Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/2_oHdZTLwl8Ni8dVchp52bQoBP8.roa
File: 2_oHdZTLwl8Ni8dVchp52bQoBP8.roa (raw, json)
Hash identifier: 1IGeiz1Jq/CL3kqilbFu1/fy+mEjiI24ecXvvRj4kX4=
Subject key identifier: DB:FA:07:75:94:CB:C2:5F:0D:8B:C7:55:72:1A:79:D9:B4:28:04:FF
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAF48676161B20DF28507194ADBA01
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/2_oHdZTLwl8Ni8dVchp52bQoBP8.roa
Signing time: Wed 01 Jan 2025 17:47:39 +0000
ROA not before: Wed 01 Jan 2025 17:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198974
IP address blocks: 109.236.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f4:86:76:16:1b:20:df:28:50:71:94:ad:ba:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbfa077594cbc25f0d8bc755721a79d9b42804ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8b:b5:49:46:66:60:f1:f2:33:5c:57:99:ec:
de:ec:e0:81:aa:36:f1:35:99:9d:c3:c7:54:2e:8d:
f5:0c:4e:eb:3d:f5:9c:bc:3b:7d:fd:c8:0b:04:57:
21:79:5a:d9:f2:f4:1f:d2:05:fb:f7:2d:cb:5f:c1:
87:af:96:6e:47:3e:8a:60:7e:a3:e6:19:e5:91:a2:
e6:97:89:63:67:87:fe:d0:16:7e:28:4d:5d:94:5e:
ed:5e:24:6b:d9:6d:da:f2:8c:a9:8d:75:ed:32:34:
e2:81:8d:31:39:bc:5d:ae:28:e3:4f:5e:ab:80:5d:
b7:94:8e:e0:e4:30:a1:a7:ec:c9:74:23:f1:85:bf:
46:5c:75:c8:31:62:4a:a6:3d:2a:7b:66:6e:e5:39:
0d:e7:66:f1:ac:c8:52:f3:81:1d:00:6b:e4:23:06:
07:a1:7e:6b:34:b1:c7:4e:94:e7:29:0a:11:c5:50:
f3:2e:58:32:24:7f:99:85:c5:53:4d:5e:8d:eb:43:
7f:f2:30:9a:08:74:44:5f:9b:c7:bb:4d:63:4f:17:
d8:3e:57:11:68:c6:c5:78:b2:07:5b:05:27:44:10:
c6:c1:ef:e9:84:5d:6e:c1:f9:d8:82:81:0e:32:e5:
9a:21:b3:01:87:03:45:ba:04:45:ef:c9:33:66:2f:
c1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FA:07:75:94:CB:C2:5F:0D:8B:C7:55:72:1A:79:D9:B4:28:04:FF
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/2_oHdZTLwl8Ni8dVchp52bQoBP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.245.0/24
Signature Algorithm: sha256WithRSAEncryption
66:12:63:c3:84:3b:f9:55:29:c4:42:72:c1:d1:3a:36:a1:4c:
c5:e2:1b:6c:d7:fe:fc:a8:1e:80:60:c1:1e:27:76:92:e5:94:
75:39:15:f8:a6:00:50:65:89:91:be:9a:9c:3f:a6:f4:79:29:
66:b4:4d:5f:79:38:57:bf:5f:3f:4d:92:38:8c:ab:f9:62:ed:
14:99:49:dd:1b:72:18:7c:b2:19:c5:60:35:ca:68:cf:17:41:
a8:35:8e:33:1c:19:31:72:19:ca:b4:6e:20:44:0f:c5:f1:3a:
95:29:88:2d:e2:d6:d2:e7:15:66:13:b0:c7:fc:d3:64:53:ad:
6e:d0:f1:14:ea:57:a1:d9:9a:38:db:60:c0:08:51:8f:c0:46:
68:48:55:ca:52:cb:d8:e5:62:e3:a6:3d:ee:e1:3b:e7:b3:68:
8b:6f:e2:67:08:48:23:7a:1a:7e:33:21:06:74:db:a6:10:3e:
0e:bc:5e:89:87:87:92:99:79:09:9e:9f:a4:22:72:02:14:84:
ec:67:06:73:f1:91:5a:cf:93:6b:07:d9:1b:bb:84:4b:55:03:
35:fb:0a:b1:42:a5:2c:ab:e5:21:2e:0c:93:a4:75:63:11:92:
42:5e:00:a3:54:3a:f1:42:94:62:0a:80:06:52:b3:7a:cb:59:
88:38:8a:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+vSGdhYbIN8oUHGUrboBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZhMDc3NTk0Y2JjMjVmMGQ4YmM3NTU3MjFhNzlkOWI0MjgwNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYu1SUZmYPHyM1xXmeze7OCBqjbx
NZmdw8dULo31DE7rPfWcvDt9/cgLBFcheVrZ8vQf0gX79y3LX8GHr5ZuRz6KYH6j
5hnlkaLml4ljZ4f+0BZ+KE1dlF7tXiRr2W3a8oypjXXtMjTigY0xObxdrijjT16r
gF23lI7g5DChp+zJdCPxhb9GXHXIMWJKpj0qe2Zu5TkN52bxrMhS84EdAGvkIwYH
oX5rNLHHTpTnKQoRxVDzLlgyJH+ZhcVTTV6N60N/8jCaCHREX5vHu01jTxfYPlcR
aMbFeLIHWwUnRBDGwe/phF1uwfnYgoEOMuWaIbMBhwNFugRF78kzZi/BUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNv6B3WUy8JfDYvHVXIaedm0KAT/MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvMl9vSGRaVEx3bDhOaThkVmNocDUyYlFvQlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbez1MA0G
CSqGSIb3DQEBCwUAA4IBAQBmEmPDhDv5VSnEQnLB0To2oUzF4hts1/78qB6AYMEe
J3aS5ZR1ORX4pgBQZYmRvpqcP6b0eSlmtE1feThXv18/TZI4jKv5Yu0UmUndG3IY
fLIZxWA1ymjPF0GoNY4zHBkxchnKtG4gRA/F8TqVKYgt4tbS5xVmE7DH/NNkU61u
0PEU6leh2Zo422DACFGPwEZoSFXKUsvY5WLjpj3u4Tvns2iLb+JnCEgjehp+MyEG
dNumED4OvF6Jh4eSmXkJnp+kInICFITsZwZz8ZFaz5NrB9kbu4RLVQM1+wqxQqUs
q+UhLgyTpHVjEZJCXgCjVDrxQpRiCoAGUrN6y1mIOIro
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:57:02 2025 by rpki-client