Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jlwTOyFoGuUl1S4qvkPqmcyWYBM.roa
File: jlwTOyFoGuUl1S4qvkPqmcyWYBM.roa (raw, json)
Hash identifier: h9SKCXtTfX2r/KJtjmgMicMBp5sCm2zPUcaWtyxHjOY=
Subject key identifier: 8E:5C:13:3B:21:68:1A:E5:25:D5:2E:2A:BE:43:EA:99:CC:96:60:13
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 019428237DAC98EE93401EDDD49FE7807A3B
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jlwTOyFoGuUl1S4qvkPqmcyWYBM.roa
Signing time: Thu 02 Jan 2025 17:50:02 +0000
ROA not before: Thu 02 Jan 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204203
IP address blocks: 109.162.248.0/24 maxlen: 24
109.162.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7d:ac:98:ee:93:40:1e:dd:d4:9f:e7:80:7a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 2 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e5c133b21681ae525d52e2abe43ea99cc966013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d2:f5:60:69:9c:4f:49:47:53:43:e8:b2:5a:
f3:8f:58:62:f2:ee:ee:eb:25:5f:14:e9:93:1c:1d:
a9:dc:d4:f0:36:58:de:51:fd:5a:c1:fc:99:d1:7e:
02:2f:f3:d1:fc:79:83:19:27:6e:45:86:2d:82:ba:
b6:67:f6:c9:97:12:f7:c8:ab:e5:13:08:0b:36:44:
9f:b8:6d:c2:d6:d1:7f:0f:b1:80:7e:0b:90:75:1d:
ad:52:2b:0a:ef:68:f4:45:e1:1e:9b:46:b4:45:29:
cd:30:b2:a5:3b:e9:7a:34:10:97:f4:e2:a0:00:18:
2a:cf:87:72:a1:87:a4:5f:17:89:38:0c:47:35:cd:
15:7c:60:92:f1:53:06:0b:a5:2b:e8:a7:bb:2f:08:
ec:8c:66:ec:05:a6:e2:0d:b0:dc:b6:8d:4b:2c:9e:
5b:08:f6:65:83:55:a1:bb:37:37:7e:3c:b4:fc:43:
e9:dc:c7:0d:27:a0:7d:a5:15:89:03:5d:1c:e2:c7:
88:a0:f5:64:ad:a2:60:5b:85:c3:30:8c:15:fd:24:
4e:bd:24:2d:a2:d2:75:4b:20:29:51:12:91:38:76:
3b:e4:e1:e7:c3:53:66:ac:36:0b:b1:6f:ad:dc:06:
c5:22:fb:be:a2:58:d9:7f:37:0f:04:ea:70:aa:76:
5e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:5C:13:3B:21:68:1A:E5:25:D5:2E:2A:BE:43:EA:99:CC:96:60:13
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jlwTOyFoGuUl1S4qvkPqmcyWYBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.162.248.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:a8:80:26:a9:e3:f1:b2:fa:cc:1c:6e:cc:8b:a8:31:78:15:
53:6b:d7:62:a4:33:15:57:76:a1:fb:7e:74:dd:85:23:4e:f1:
54:96:cd:9d:0f:13:70:24:bf:d8:37:17:7c:83:b5:da:57:06:
63:9c:8c:bb:45:67:2e:21:b4:88:f1:8c:11:1e:7b:5b:02:59:
cc:d8:4b:96:58:42:14:c6:1b:ff:6d:de:09:99:9b:b3:9d:55:
6f:8d:d6:70:f4:1b:40:08:04:7e:94:c6:9a:f3:fe:b4:66:bd:
55:83:bc:20:53:28:46:01:0d:3e:e8:78:02:6b:1d:93:6f:af:
f8:73:23:1b:8d:de:7a:24:bc:a5:8c:87:1b:40:9a:d3:ad:b4:
ff:10:62:af:1f:45:6a:35:91:b9:b5:4d:2d:89:dc:96:4c:b6:
1c:3a:b8:c9:f4:22:ad:6c:3b:c9:35:7c:9c:ed:ea:93:f5:21:
1f:95:38:91:d9:bc:12:2c:26:e7:59:06:ea:67:8f:85:c6:e5:
b9:e6:9b:8f:9d:f2:16:e6:9f:a8:c7:6e:42:78:ae:0b:67:44:
eb:98:09:20:4e:77:2a:26:5d:ee:eb:56:9a:77:67:8b:a1:d3:
b6:f1:9e:90:7a:26:06:79:ef:d2:7c:4c:ef:26:bb:52:4c:48:
4d:48:a4:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI32smO6TQB7d1J/ngHo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjUwMTAyMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVjMTMzYjIxNjgxYWU1MjVkNTJlMmFiZTQzZWE5OWNjOTY2MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtL1YGmcT0lHU0Poslrzj1hi8u7u
6yVfFOmTHB2p3NTwNljeUf1awfyZ0X4CL/PR/HmDGSduRYYtgrq2Z/bJlxL3yKvl
EwgLNkSfuG3C1tF/D7GAfguQdR2tUisK72j0ReEem0a0RSnNMLKlO+l6NBCX9OKg
ABgqz4dyoYekXxeJOAxHNc0VfGCS8VMGC6Ur6Ke7LwjsjGbsBabiDbDcto1LLJ5b
CPZlg1Whuzc3fjy0/EPp3McNJ6B9pRWJA10c4seIoPVkraJgW4XDMIwV/SROvSQt
otJ1SyApURKROHY75OHnw1NmrDYLsW+t3AbFIvu+oljZfzcPBOpwqnZe6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5cEzshaBrlJdUuKr5D6pnMlmATMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvamx3VE95Rm9HdVVsMVM0cXZrUHFtY3lXWUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaL4MA0G
CSqGSIb3DQEBCwUAA4IBAQCdqIAmqePxsvrMHG7Mi6gxeBVTa9dipDMVV3ah+350
3YUjTvFUls2dDxNwJL/YNxd8g7XaVwZjnIy7RWcuIbSI8YwRHntbAlnM2EuWWEIU
xhv/bd4JmZuznVVvjdZw9BtACAR+lMaa8/60Zr1Vg7wgUyhGAQ0+6HgCax2Tb6/4
cyMbjd56JLyljIcbQJrTrbT/EGKvH0VqNZG5tU0tidyWTLYcOrjJ9CKtbDvJNXyc
7eqT9SEflTiR2bwSLCbnWQbqZ4+FxuW55puPnfIW5p+ox25CeK4LZ0TrmAkgTncq
Jl3u61aad2eLodO28Z6QeiYGee/SfEzvJrtSTEhNSKQC
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:45:23 2025 by rpki-client