Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/bp5QWFgbq_v608UUjfCgaNCIj3Q.roa
File: bp5QWFgbq_v608UUjfCgaNCIj3Q.roa (raw, json)
Hash identifier: iy98lQ3yl0LBBJ+9KIDFiz4w+uess+zTLjfbNxTpSDU=
Subject key identifier: 6E:9E:50:58:58:1B:AB:FB:FA:D3:C5:14:8D:F0:A0:68:D0:88:8F:74
Certificate issuer: /CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
Certificate serial: 018570DE631345DC818DC1F1B63303F92F3F
Authority key identifier: AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/bp5QWFgbq_v608UUjfCgaNCIj3Q.roa
Signing time: Mon 02 Jan 2023 05:05:00 +0000
ROA not before: Mon 02 Jan 2023 05:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.234.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:63:13:45:dc:81:8d:c1:f1:b6:33:03:f9:2f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
Validity
Not Before: Jan 2 05:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e9e5058581babfbfad3c5148df0a068d0888f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:29:7d:81:4e:a4:c7:40:70:83:8f:7f:b1:
9d:06:0f:75:b4:41:b8:0b:c4:9a:7c:88:ae:a0:6f:
5d:4e:3f:e8:98:6e:3f:97:20:2f:11:b9:9b:2a:02:
93:a5:a7:da:1b:5a:d0:5d:24:61:f1:aa:29:57:21:
ff:02:fd:0e:6a:0f:dc:b6:2a:c6:9b:af:13:e4:4d:
68:5c:85:78:17:02:87:ef:1e:48:55:83:10:f0:09:
62:38:be:87:15:62:d8:0c:5d:ab:73:ef:0d:09:43:
d0:f1:52:69:7e:03:72:f6:fd:14:4f:cb:cb:25:5e:
60:c7:89:f0:3e:65:fe:89:24:c0:a8:2b:36:4c:39:
98:70:62:df:36:78:4e:ba:5c:45:37:84:b5:c8:fb:
42:b5:72:34:8b:51:c0:74:cf:50:cb:28:4d:c0:1b:
85:73:4f:b6:f9:18:1c:7f:ed:3a:e2:1f:05:81:ac:
63:e6:4f:68:bf:d0:35:c7:ae:f6:39:0d:06:47:a6:
f3:e9:f2:ee:8f:02:b8:f9:15:ba:8f:f3:e0:83:68:
ae:b3:ad:7f:c7:2b:c2:7c:88:60:bd:28:b9:42:b7:
9d:8d:87:37:5d:f1:b8:ea:e6:80:be:a8:91:1a:d5:
44:5f:80:ed:5b:93:a3:d3:7d:88:e8:5f:71:e9:52:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9E:50:58:58:1B:AB:FB:FA:D3:C5:14:8D:F0:A0:68:D0:88:8F:74
X509v3 Authority Key Identifier:
keyid:AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/bp5QWFgbq_v608UUjfCgaNCIj3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:b7:b7:63:22:0d:f0:a5:fd:b3:25:34:65:cc:f5:4a:12:1c:
05:30:fc:be:06:80:66:7c:36:93:e6:02:80:18:c1:b7:fb:f8:
3e:8a:0c:d5:e0:73:cb:b4:44:a0:1d:8c:3b:bb:96:d1:45:e5:
a9:c3:1b:63:12:4e:ea:1f:79:53:0f:4c:df:e9:63:6c:4b:b9:
16:28:27:9f:77:97:73:ce:eb:5f:a5:cb:de:bc:ad:6f:5f:c5:
93:2c:48:b6:f9:43:2c:4f:98:bf:17:17:e6:80:85:7c:bb:79:
63:33:f8:90:dd:e1:86:75:27:9d:74:75:e1:70:d5:c9:27:e3:
ba:cc:d1:37:f9:4e:9d:6b:e6:91:e8:3c:b5:e0:96:b7:1b:74:
25:73:cf:26:67:b3:92:89:73:be:52:6f:98:68:6a:ed:7e:1e:
06:1f:b8:7b:f4:58:70:bd:3a:15:fd:eb:5e:db:77:73:41:f5:
9f:2b:81:e8:2c:6a:0d:81:bc:b1:cf:0f:bc:01:d4:c5:bc:53:
49:9b:8e:e6:17:82:b3:0f:aa:58:f2:bc:18:b2:98:b3:5f:3c:
d8:b2:98:3c:13:b8:ca:d0:47:e1:85:60:96:1c:8f:f9:56:a4:
ee:3d:36:45:cf:43:0a:4d:ad:f7:e8:06:92:23:72:84:a4:45:
4d:16:dd:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3mMTRdyBjcHxtjMD+S8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNWQ1ZmJiZDQyNzdlMDIyOTdlY2QwMWI1Y2Q3ZTFiZjI5
ZmM3NTkwHhcNMjMwMTAyMDUwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTllNTA1ODU4MWJhYmZiZmFkM2M1MTQ4ZGYwYTA2OGQwODg4Zjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH8pfYFOpMdAcIOPf7GdBg91tEG4
C8SafIiuoG9dTj/omG4/lyAvEbmbKgKTpafaG1rQXSRh8aopVyH/Av0Oag/ctirG
m68T5E1oXIV4FwKH7x5IVYMQ8AliOL6HFWLYDF2rc+8NCUPQ8VJpfgNy9v0UT8vL
JV5gx4nwPmX+iSTAqCs2TDmYcGLfNnhOulxFN4S1yPtCtXI0i1HAdM9QyyhNwBuF
c0+2+Rgcf+064h8Fgaxj5k9ov9A1x672OQ0GR6bz6fLujwK4+RW6j/Pgg2ius61/
xyvCfIhgvSi5QredjYc3XfG46uaAvqiRGtVEX4DtW5Oj032I6F9x6VJClwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6eUFhYG6v7+tPFFI3woGjQiI90MB8GA1UdIwQY
MBaAFK5dX7vUJ34CKX7NAbXNfhvyn8dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmwxZnU5UW5mZ0lwZnMwQnRjMS1HX0tmeDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80NGYzMmYtODcyMy00MWEwLTgwMTQt
Mzc2MjkyZDhiMmZlLzEvYnA1UVdGZ2JxX3Y2MDhVVWpmQ2dhTkNJajNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80NGYzMmYtODcyMy00MWEwLTgwMTQtMzc2MjkyZDhiMmZl
LzEvcmwxZnU5UW5mZ0lwZnMwQnRjMS1HX0tmeDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbepLMA0G
CSqGSIb3DQEBCwUAA4IBAQCot7djIg3wpf2zJTRlzPVKEhwFMPy+BoBmfDaT5gKA
GMG3+/g+igzV4HPLtESgHYw7u5bRReWpwxtjEk7qH3lTD0zf6WNsS7kWKCefd5dz
zutfpcvevK1vX8WTLEi2+UMsT5i/FxfmgIV8u3ljM/iQ3eGGdSeddHXhcNXJJ+O6
zNE3+U6da+aR6Dy14Ja3G3Qlc88mZ7OSiXO+Um+YaGrtfh4GH7h79FhwvToV/ete
23dzQfWfK4HoLGoNgbyxzw+8AdTFvFNJm47mF4KzD6pY8rwYspizXzzYspg8E7jK
0EfhhWCWHI/5VqTuPTZFz0MKTa336AaSI3KEpEVNFt2h
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:32:18 2025 by rpki-client