Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/cJgTWrMWwO4cBqHTiI8A-Rbr9t4.roa
File: cJgTWrMWwO4cBqHTiI8A-Rbr9t4.roa (raw, json)
Hash identifier: +22ciZigEHHnJmjL2vAXhnyOPmbAxXckxCOmW9W102s=
Subject key identifier: 70:98:13:5A:B3:16:C0:EE:1C:06:A1:D3:88:8F:00:F9:16:EB:F6:DE
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 0194274718BEE6B6E2F3563562BA0EDF036C
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/cJgTWrMWwO4cBqHTiI8A-Rbr9t4.roa
Signing time: Thu 02 Jan 2025 13:49:18 +0000
ROA not before: Thu 02 Jan 2025 13:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28760
IP address blocks: 62.249.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:18:be:e6:b6:e2:f3:56:35:62:ba:0e:df:03:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 2 13:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7098135ab316c0ee1c06a1d3888f00f916ebf6de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:94:e0:b9:1a:a9:20:9d:20:7f:5d:e6:60:5b:
bb:85:88:d1:ba:a4:dd:e8:a3:72:34:a4:e7:5b:39:
6a:54:d1:fa:03:5f:11:5f:a9:65:d1:3b:da:a0:07:
82:70:7a:9d:8e:5d:2a:28:18:ba:8a:01:a5:72:6d:
ab:a9:2f:c3:68:7e:dd:32:b7:73:dc:6c:63:28:34:
2d:30:db:1c:e1:bb:70:b3:bb:2c:06:31:ab:1a:e8:
24:c7:09:95:8d:a7:11:8d:dc:ec:af:e9:68:08:14:
a0:19:17:04:e6:8d:7f:e7:90:d8:3c:ea:0d:5d:b4:
9a:a2:33:56:a9:96:32:42:b6:65:71:60:1b:23:f2:
d8:d3:8f:10:5a:65:22:13:52:49:ae:e6:ca:28:c1:
5d:65:8d:d0:a0:4e:b1:f5:45:7a:ad:ab:61:e9:1d:
77:2e:87:fb:2e:54:64:b2:53:60:51:3c:25:95:6d:
08:d0:28:f6:0d:83:07:bd:f5:18:73:2a:ce:f0:66:
da:24:c7:d6:ac:01:b9:af:8b:c4:c4:30:58:76:e1:
bb:bc:ec:5d:56:f0:de:04:08:30:5f:63:0b:78:bf:
9a:48:66:e4:1d:55:fa:9e:a4:51:8f:ce:f2:13:2b:
ea:e8:c7:a5:1e:55:8f:d9:d8:9f:43:5a:7a:5b:49:
ab:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:98:13:5A:B3:16:C0:EE:1C:06:A1:D3:88:8F:00:F9:16:EB:F6:DE
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/cJgTWrMWwO4cBqHTiI8A-Rbr9t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.100.0/22
Signature Algorithm: sha256WithRSAEncryption
26:81:e4:6f:06:c8:42:9e:6a:58:f0:09:47:62:59:11:ca:64:
3f:01:40:35:bd:90:14:f4:cd:d2:98:ab:dc:4c:8f:19:ba:8a:
89:58:59:13:b3:03:1f:9f:c9:1e:54:3a:21:7a:06:6a:06:19:
ca:66:a4:17:5f:47:3d:d8:84:d6:a3:ce:62:6c:f1:92:a0:89:
f9:3e:9b:73:57:7d:cf:e7:45:12:dc:fa:03:02:69:86:69:ae:
94:a4:67:3c:83:14:28:f1:60:31:9a:a2:92:99:57:72:da:4b:
64:6e:63:ce:32:6d:55:8d:93:d8:d0:97:e9:dc:96:bd:cf:3f:
e0:60:89:d0:bc:04:c2:d2:0f:73:e3:6e:f2:0d:e6:a2:95:63:
11:2a:14:90:d3:d8:0c:56:c6:92:e4:8b:ee:5e:9b:e1:fd:b9:
09:aa:cd:94:ec:cc:ae:13:f3:a1:a0:e1:ae:5c:7a:1c:e2:08:
8b:4f:f7:98:52:fe:03:bf:c1:08:39:24:c3:43:39:ac:cb:31:
af:9e:bd:36:c4:10:01:57:a3:d9:be:f2:1a:1d:71:9f:87:73:
7f:a8:d8:df:ef:3f:35:11:b7:c6:82:2e:a0:57:b1:d3:a3:0b:
07:ca:c7:50:f4:98:b0:49:72:ce:75:87:25:fb:ca:0f:5b:dc:
c2:a9:7b:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRxi+5rbi81Y1YroO3wNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjUwMTAyMTM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDk4MTM1YWIzMTZjMGVlMWMwNmExZDM4ODhmMDBmOTE2ZWJmNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45TguRqpIJ0gf13mYFu7hYjRuqTd
6KNyNKTnWzlqVNH6A18RX6ll0TvaoAeCcHqdjl0qKBi6igGlcm2rqS/DaH7dMrdz
3GxjKDQtMNsc4btws7ssBjGrGugkxwmVjacRjdzsr+loCBSgGRcE5o1/55DYPOoN
XbSaojNWqZYyQrZlcWAbI/LY048QWmUiE1JJrubKKMFdZY3QoE6x9UV6rath6R13
Lof7LlRkslNgUTwllW0I0Cj2DYMHvfUYcyrO8GbaJMfWrAG5r4vExDBYduG7vOxd
VvDeBAgwX2MLeL+aSGbkHVX6nqRRj87yEyvq6MelHlWP2difQ1p6W0mryQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCYE1qzFsDuHAah04iPAPkW6/beMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvY0pnVFdyTVd3TzRjQnFIVGlJOEEtUmJyOXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPvlkMA0G
CSqGSIb3DQEBCwUAA4IBAQAmgeRvBshCnmpY8AlHYlkRymQ/AUA1vZAU9M3SmKvc
TI8ZuoqJWFkTswMfn8keVDohegZqBhnKZqQXX0c92ITWo85ibPGSoIn5PptzV33P
50US3PoDAmmGaa6UpGc8gxQo8WAxmqKSmVdy2ktkbmPOMm1VjZPY0Jfp3Ja9zz/g
YInQvATC0g9z427yDeailWMRKhSQ09gMVsaS5IvuXpvh/bkJqs2U7MyuE/OhoOGu
XHoc4giLT/eYUv4Dv8EIOSTDQzmsyzGvnr02xBABV6PZvvIaHXGfh3N/qNjf7z81
EbfGgi6gV7HTowsHysdQ9JiwSXLOdYcl+8oPW9zCqXsJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:00 2025 by rpki-client