Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/8d2d0a-2f70-4859-bb44-5b5078625dea/1/xHkLuYRtCrVGpuLnGhaks3lRnwA.roa
File: xHkLuYRtCrVGpuLnGhaks3lRnwA.roa (raw, json)
Hash identifier: oO+aRb9k9iEUfToXswGXJDHCnfvH4Pcnu65Wu7dUdc8=
Subject key identifier: C4:79:0B:B9:84:6D:0A:B5:46:A6:E2:E7:1A:16:A4:B3:79:51:9F:00
Certificate issuer: /CN=4f8de72e5006af6db55115e1b70932023ceecba4
Certificate serial: 01942521654D45EF81B875BD12615B022F5F
Authority key identifier: 4F:8D:E7:2E:50:06:AF:6D:B5:51:15:E1:B7:09:32:02:3C:EE:CB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T43nLlAGr221URXhtwkyAjzuy6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/8d2d0a-2f70-4859-bb44-5b5078625dea/1/xHkLuYRtCrVGpuLnGhaks3lRnwA.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52026
IP address blocks: 109.206.96.0/19 maxlen: 24
109.207.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:65:4d:45:ef:81:b8:75:bd:12:61:5b:02:2f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8de72e5006af6db55115e1b70932023ceecba4
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4790bb9846d0ab546a6e2e71a16a4b379519f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:2d:f2:52:9b:2e:5d:64:e9:ae:f5:40:5f:
95:d1:1b:b4:7e:3b:d0:8f:7a:79:be:3e:ff:e4:80:
26:94:93:41:dc:1e:37:cb:61:9a:ce:1a:a3:aa:84:
42:4e:82:41:47:e5:e4:3a:b8:77:77:a2:0b:2c:0e:
de:f6:76:36:9a:06:f4:0c:de:1a:3e:86:6b:be:c2:
f1:7e:e8:f3:e2:06:28:ef:c7:9d:bf:ca:64:c7:38:
64:06:33:44:24:71:34:37:59:38:10:91:1b:77:60:
ff:e7:78:5a:ef:4d:10:3e:41:37:38:2b:63:16:56:
16:15:da:01:af:0d:af:0e:4a:41:ca:6e:f6:e8:ee:
fb:5a:1e:10:46:70:bb:0f:fd:4b:13:b3:d7:a9:97:
69:00:84:92:2c:e1:12:49:b7:26:4b:14:3e:c1:27:
d4:96:16:8e:4d:6f:13:d1:15:42:b2:63:f1:3d:ea:
a6:ef:7c:11:46:82:28:d2:7f:83:d0:c0:dd:10:d0:
c7:45:b2:ad:75:e1:e0:58:b9:11:84:9e:7b:40:4b:
ac:18:4a:66:70:cd:29:cc:3c:40:f8:cd:74:19:97:
e9:d6:27:0f:58:78:06:18:d9:36:97:35:e2:e1:2a:
f2:20:81:4c:c2:71:55:18:1e:d1:ad:8a:f1:c8:fb:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:79:0B:B9:84:6D:0A:B5:46:A6:E2:E7:1A:16:A4:B3:79:51:9F:00
X509v3 Authority Key Identifier:
keyid:4F:8D:E7:2E:50:06:AF:6D:B5:51:15:E1:B7:09:32:02:3C:EE:CB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T43nLlAGr221URXhtwkyAjzuy6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8d2d0a-2f70-4859-bb44-5b5078625dea/1/xHkLuYRtCrVGpuLnGhaks3lRnwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8d2d0a-2f70-4859-bb44-5b5078625dea/1/T43nLlAGr221URXhtwkyAjzuy6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.96.0/19
