Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/r6C99vK2TllFCTWcqpJRSg5MRPM.roa
File: r6C99vK2TllFCTWcqpJRSg5MRPM.roa (raw, json)
Hash identifier: 3+br3Wh/zPJPiW24ubp7XOxLj4qW7AeahE4kU9GEl1U=
Subject key identifier: AF:A0:BD:F6:F2:B6:4E:59:45:09:35:9C:AA:92:51:4A:0E:4C:44:F3
Certificate issuer: /CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Certificate serial: 019423D7377C661031E0A649E3E848A2A539
Authority key identifier: AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/r6C99vK2TllFCTWcqpJRSg5MRPM.roa
Signing time: Wed 01 Jan 2025 21:48:14 +0000
ROA not before: Wed 01 Jan 2025 21:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207876
IP address blocks: 192.109.210.0/24 maxlen: 24
192.109.217.0/24 maxlen: 24
192.109.219.0/24 maxlen: 24
192.109.220.0/24 maxlen: 24
2a0a:7480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:37:7c:66:10:31:e0:a6:49:e3:e8:48:a2:a5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Validity
Not Before: Jan 1 21:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afa0bdf6f2b64e594509359caa92514a0e4c44f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:c5:f7:fa:0a:c0:c5:2b:9d:f8:10:ca:cc:
be:0f:63:1a:79:66:de:48:be:36:dc:eb:c4:20:95:
45:6e:03:e9:c5:04:22:d4:33:87:c7:e9:d9:67:4f:
a3:3c:ef:e3:0e:a2:f4:27:2b:8f:0d:e0:b3:87:10:
b5:76:3b:c1:39:5e:73:94:7c:8e:14:af:f5:3c:03:
9d:ae:51:8f:8e:a4:06:b0:17:0e:c3:f9:22:73:89:
56:ca:b2:93:5a:e5:fb:20:6d:61:b2:c7:9e:93:a5:
b7:7c:93:01:47:1c:25:24:34:4a:45:8c:14:2c:9e:
a8:bd:d0:d7:a6:e8:2a:d1:0e:1d:29:7e:0e:7e:cc:
76:cc:92:a6:1a:79:2d:3a:62:9c:44:ef:93:83:2d:
43:74:48:9e:bf:d4:b3:47:48:cb:11:af:6e:81:6a:
f4:70:5e:83:1d:42:b3:e8:f0:47:4c:20:b4:1b:6f:
57:f1:7d:d2:c2:0e:0b:11:b0:d4:28:b7:73:f7:36:
13:e6:98:12:d2:f4:69:77:bf:b2:fd:0f:13:ae:68:
e2:5b:e6:f8:42:50:5e:74:d2:b3:1b:d5:13:ae:a2:
b0:a5:78:d9:51:d6:1d:88:03:16:37:87:02:e4:80:
56:5d:d0:8a:58:71:63:6f:1e:6a:92:43:52:b0:d1:
41:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A0:BD:F6:F2:B6:4E:59:45:09:35:9C:AA:92:51:4A:0E:4C:44:F3
X509v3 Authority Key Identifier:
keyid:AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/r6C99vK2TllFCTWcqpJRSg5MRPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/rY3RenaOO2-_p6cAmnAH6-ZbRcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.210.0/24
192.109.217.0/24
192.109.219.0-192.109.220.255
IPv6:
2a0a:7480::/29
