Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ixgQ7SiQi_wWeVAAXtTKU7XdZIk.roa
File: ixgQ7SiQi_wWeVAAXtTKU7XdZIk.roa (raw, json)
Hash identifier: 96bA0cNzp2CN/kCqbjKPaK+FRxIBqzNEUGIfvg5EFb4=
Subject key identifier: 8B:18:10:ED:28:90:8B:FC:16:79:50:00:5E:D4:CA:53:B5:DD:64:89
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAF070D9F08F82E48392CB66850689
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ixgQ7SiQi_wWeVAAXtTKU7XdZIk.roa
Signing time: Wed 01 Jan 2025 17:47:38 +0000
ROA not before: Wed 01 Jan 2025 17:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50753
IP address blocks: 109.236.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f0:70:d9:f0:8f:82:e4:83:92:cb:66:85:06:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b1810ed28908bfc167950005ed4ca53b5dd6489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:ee:13:12:9b:c3:d7:35:19:53:8b:28:b7:
4e:fc:e7:90:15:30:a9:b6:ea:a7:92:2b:7b:10:06:
57:6d:e1:3b:48:96:0f:4a:ba:eb:52:86:8e:e1:8b:
ca:4d:2e:f2:e2:08:e3:dc:e4:25:51:f8:62:9e:fe:
32:d2:85:6a:41:5b:75:c4:14:84:8c:9d:e0:ff:1b:
9f:a5:93:9b:00:20:a2:96:37:5b:90:6f:ba:43:92:
18:9f:ae:36:d6:45:12:d0:d0:18:a6:ac:c1:c8:12:
19:e0:9d:8d:0e:62:e2:2a:d6:7b:c2:73:e6:05:9d:
c0:d6:05:5f:eb:dd:7f:4b:b8:a1:99:2e:b7:61:05:
17:9a:0a:b8:de:08:c9:9e:3c:e3:ad:fe:9e:4e:22:
a0:13:ce:0e:2f:3c:0e:d8:8f:3a:88:40:07:e7:59:
1c:45:70:70:13:4c:7e:cd:79:b6:5a:06:51:b0:e3:
20:23:b7:af:19:ae:2a:73:9e:51:fd:d9:25:13:52:
4a:cb:24:65:9a:f1:0b:1b:a9:ac:9c:99:d7:4a:d9:
5c:d7:dd:d0:1a:ad:e1:0b:49:2d:b4:d5:b1:c0:d5:
f2:d0:24:d9:5a:0f:cd:18:ef:c3:86:b3:49:81:d1:
79:72:62:78:19:50:64:94:98:ba:95:da:01:1f:30:
96:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:18:10:ED:28:90:8B:FC:16:79:50:00:5E:D4:CA:53:B5:DD:64:89
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ixgQ7SiQi_wWeVAAXtTKU7XdZIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.252.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b6:17:70:df:68:50:6a:4a:98:52:ac:e5:ed:df:56:55:40:
54:05:85:db:b1:c8:42:2d:67:9d:95:a7:85:43:fb:11:a6:7b:
44:23:c6:25:24:3b:19:96:80:90:b4:b2:b0:78:c9:40:c0:d9:
ae:68:4e:61:5d:dc:8b:b5:4f:8e:b0:49:a0:4b:dc:0b:5b:c0:
f4:fb:94:5c:40:67:78:47:d5:53:5d:dd:1e:e4:24:18:42:fa:
9a:f5:23:2f:4e:2f:5a:b5:ff:1d:d9:41:56:38:a2:51:14:e6:
db:56:ef:2a:1b:69:12:13:5e:20:83:15:72:31:34:1b:6e:6c:
fc:5b:e3:07:9e:4e:4a:12:27:b0:d0:85:20:2d:84:0a:28:e5:
cb:c7:f3:b5:07:2f:76:50:08:fe:ad:f8:c2:82:0b:bb:0b:b4:
ed:d0:47:2e:64:df:a4:4d:ad:c2:70:b4:c9:6f:60:63:6f:2e:
35:33:4b:50:38:6d:fa:de:d6:bf:12:1d:62:e0:ea:cf:e4:57:
3a:8c:17:03:b0:6b:69:a7:8c:24:c9:d3:86:ac:d3:b9:0b:50:
ab:61:2a:9d:51:58:91:76:26:c8:c3:a7:af:e1:e9:dd:d1:95:
be:84:10:4f:50:07:c9:71:07:1a:f8:8f:ba:8e:6c:05:e1:d9:
0a:5b:89:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+vBw2fCPguSDkstmhQaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjE4MTBlZDI4OTA4YmZjMTY3OTUwMDA1ZWQ0Y2E1M2I1ZGQ2NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuDuExKbw9c1GVOLKLdO/OeQFTCp
tuqnkit7EAZXbeE7SJYPSrrrUoaO4YvKTS7y4gjj3OQlUfhinv4y0oVqQVt1xBSE
jJ3g/xufpZObACCiljdbkG+6Q5IYn6421kUS0NAYpqzByBIZ4J2NDmLiKtZ7wnPm
BZ3A1gVf691/S7ihmS63YQUXmgq43gjJnjzjrf6eTiKgE84OLzwO2I86iEAH51kc
RXBwE0x+zXm2WgZRsOMgI7evGa4qc55R/dklE1JKyyRlmvELG6msnJnXStlc193Q
Gq3hC0kttNWxwNXy0CTZWg/NGO/DhrNJgdF5cmJ4GVBklJi6ldoBHzCWDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsYEO0okIv8FnlQAF7UylO13WSJMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvaXhnUTdTaVFpX3dXZVZBQVh0VEtVN1hkWklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbez8MA0G
CSqGSIb3DQEBCwUAA4IBAQCQthdw32hQakqYUqzl7d9WVUBUBYXbschCLWedlaeF
Q/sRpntEI8YlJDsZloCQtLKweMlAwNmuaE5hXdyLtU+OsEmgS9wLW8D0+5RcQGd4
R9VTXd0e5CQYQvqa9SMvTi9atf8d2UFWOKJRFObbVu8qG2kSE14ggxVyMTQbbmz8
W+MHnk5KEiew0IUgLYQKKOXLx/O1By92UAj+rfjCggu7C7Tt0EcuZN+kTa3CcLTJ
b2Bjby41M0tQOG363ta/Eh1i4OrP5Fc6jBcDsGtpp4wkydOGrNO5C1CrYSqdUViR
dibIw6ev4end0ZW+hBBPUAfJcQca+I+6jmwF4dkKW4n9
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:35:53 2025 by rpki-client