Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/igV40QtGnI7enxbzl9L-72JMCPI.roa
File: igV40QtGnI7enxbzl9L-72JMCPI.roa (raw, json)
Hash identifier: S9JqPhkIRQkgVEKmr1ClGSezPXZu8l1M7s27cz6XMdE=
Subject key identifier: 8A:05:78:D1:0B:46:9C:8E:DE:9F:16:F3:97:D2:FE:EF:62:4C:08:F2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194FFEDF2EC0D3980AF7A407DCEEB933799
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/igV40QtGnI7enxbzl9L-72JMCPI.roa
Signing time: Thu 13 Feb 2025 15:29:31 +0000
ROA not before: Thu 13 Feb 2025 15:29:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401110
IP address blocks: 109.206.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:ed:f2:ec:0d:39:80:af:7a:40:7d:ce:eb:93:37:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 13 15:29:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a0578d10b469c8ede9f16f397d2feef624c08f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:fd:c3:2b:21:3c:62:29:bd:cc:b0:f3:c0:d6:
5b:2b:53:97:0e:bb:3b:c6:e8:dd:d8:56:52:54:cb:
24:75:93:cd:3a:34:68:f7:ef:f8:26:43:44:cc:67:
1e:10:ff:5a:c2:5d:8f:6e:28:88:6d:90:e0:6e:d6:
1c:12:2c:ea:4a:0e:2c:5c:0e:dd:d5:28:f9:df:bc:
bf:69:a7:ae:98:c1:94:fd:56:8d:66:e1:1f:11:50:
93:6a:9b:db:f2:f2:25:50:d7:05:6e:26:68:a8:7c:
9d:46:ab:ad:0e:85:d7:30:e5:cf:2a:d6:95:31:16:
2a:ef:13:62:8d:58:30:e3:1e:e8:10:25:bd:3b:a3:
f0:5d:02:32:6b:e8:66:1f:51:91:a6:e6:65:55:69:
df:99:93:2b:15:81:b2:ca:01:e2:ee:ad:9a:46:71:
fe:25:86:39:fe:a4:a5:03:14:77:1a:6e:47:a7:39:
d9:5f:a1:1b:c8:c2:1a:42:32:9c:9f:b3:05:3c:99:
3e:5d:e4:43:cb:f0:00:2a:61:c7:f1:14:0e:98:2c:
c9:97:ac:53:b9:18:88:a5:c3:bc:d2:64:d8:06:1f:
03:0d:cb:f2:6d:1a:b8:f0:1b:91:65:04:15:f8:49:
b4:88:22:48:dd:7a:b8:e0:54:60:14:b3:f4:ab:c1:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:05:78:D1:0B:46:9C:8E:DE:9F:16:F3:97:D2:FE:EF:62:4C:08:F2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/igV40QtGnI7enxbzl9L-72JMCPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.237.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5a:89:d2:c4:4a:f5:e6:cb:59:83:af:d5:2e:da:34:cf:b8:
9c:50:91:c1:c9:ad:30:03:3d:a8:82:d5:7f:65:1e:e1:b9:5e:
92:ea:0f:41:3a:40:d5:89:47:59:ae:dc:d6:10:e3:a1:80:ea:
84:48:ff:29:96:b7:ad:0c:c0:ba:ca:e4:ab:8f:83:3d:20:b7:
4a:a0:80:e3:82:db:0e:2b:85:eb:f1:d6:6d:e8:1f:74:c8:b5:
2c:d7:51:dd:c1:f7:93:58:9c:c3:39:2f:9f:61:16:b0:e7:80:
55:96:00:70:76:44:42:e9:d6:dd:a1:d4:96:a4:32:70:10:e0:
1b:39:de:95:d6:ad:9b:c7:95:64:31:71:89:f6:ff:90:65:b6:
c9:43:88:8c:59:88:1a:9f:cb:f2:68:20:74:de:eb:35:bd:20:
79:bc:83:32:7c:f8:de:ff:bd:98:f2:a3:89:7d:bd:91:70:20:
b3:d4:ca:6b:ca:4b:a0:40:a6:2c:94:3f:de:85:92:5e:15:25:
47:3d:4f:8a:c2:08:ba:92:78:6c:d0:f4:47:91:c3:e3:1f:17:
a1:b0:18:ce:18:30:38:92:f9:93:9d:60:7f:ee:d9:54:5a:99:
a8:c9:8e:60:c3:f7:56:37:8e:2a:2a:1d:0f:a8:50:e6:a0:c1:
98:40:0d:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT/7fLsDTmAr3pAfc7rkzeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjEzMTUyOTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA1NzhkMTBiNDY5YzhlZGU5ZjE2ZjM5N2QyZmVlZjYyNGMwOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6f3DKyE8Yim9zLDzwNZbK1OXDrs7
xujd2FZSVMskdZPNOjRo9+/4JkNEzGceEP9awl2PbiiIbZDgbtYcEizqSg4sXA7d
1Sj537y/aaeumMGU/VaNZuEfEVCTapvb8vIlUNcFbiZoqHydRqutDoXXMOXPKtaV
MRYq7xNijVgw4x7oECW9O6PwXQIya+hmH1GRpuZlVWnfmZMrFYGyygHi7q2aRnH+
JYY5/qSlAxR3Gm5HpznZX6EbyMIaQjKcn7MFPJk+XeRDy/AAKmHH8RQOmCzJl6xT
uRiIpcO80mTYBh8DDcvybRq48BuRZQQV+Em0iCJI3Xq44FRgFLP0q8FYdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoFeNELRpyO3p8W85fS/u9iTAjyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaWdWNDBRdEduSTdlbnhiemw5TC03MkpNQ1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc7tMA0G
CSqGSIb3DQEBCwUAA4IBAQABWonSxEr15stZg6/VLto0z7icUJHBya0wAz2ogtV/
ZR7huV6S6g9BOkDViUdZrtzWEOOhgOqESP8plretDMC6yuSrj4M9ILdKoIDjgtsO
K4Xr8dZt6B90yLUs11HdwfeTWJzDOS+fYRaw54BVlgBwdkRC6dbdodSWpDJwEOAb
Od6V1q2bx5VkMXGJ9v+QZbbJQ4iMWYgan8vyaCB03us1vSB5vIMyfPje/72Y8qOJ
fb2RcCCz1MprykugQKYslD/ehZJeFSVHPU+Kwgi6knhs0PRHkcPjHxehsBjOGDA4
kvmTnWB/7tlUWpmoyY5gw/dWN44qKh0PqFDmoMGYQA1C
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:54:32 2025 by rpki-client