc:4a:1b:47:
d5:05:fa:81:6f:fe:c3:c4:90:e1:c6:14:e6:24:32:
9c:36:ba:d7:0f:1d:e3:a2:6e:65:b7:43:de:e2:d6:
4c:57:20:56:f2:c3:f3:72:31:52:0d:61:7e:46:3e:
aa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C5:F8:27:16:58:EF:45:A1:D5:39:08:28:28:2A:3B:F9:8C:79:CD
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/asX4JxZY70Wh1TkIKCgqO_mMec0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.60.0/24
Signature Algorithm: sha256WithRSAEncryption
30:dd:15:f5:bb:a4:fd:66:ab:83:b9:de:20:a2:8a:44:ef:7f:
d0:c3:72:c9:b1:a5:f8:d0:82:ba:83:7e:02:52:a6:57:bb:bc:
08:e2:82:0e:5b:75:61:65:b0:4f:3e:d0:4c:be:99:b1:22:95:
b7:e3:91:13:dc:ac:15:3d:28:0f:37:3b:b7:ab:07:d2:12:37:
93:19:5f:0d:1a:7d:57:b3:4d:d1:6a:42:9c:6e:ed:44:a0:c3:
b5:44:fb:ee:8d:5c:20:c7:52:ed:64:38:37:27:8d:51:b7:b0:
e1:54:8d:4d:9d:c1:d1:48:92:f6:b5:23:15:77:37:20:c6:ef:
c6:e7:c5:c8:be:f1:ad:74:a0:d6:e4:9c:39:38:61:a2:73:8a:
76:ad:2c:02:44:80:71:1b:4d:cb:09:4c:69:62:41:62:eb:ab:
4c:a4:84:1a:b3:7f:2e:42:34:f2:05:f4:c4:e3:57:93:a8:04:
8e:70:ed:8e:5f:d5:10:77:84:06:fc:61:b7:d4:75:64:b2:11:
92:05:00:79:94:2d:24:fb:f0:2b:ee:1b:aa:48:06:18:b6:4a:
3d:e8:a3:f3:f3:62:d8:0a:26:27:66:8a:20:79:f2:87:11:cf:
22:09:40:56:47:ae:a2:fb:0f:79:f2:d6:9b:b2:e2:b5:4f:96:
55:3c:18:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksnT+CZ+qP5knJeHsA4iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwMTAyMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM1ZjgyNzE2NThlZjQ1YTFkNTM5MDgyODI4MmEzYmY5OGM3OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocHctN2WjWy+hSGHd5psfFv9RUd9
vh9RQ1SoJrlFiBeCMgOngbkCSZzTWD0vc2F/oOH7OxyxbkFVDn27++OUcaF2eWBG
COzFYVUOxdFdFFWkMthgVehcEH2Wr7u4E6CRVh1oBo0tojay80ia/FdQelv0Lnm5
Bcj7RMotaHLj4bqXA+PrjgDxUVvTGYmIMc6v2Cpjr0FDnVI39CTaaKFXecpqsr43
qy/8T5g2Hn57xjAjsf0YvF2Iq/slvKf+PEalJ9th7PwCtYmOD6MWt7xKG0fVBfqB
b/7DxJDhxhTmJDKcNrrXDx3jom5lt0Pe4tZMVyBW8sPzcjFSDWF+Rj6q+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrF+CcWWO9FodU5CCgoKjv5jHnNMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvYXNYNEp4Wlk3MFdoMVRrSUtDZ3FPX21NZWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc08MA0G
CSqGSIb3DQEBCwUAA4IBAQAw3RX1u6T9ZquDud4goopE73/Qw3LJsaX40IK6g34C
UqZXu7wI4oIOW3VhZbBPPtBMvpmxIpW345ET3KwVPSgPNzu3qwfSEjeTGV8NGn1X
s03RakKcbu1EoMO1RPvujVwgx1LtZDg3J41Rt7DhVI1NncHRSJL2tSMVdzcgxu/G
58XIvvGtdKDW5Jw5OGGic4p2rSwCRIBxG03LCUxpYkFi66tMpIQas38uQjTyBfTE
41eTqASOcO2OX9UQd4QG/GG31HVkshGSBQB5lC0k+/Ar7huqSAYYtko96KPz82LY
CiYnZoogefKHEc8iCUBWR66i+w958tabsuK1T5ZVPBj/
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:56:25 2025 by rpki-client