109.207.32.0/20
Signature Algorithm: sha256WithRSAEncryption
92:a8:6a:18:7d:f2:83:ee:01:4a:b8:8f:11:21:b6:b8:61:cb:
d6:a6:2c:0e:fd:3b:ff:f1:38:35:51:52:fb:be:1c:01:a2:92:
67:e9:3c:eb:2c:5e:dd:a4:15:28:5e:38:e9:ef:d4:69:08:74:
0c:b5:e1:29:f5:4c:8a:73:cf:3f:f8:47:ce:c6:f5:b3:22:4a:
0e:2d:e9:0d:01:1d:8a:a0:c1:f6:92:f8:cf:73:a5:99:21:49:
0d:66:13:39:8b:f2:c8:6e:53:ac:f4:14:7c:0e:e4:6c:7b:2d:
3f:e6:63:fa:c6:ba:f2:00:c1:e3:fe:91:89:c5:6d:ab:a4:6c:
fe:f8:65:f4:5e:7d:63:90:ef:d0:55:7f:4e:c7:f8:ad:01:57:
fe:31:28:ae:29:4d:24:03:35:ca:d3:63:76:e7:d1:df:5f:a4:
0c:2f:87:b4:a6:50:11:b1:a8:fe:80:47:91:3b:78:9c:a2:8c:
60:98:01:76:44:cf:46:20:7e:07:ff:ea:08:e4:ca:10:09:88:
d8:98:e9:5f:70:a3:56:be:fd:9c:88:b4:8c:87:ae:fb:b2:08:
87:12:97:dd:be:a9:f2:d9:89:83:f6:4b:10:9a:7b:27:8f:09:
9d:ec:c0:ae:5e:c7:91:44:81:2c:35:0b:ac:e7:39:48:11:c3:
bf:24:fc:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIWVNRe+BuHW9EmFbAi9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGRlNzJlNTAwNmFmNmRiNTUxMTVlMWI3MDkzMjAyM2Nl
ZWNiYTQwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDc5MGJiOTg0NmQwYWI1NDZhNmUyZTcxYTE2YTRiMzc5NTE5ZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKkt8lKbLl1k6a71QF+V0Ru0fjvQ
j3p5vj7/5IAmlJNB3B43y2GazhqjqoRCToJBR+XkOrh3d6ILLA7e9nY2mgb0DN4a
PoZrvsLxfujz4gYo78edv8pkxzhkBjNEJHE0N1k4EJEbd2D/53ha700QPkE3OCtj
FlYWFdoBrw2vDkpBym726O77Wh4QRnC7D/1LE7PXqZdpAISSLOESSbcmSxQ+wSfU
lhaOTW8T0RVCsmPxPeqm73wRRoIo0n+D0MDdENDHRbKtdeHgWLkRhJ57QEusGEpm
cM0pzDxA+M10GZfp1icPWHgGGNk2lzXi4SryIIFMwnFVGB7RrYrxyPtfvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMR5C7mEbQq1Rqbi5xoWpLN5UZ8AMB8GA1UdIwQY
MBaAFE+N5y5QBq9ttVEV4bcJMgI87sukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDQzbkxsQUdyMjIxVVJYaHR3a3lBanp1eTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84ZDJkMGEtMmY3MC00ODU5LWJiNDQt
NWI1MDc4NjI1ZGVhLzEveEhrTHVZUnRDclZHcHVMbkdoYWtzM2xSbndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84ZDJkMGEtMmY3MC00ODU5LWJiNDQtNWI1MDc4NjI1ZGVh
LzEvVDQzbkxsQUdyMjIxVVJYaHR3a3lBanp1eTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFbc5gAwQE
bc8gMA0GCSqGSIb3DQEBCwUAA4IBAQCSqGoYffKD7gFKuI8RIba4YcvWpiwO/Tv/
8Tg1UVL7vhwBopJn6TzrLF7dpBUoXjjp79RpCHQMteEp9UyKc88/+EfOxvWzIkoO
LekNAR2KoMH2kvjPc6WZIUkNZhM5i/LIblOs9BR8DuRsey0/5mP6xrryAMHj/pGJ
xW2rpGz++GX0Xn1jkO/QVX9Ox/itAVf+MSiuKU0kAzXK02N259HfX6QML4e0plAR
saj+gEeRO3icooxgmAF2RM9GIH4H/+oI5MoQCYjYmOlfcKNWvv2ciLSMh677sgiH
Epfdvqny2YmD9ksQmnsnjwmd7MCuXseRRIEsNQus5zlIEcO/JPza
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:24:02 2025 by rpki-client