Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/GNiJG3xpkW82o4W1yrImKoG5MJU.roa
File: GNiJG3xpkW82o4W1yrImKoG5MJU.roa (raw, json)
Hash identifier: BvuebS9Of4HLpNtbxkNjqKwp5lwh+0N5sWdkwgefagE=
Subject key identifier: 18:D8:89:1B:7C:69:91:6F:36:A3:85:B5:CA:B2:26:2A:81:B9:30:95
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 019421446C05DF58046EEE0EF66621A9E20D
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/GNiJG3xpkW82o4W1yrImKoG5MJU.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214694
IP address blocks: 109.207.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6c:05:df:58:04:6e:ee:0e:f6:66:21:a9:e2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18d8891b7c69916f36a385b5cab2262a81b93095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:d5:59:48:d1:eb:73:8c:e3:98:ac:11:a9:
8a:38:8b:50:b8:54:3a:52:64:9c:12:ec:6f:69:07:
4c:78:62:02:12:3f:85:09:1b:df:fe:be:6b:cc:21:
fd:c9:39:6e:9f:6e:58:85:08:17:af:8d:a8:85:d5:
a7:cc:f1:ad:aa:0e:97:ea:a3:03:00:13:fc:73:db:
e0:4a:15:3c:8c:2f:46:64:47:0e:3e:2b:a5:a3:cc:
c0:87:7d:06:92:fc:e4:02:6b:f6:34:6c:77:9b:a5:
92:e6:7f:64:72:af:c0:93:32:05:0d:97:e1:44:ee:
ce:9d:6e:73:0e:dd:48:30:33:aa:55:9f:2f:e3:65:
b2:77:8b:6a:0b:43:85:c2:35:43:f7:88:e6:94:8a:
59:2b:1c:8b:fb:65:db:85:30:5f:47:ed:28:fc:82:
35:ae:66:b1:10:44:5d:ad:44:0c:6a:b2:01:af:28:
84:ae:fa:f9:f0:bd:7a:c0:43:c8:96:31:1b:9a:30:
4d:bb:8d:91:c2:8e:81:89:ed:7f:25:4b:0b:0e:b2:
64:54:68:e7:34:4a:20:2f:dc:d2:c9:16:48:a6:3f:
8a:55:2c:6d:08:7b:22:bb:52:f4:58:5c:6c:a8:8a:
9b:a0:36:91:fa:c6:ce:dd:94:87:00:da:98:2d:0b:
26:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D8:89:1B:7C:69:91:6F:36:A3:85:B5:CA:B2:26:2A:81:B9:30:95
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/GNiJG3xpkW82o4W1yrImKoG5MJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.243.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a1:ad:eb:c1:14:1f:f0:6d:e3:34:84:2c:98:c4:7b:08:6b:
41:1a:4a:6e:39:18:1c:f0:18:b0:44:1d:56:de:9c:e7:fb:cf:
26:68:5f:36:d9:5b:f6:54:d8:6d:fc:28:20:f9:d4:6f:e2:ba:
0d:03:c3:98:35:ac:13:31:c9:22:04:48:e9:ec:82:b9:76:a1:
1a:f6:a8:79:74:13:48:a3:07:50:eb:d0:92:05:e4:11:38:3e:
b7:82:4b:64:c6:91:b2:e2:35:10:71:64:cf:ff:d8:a9:e6:bb:
69:88:52:17:5c:cf:73:1f:c3:44:02:b7:13:90:bc:23:bf:bf:
68:ee:40:07:57:13:d1:20:0f:83:e6:8f:80:5d:0d:cb:e8:96:
fb:df:06:aa:a9:ac:cf:4f:76:2e:71:e0:b2:98:d2:80:b8:cf:
08:f3:d7:a3:d7:79:12:c1:c3:d8:92:ff:4a:39:09:4d:4e:f7:
09:64:8b:90:da:fe:e1:8d:7f:52:8f:28:6a:29:0a:b7:62:e8:
cd:48:66:70:2d:b6:9f:c2:3c:83:14:92:8d:75:52:2f:09:9d:
a7:95:a7:33:4b:a5:2a:77:78:55:77:73:22:e5:b2:d4:7d:e3:
bf:a7:78:b8:05:b9:75:bb:48:bd:9a:73:02:76:8d:35:59:52:
41:6d:7a:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGwF31gEbu4O9mYhqeINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ4ODkxYjdjNjk5MTZmMzZhMzg1YjVjYWIyMjYyYTgxYjkzMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrLVWUjR63OM45isEamKOItQuFQ6
UmScEuxvaQdMeGICEj+FCRvf/r5rzCH9yTlun25YhQgXr42ohdWnzPGtqg6X6qMD
ABP8c9vgShU8jC9GZEcOPiulo8zAh30GkvzkAmv2NGx3m6WS5n9kcq/AkzIFDZfh
RO7OnW5zDt1IMDOqVZ8v42Wyd4tqC0OFwjVD94jmlIpZKxyL+2XbhTBfR+0o/II1
rmaxEERdrUQMarIBryiErvr58L16wEPIljEbmjBNu42Rwo6Bie1/JUsLDrJkVGjn
NEogL9zSyRZIpj+KVSxtCHsiu1L0WFxsqIqboDaR+sbO3ZSHANqYLQsmxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjYiRt8aZFvNqOFtcqyJiqBuTCVMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvR05pSkczeHBrVzgybzRXMXlySW1Lb0c1TUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc/zMA0G
CSqGSIb3DQEBCwUAA4IBAQBBoa3rwRQf8G3jNIQsmMR7CGtBGkpuORgc8BiwRB1W
3pzn+88maF822Vv2VNht/Cgg+dRv4roNA8OYNawTMckiBEjp7IK5dqEa9qh5dBNI
owdQ69CSBeQROD63gktkxpGy4jUQcWTP/9ip5rtpiFIXXM9zH8NEArcTkLwjv79o
7kAHVxPRIA+D5o+AXQ3L6Jb73waqqazPT3YuceCymNKAuM8I89ej13kSwcPYkv9K
OQlNTvcJZIuQ2v7hjX9SjyhqKQq3YujNSGZwLbafwjyDFJKNdVIvCZ2nlaczS6Uq
d3hVd3Mi5bLUfeO/p3i4Bbl1u0i9mnMCdo01WVJBbXrq
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:42:54 2025 by rpki-client