Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/hqWfNQU94aa67UD14uMEBc6ivzY.roa
File: hqWfNQU94aa67UD14uMEBc6ivzY.roa (raw, json)
Hash identifier: vnr5FfmrkEI+u9/SFiQ11TolMxSSlt2O7OtHyllTQ+I=
Subject key identifier: 86:A5:9F:35:05:3D:E1:A6:BA:ED:40:F5:E2:E3:04:05:CE:A2:BF:36
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 019421446B5EC8437BEE7B6775040F992AA3
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/hqWfNQU94aa67UD14uMEBc6ivzY.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214414
IP address blocks: 109.207.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6b:5e:c8:43:7b:ee:7b:67:75:04:0f:99:2a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a59f35053de1a6baed40f5e2e30405cea2bf36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:cc:87:8d:64:15:6a:ee:95:ed:c6:2a:0b:05:
0d:c4:a8:48:fb:19:1f:4d:38:6d:bf:54:a8:93:a2:
66:bf:f7:18:57:46:b4:48:42:eb:54:e6:99:09:1f:
35:88:85:38:4d:6e:39:e9:45:53:59:5e:ca:2d:c1:
bb:b0:15:12:8f:78:64:cf:be:d8:43:29:e9:61:36:
2a:0d:17:af:ed:21:52:0d:69:fc:85:15:14:9e:4d:
ba:e1:95:a7:34:6f:ae:c3:3f:49:79:2f:3c:16:b5:
31:19:ea:41:01:ca:76:38:94:68:f2:90:fc:0a:57:
82:63:00:3e:bc:59:45:51:89:c4:36:45:56:5e:ea:
62:09:da:fb:4e:a5:3c:02:26:99:fd:d4:8f:98:7a:
94:e0:01:19:d0:ae:cc:b8:e6:1e:b1:c6:e4:12:80:
c2:0b:18:52:69:2c:15:2e:af:c4:6a:ee:2e:e5:c6:
33:0b:c0:27:a3:d3:d5:2a:aa:32:b6:4e:3d:4b:65:
ab:21:b4:7a:a4:08:71:9c:c8:eb:38:3e:dd:c1:65:
4c:ac:67:ad:b2:0e:d1:47:df:b5:8a:04:47:9d:39:
5f:96:d4:65:35:cb:6c:fb:ff:0f:f0:6c:7c:f9:61:
c5:96:82:cf:23:42:26:f7:d8:29:1c:05:29:44:79:
11:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A5:9F:35:05:3D:E1:A6:BA:ED:40:F5:E2:E3:04:05:CE:A2:BF:36
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/hqWfNQU94aa67UD14uMEBc6ivzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.242.0/24
Signature Algorithm: sha256WithRSAEncryption
11:0e:0f:5c:1c:7c:ad:cc:ff:f3:10:64:f6:ef:2b:36:dc:f0:
23:c4:a4:31:f2:3d:92:e7:2e:dc:63:c9:89:44:fa:ff:e3:63:
ed:cc:5c:5d:bf:32:01:ae:37:7a:49:3a:20:c2:3c:b0:0b:26:
2f:d9:40:41:ac:9f:e4:47:15:35:36:ae:c7:bf:15:98:fd:12:
c2:6c:85:05:7d:e6:27:9a:a4:14:e3:93:00:aa:30:66:b7:b1:
ef:8f:3e:43:bc:40:26:6b:4f:11:f0:c7:72:19:5d:51:2d:2e:
32:52:2f:3b:a9:ef:bd:cd:d2:22:45:14:09:d7:40:78:aa:12:
14:bf:0f:df:bc:a4:69:8c:7f:77:4c:26:94:16:fb:10:85:7e:
9b:8a:d8:75:5b:63:92:3e:45:c2:59:27:77:71:e7:e2:de:da:
dc:c2:8a:0a:93:76:f2:69:53:01:7d:02:18:8d:22:82:f6:f4:
71:72:2f:92:31:34:09:3a:31:0f:54:a8:ab:4c:f4:1e:0f:f5:
1d:ed:17:64:f8:e2:02:5b:c7:aa:db:a1:c2:bd:ee:02:ee:6c:
69:42:c1:b6:8d:7b:4e:71:59:2d:97:d4:86:16:ca:76:84:c2:
86:8f:66:00:f6:53:30:e5:ba:28:fa:d2:90:79:a9:e3:73:6c:
39:71:61:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGteyEN77ntndQQPmSqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE1OWYzNTA1M2RlMWE2YmFlZDQwZjVlMmUzMDQwNWNlYTJiZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9cyHjWQVau6V7cYqCwUNxKhI+xkf
TThtv1Sok6Jmv/cYV0a0SELrVOaZCR81iIU4TW456UVTWV7KLcG7sBUSj3hkz77Y
QynpYTYqDRev7SFSDWn8hRUUnk264ZWnNG+uwz9JeS88FrUxGepBAcp2OJRo8pD8
CleCYwA+vFlFUYnENkVWXupiCdr7TqU8AiaZ/dSPmHqU4AEZ0K7MuOYescbkEoDC
CxhSaSwVLq/Eau4u5cYzC8Ano9PVKqoytk49S2WrIbR6pAhxnMjrOD7dwWVMrGet
sg7RR9+1igRHnTlfltRlNcts+/8P8Gx8+WHFloLPI0Im99gpHAUpRHkR5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIalnzUFPeGmuu1A9eLjBAXOor82MB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvaHFXZk5RVTk0YWE2N1VEMTR1TUVCYzZpdnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc/yMA0G
CSqGSIb3DQEBCwUAA4IBAQARDg9cHHytzP/zEGT27ys23PAjxKQx8j2S5y7cY8mJ
RPr/42PtzFxdvzIBrjd6STogwjywCyYv2UBBrJ/kRxU1Nq7HvxWY/RLCbIUFfeYn
mqQU45MAqjBmt7Hvjz5DvEAma08R8MdyGV1RLS4yUi87qe+9zdIiRRQJ10B4qhIU
vw/fvKRpjH93TCaUFvsQhX6bith1W2OSPkXCWSd3cefi3trcwooKk3byaVMBfQIY
jSKC9vRxci+SMTQJOjEPVKirTPQeD/Ud7Rdk+OICW8eq26HCve4C7mxpQsG2jXtO
cVktl9SGFsp2hMKGj2YA9lMw5boo+tKQeanjc2w5cWEv
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:43 2025 by rpki-client