Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/5N8M4KJwnoo1zIe2AU0xc7mnWFA.roa
File: 5N8M4KJwnoo1zIe2AU0xc7mnWFA.roa (raw, json)
Hash identifier: lGBtp9YyaPL/EXN1axw+bwNlvWuMTBB6hxeR6qmHN6c=
Subject key identifier: E4:DF:0C:E0:A2:70:9E:8A:35:CC:87:B6:01:4D:31:73:B9:A7:58:50
Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Certificate serial: 019425FDB1591C3E3939F13E088F29B0467F
Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/5N8M4KJwnoo1zIe2AU0xc7mnWFA.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 109.68.67.0/24 maxlen: 24
109.68.70.0/24 maxlen: 24
109.68.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b1:59:1c:3e:39:39:f1:3e:08:8f:29:b0:46:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4df0ce0a2709e8a35cc87b6014d3173b9a75850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:2f:40:45:c6:b3:10:73:7a:2c:4a:d1:d3:
61:6c:59:0b:a1:c6:48:d1:0b:56:d4:07:4d:3e:8e:
6b:38:84:28:8b:ec:95:88:8b:ff:08:ef:38:a1:a9:
51:24:4c:f8:46:08:31:f8:ce:2b:d2:b4:cd:62:a5:
ea:49:26:0b:47:47:6a:40:3e:6a:44:62:48:68:24:
a6:09:f8:b1:2c:54:6d:5e:94:29:7b:20:21:27:1b:
46:5e:1b:7c:b6:af:e3:92:7e:aa:98:4c:e2:44:f9:
6d:f6:35:b4:54:7d:f5:19:88:e9:69:9d:04:3a:65:
55:c3:c9:c9:42:67:8d:21:de:84:e4:d3:a1:28:2a:
5c:72:45:44:7a:46:0e:37:4a:1d:4e:6f:87:ee:d9:
f7:ea:d3:6a:cf:c3:1b:5c:7b:4a:c1:42:20:2d:16:
1e:b5:91:06:7c:f0:07:e5:a8:78:ec:4b:84:b9:38:
3f:bd:eb:81:55:d1:78:dc:1b:c4:61:2a:6d:06:5e:
85:76:b1:05:17:4f:e0:2d:63:ad:b2:f7:a5:22:a2:
c3:0d:a4:74:79:05:ff:8e:da:f3:ff:81:b3:65:2a:
ef:32:a9:88:04:8b:70:e5:05:24:96:80:e5:33:e7:
05:3d:35:39:b3:fb:a8:49:ff:c4:90:63:48:96:8d:
25:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DF:0C:E0:A2:70:9E:8A:35:CC:87:B6:01:4D:31:73:B9:A7:58:50
X509v3 Authority Key Identifier:
keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/5N8M4KJwnoo1zIe2AU0xc7mnWFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.67.0/24
109.68.70.0/23
Signature Algorithm: sha256WithRSAEncryption
19:9b:60:ea:20:56:16:30:50:f6:e8:f8:7c:ee:67:42:1f:e8:
c0:6e:42:33:e7:e5:1c:7c:22:37:f6:75:9a:7d:ca:7b:6b:f9:
5e:db:85:02:6a:07:83:e5:d8:24:da:df:76:57:75:0f:0d:d3:
65:07:08:e5:9f:0f:5d:b7:ea:09:ed:cd:d2:db:9b:08:3e:d5:
35:b6:29:98:9c:ad:4c:7a:70:40:b5:b9:f7:45:e3:58:bc:e0:
ec:01:7e:9f:e5:30:28:50:5d:5c:b4:9b:70:06:3d:33:be:cd:
65:fa:6d:93:87:e6:09:79:36:f4:a0:ea:c8:67:18:24:24:01:
a7:3a:f2:1d:9a:76:d0:25:27:c9:80:b3:15:6d:e5:04:bd:d7:
8a:6b:1f:4d:f9:50:c9:fd:c0:39:00:d3:a6:11:63:43:13:c2:
e3:ab:e6:18:28:83:64:aa:2c:90:ed:77:6c:bb:f6:9c:43:4f:
8f:a6:96:ed:73:85:1f:8a:8e:73:47:50:3f:2b:5a:f7:f9:a0:
0c:bc:f8:b5:fc:70:0e:0b:d0:8a:20:5b:c6:21:b5:20:db:e2:
69:ef:a8:5d:b7:05:62:5c:24:e3:02:42:0a:08:07:6a:15:82:
f7:84:ed:9e:bf:33:2e:27:ab:88:42:00:c5:80:a1:97:ab:55:
bd:22:13:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/bFZHD45OfE+CI8psEZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz
Mzc5NDMwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRmMGNlMGEyNzA5ZThhMzVjYzg3YjYwMTRkMzE3M2I5YTc1ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQUvQEXGsxBzeixK0dNhbFkLocZI
0QtW1AdNPo5rOIQoi+yViIv/CO84oalRJEz4Rggx+M4r0rTNYqXqSSYLR0dqQD5q
RGJIaCSmCfixLFRtXpQpeyAhJxtGXht8tq/jkn6qmEziRPlt9jW0VH31GYjpaZ0E
OmVVw8nJQmeNId6E5NOhKCpcckVEekYON0odTm+H7tn36tNqz8MbXHtKwUIgLRYe
tZEGfPAH5ah47EuEuTg/veuBVdF43BvEYSptBl6FdrEFF0/gLWOtsvelIqLDDaR0
eQX/jtrz/4GzZSrvMqmIBItw5QUkloDlM+cFPTU5s/uoSf/EkGNIlo0lOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOTfDOCicJ6KNcyHtgFNMXO5p1hQMB8GA1UdIwQY
MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt
NThkMmVlOTgyODc5LzEvNU44TTRLSndub28xekllMkFVMHhjN21uV0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGItNThkMmVlOTgyODc5
LzEvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbURDAwQB
bURGMA0GCSqGSIb3DQEBCwUAA4IBAQAZm2DqIFYWMFD26Ph87mdCH+jAbkIz5+Uc
fCI39nWafcp7a/le24UCageD5dgk2t92V3UPDdNlBwjlnw9dt+oJ7c3S25sIPtU1
timYnK1MenBAtbn3ReNYvODsAX6f5TAoUF1ctJtwBj0zvs1l+m2Th+YJeTb0oOrI
ZxgkJAGnOvIdmnbQJSfJgLMVbeUEvdeKax9N+VDJ/cA5ANOmEWNDE8Ljq+YYKINk
qiyQ7Xdsu/acQ0+Pppbtc4Ufio5zR1A/K1r3+aAMvPi1/HAOC9CKIFvGIbUg2+Jp
76hdtwViXCTjAkIKCAdqFYL3hO2evzMuJ6uIQgDFgKGXq1W9IhOG
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:22 2025 by rpki-client