Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/NYnTizXFf9F5HjKEvVAjXL7QL6I.roa
File: NYnTizXFf9F5HjKEvVAjXL7QL6I.roa (raw, json)
Hash identifier: fL33AJ4Ztl+pJzTGhHEI4tsqu3omS4AmMkxrxDRIKDo=
Subject key identifier: 35:89:D3:8B:35:C5:7F:D1:79:1E:32:84:BD:50:23:5C:BE:D0:2F:A2
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 019421B236A68999919E5715777652BF96F1
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/NYnTizXFf9F5HjKEvVAjXL7QL6I.roa
Signing time: Wed 01 Jan 2025 11:48:35 +0000
ROA not before: Wed 01 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16019
IP address blocks: 109.205.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:36:a6:89:99:91:9e:57:15:77:76:52:bf:96:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Jan 1 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3589d38b35c57fd1791e3284bd50235cbed02fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b0:48:5a:e2:65:c9:7b:95:85:bb:a4:3e:3d:
bc:70:0d:e9:6e:6e:96:a0:a7:e7:fc:66:9c:05:4f:
4d:6e:3f:48:e8:1c:83:dd:c6:62:e4:bb:b5:48:40:
05:46:cc:b2:4b:72:4b:99:f6:3e:14:e4:4e:0d:2b:
97:b0:47:a2:85:09:c3:a1:f0:85:43:49:fa:ae:3b:
d7:79:da:41:89:66:6a:22:60:d0:75:34:cd:4d:92:
1c:cb:8b:23:4f:86:6e:3f:ae:0b:47:b0:69:88:ee:
9f:b5:32:ec:db:6d:c5:2e:ae:a5:b2:dd:c4:f3:0f:
33:3f:1d:6f:2e:23:b5:a9:13:33:db:bd:7f:15:43:
e1:56:43:15:1a:ab:a8:e3:f7:42:7d:c4:aa:8b:3c:
3e:61:20:86:6e:fc:3c:ec:82:5b:fc:69:78:de:9d:
1c:b7:97:f7:67:33:5f:87:d2:60:c2:6b:3d:8c:d9:
58:7f:b1:84:6b:f6:f0:45:2b:12:ba:9d:e5:53:f9:
22:53:c5:63:3f:2a:9c:16:31:76:6a:0a:41:3e:15:
3b:01:d7:24:00:9c:bf:f5:f2:ca:53:02:b1:1c:db:
21:ff:63:ef:f5:ea:bc:b0:7b:c2:6e:0b:a2:a2:55:
d5:69:96:54:f7:66:c2:03:4b:c1:d2:2f:02:3f:67:
91:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:89:D3:8B:35:C5:7F:D1:79:1E:32:84:BD:50:23:5C:BE:D0:2F:A2
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/NYnTizXFf9F5HjKEvVAjXL7QL6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.240.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:80:c4:0c:10:8b:0c:55:4f:05:9a:36:2d:e7:79:25:bd:81:
f1:80:50:5d:cd:6b:2c:32:35:6c:a4:32:f3:df:a8:7c:aa:5e:
a6:67:f2:22:67:e6:1f:6d:f3:a4:7d:5e:3c:30:48:5b:37:87:
7c:c5:d6:02:03:0b:37:16:61:46:83:c0:05:f3:7f:3a:3f:d9:
db:62:51:8e:86:27:f4:89:63:f6:be:c4:92:8a:30:06:f2:9b:
30:91:e5:b8:6f:15:0d:7e:19:4a:ea:c4:f1:a0:f2:c2:db:80:
fa:ed:df:45:ff:4d:7f:36:e5:12:f2:40:37:5d:5a:bb:40:0d:
25:c6:98:b9:f6:9c:58:1e:ae:37:df:1c:c6:1a:c2:f2:1f:43:
c6:42:e5:f4:8d:70:e9:58:4e:92:b7:57:34:59:5c:03:19:44:
76:4c:4f:3c:6a:17:b5:3e:97:f2:f6:80:9d:88:2a:f5:f4:9d:
27:9c:3b:d0:fc:46:35:b2:30:18:6e:2e:ff:2a:04:7c:24:79:
a3:0a:dc:47:07:46:a7:34:22:d6:5a:74:8d:10:89:76:7d:5d:
e5:8f:fb:cc:8f:8c:62:1b:1c:eb:cf:21:18:2d:b6:1b:26:10:
2e:58:17:70:49:96:aa:b8:2f:6c:1e:f8:30:74:09:e7:89:b0:
f7:bc:58:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjamiZmRnlcVd3ZSv5bxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg5ZDM4YjM1YzU3ZmQxNzkxZTMyODRiZDUwMjM1Y2JlZDAyZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47BIWuJlyXuVhbukPj28cA3pbm6W
oKfn/GacBU9Nbj9I6ByD3cZi5Lu1SEAFRsyyS3JLmfY+FORODSuXsEeihQnDofCF
Q0n6rjvXedpBiWZqImDQdTTNTZIcy4sjT4ZuP64LR7BpiO6ftTLs223FLq6lst3E
8w8zPx1vLiO1qRMz271/FUPhVkMVGquo4/dCfcSqizw+YSCGbvw87IJb/Gl43p0c
t5f3ZzNfh9Jgwms9jNlYf7GEa/bwRSsSup3lU/kiU8VjPyqcFjF2agpBPhU7Adck
AJy/9fLKUwKxHNsh/2Pv9eq8sHvCbguiolXVaZZU92bCA0vB0i8CP2eR8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWJ04s1xX/ReR4yhL1QI1y+0C+iMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvTlluVGl6WEZmOUY1SGpLRXZWQWpYTDdRTDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3wMA0G
CSqGSIb3DQEBCwUAA4IBAQCLgMQMEIsMVU8FmjYt53klvYHxgFBdzWssMjVspDLz
36h8ql6mZ/IiZ+YfbfOkfV48MEhbN4d8xdYCAws3FmFGg8AF8386P9nbYlGOhif0
iWP2vsSSijAG8pswkeW4bxUNfhlK6sTxoPLC24D67d9F/01/NuUS8kA3XVq7QA0l
xpi59pxYHq433xzGGsLyH0PGQuX0jXDpWE6St1c0WVwDGUR2TE88ahe1Ppfy9oCd
iCr19J0nnDvQ/EY1sjAYbi7/KgR8JHmjCtxHB0anNCLWWnSNEIl2fV3lj/vMj4xi
GxzrzyEYLbYbJhAuWBdwSZaquC9sHvgwdAnnibD3vFjx
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:30:01 2025 by rpki-client