Signature Algorithm: sha256WithRSAEncryption
8c:58:23:48:db:22:96:c9:d3:5e:5b:13:af:1f:86:14:11:f0:
52:35:86:f1:0d:64:6a:ab:62:68:36:a0:79:dd:16:4e:56:15:
9c:b4:a3:da:41:5a:af:92:68:9e:c4:2f:a4:6a:68:3f:ca:4d:
9c:8a:41:09:3d:17:29:a2:94:88:71:45:b2:5b:f8:36:8d:ba:
e9:f8:80:23:f8:c0:79:2f:82:e9:67:e5:19:87:fa:c4:09:50:
00:1c:78:a5:4d:b6:cd:40:39:08:03:83:d1:d7:b5:97:75:2b:
97:88:7d:a8:f2:53:a7:87:04:1b:39:76:5e:7b:29:96:7d:75:
ac:09:03:d9:8b:78:af:64:ca:c2:e7:c8:7f:f8:f2:73:d4:61:
a4:d2:2b:51:c2:a1:89:cc:d9:75:8d:4c:a5:e3:cd:78:33:40:
75:16:a1:c0:dd:d6:04:08:17:46:c1:bb:26:69:49:d3:7f:66:
81:d7:02:5c:4c:2d:a7:fc:b8:fd:70:e5:65:b8:52:0f:57:06:
0e:61:2e:bc:6d:ee:91:ef:ad:ba:47:c0:c3:dc:2a:eb:c7:32:
b5:12:4b:2d:8d:6f:bb:9e:74:bb:06:fa:af:4c:5d:88:da:3d:
da:fa:58:4f:7b:95:26:a3:bc:f2:fc:1e:be:72:d3:17:16:8a:
d9:82:42:2b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQj1zd8ZhAx4KZJ4+hIoqU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGRkMTdhNzY4ZTNiNmZiZmE3YTcwMDlhNzAwN2ViZTY1
YjQ1YzgwHhcNMjUwMTAxMjE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmEwYmRmNmYyYjY0ZTU5NDUwOTM1OWNhYTkyNTE0YTBlNGM0NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAfF9/oKwMUrnfgQysy+D2MaeWbe
SL423OvEIJVFbgPpxQQi1DOHx+nZZ0+jPO/jDqL0JyuPDeCzhxC1djvBOV5zlHyO
FK/1PAOdrlGPjqQGsBcOw/kic4lWyrKTWuX7IG1hsseek6W3fJMBRxwlJDRKRYwU
LJ6ovdDXpugq0Q4dKX4Ofsx2zJKmGnktOmKcRO+Tgy1DdEiev9SzR0jLEa9ugWr0
cF6DHUKz6PBHTCC0G29X8X3Swg4LEbDUKLdz9zYT5pgS0vRpd7+y/Q8TrmjiW+b4
QlBedNKzG9UTrqKwpXjZUdYdiAMWN4cC5IBWXdCKWHFjbx5qkkNSsNFB5wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFK+gvfbytk5ZRQk1nKqSUUoOTETzMB8GA1UdIwQY
MBaAFK2N0Xp2jjtvv6enAJpwB+vmW0XIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUt
OWVhZGQzNTFmYzc5LzEvcjZDOTl2SzJUbGxGQ1RXY3FwSlJTZzVNUlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUtOWVhZGQzNTFmYzc5
LzEvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwG3SAwQA
wG3ZMAwDBADAbdsDBADAbdwwDQQCAAIwBwMFAyoKdIAwDQYJKoZIhvcNAQELBQAD
ggEBAIxYI0jbIpbJ015bE68fhhQR8FI1hvENZGqrYmg2oHndFk5WFZy0o9pBWq+S
aJ7EL6RqaD/KTZyKQQk9FymilIhxRbJb+DaNuun4gCP4wHkvguln5RmH+sQJUAAc
eKVNts1AOQgDg9HXtZd1K5eIfajyU6eHBBs5dl57KZZ9dawJA9mLeK9kysLnyH/4
8nPUYaTSK1HCoYnM2XWNTKXjzXgzQHUWocDd1gQIF0bBuyZpSdN/ZoHXAlxMLaf8
uP1w5WW4Ug9XBg5hLrxt7pHvrbpHwMPcKuvHMrUSSy2Nb7uedLsG+q9MXYjaPdr6
WE97lSajvPL8Hr5y0xcWitmCQis=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:40 2025 by rpki-client