Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/VJzl6kAmHXvvf2fuTu7eg1oTWQE.roa
File: VJzl6kAmHXvvf2fuTu7eg1oTWQE.roa (raw, json)
Hash identifier: 9i2POz/u6jGGQF5IUx1cNmgj1xZOmaQg2wAUvCfXzl0=
Subject key identifier: 54:9C:E5:EA:40:26:1D:7B:EF:7F:67:EE:4E:EE:DE:83:5A:13:59:01
Certificate issuer: /CN=686f0a4da2373205ef3445d28e260c284684b74b
Certificate serial: 01856F4B8CC407A7D9F8C0CA51C5F5756E26
Authority key identifier: 68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/VJzl6kAmHXvvf2fuTu7eg1oTWQE.roa
Signing time: Sun 01 Jan 2023 21:45:00 +0000
ROA not before: Sun 01 Jan 2023 21:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 109.107.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:8c:c4:07:a7:d9:f8:c0:ca:51:c5:f5:75:6e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686f0a4da2373205ef3445d28e260c284684b74b
Validity
Not Before: Jan 1 21:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=549ce5ea40261d7bef7f67ee4eeede835a135901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e8:17:ad:2a:c1:67:2e:b7:29:51:bd:aa:c8:
57:0d:35:da:5a:27:2f:e4:a8:c7:7c:ca:7d:28:18:
ad:1a:8e:f5:4d:c0:6d:25:ce:7c:9b:06:e4:88:aa:
2d:96:49:ef:b1:aa:9f:88:62:9c:6f:9d:c3:98:9c:
3b:60:ee:d7:13:8f:6d:23:4b:7a:05:87:6b:89:e1:
08:b1:9e:92:82:0f:e6:b5:cb:9c:5e:6b:69:ae:23:
1b:66:78:19:d6:74:b4:6f:54:7e:30:36:fa:fe:e9:
c6:48:e8:f4:8f:2d:15:ec:6e:bd:1e:0e:37:27:fa:
bf:03:04:fc:b8:fa:0b:9b:8a:bd:bf:18:8a:a7:05:
d9:eb:80:55:f4:8d:5b:3e:fa:1c:e3:44:bd:0d:1e:
4c:76:c3:2a:0f:77:60:fa:7b:e0:4c:45:d0:33:cc:
d6:2a:dd:fd:e7:d4:3e:bb:d6:6d:69:b1:8a:86:a1:
a7:c9:ef:c5:d7:bd:12:9f:56:97:89:21:f5:4b:a1:
cd:2a:6d:b0:e3:d7:81:75:27:b9:e8:3e:fb:5f:71:
1c:14:8f:dd:aa:c6:27:c7:ad:eb:b4:92:a2:c2:96:
9b:e1:a7:c7:e7:5c:48:b8:54:e6:87:67:30:0f:24:
f9:f5:52:ad:3f:6c:bd:08:24:06:0c:2d:cb:47:ba:
66:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9C:E5:EA:40:26:1D:7B:EF:7F:67:EE:4E:EE:DE:83:5A:13:59:01
X509v3 Authority Key Identifier:
keyid:68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/VJzl6kAmHXvvf2fuTu7eg1oTWQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.143.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:82:00:3f:1d:21:37:5f:4d:33:b5:a7:ae:51:36:f2:c3:1d:
ea:e5:2d:57:3c:ec:ff:92:15:7c:5b:dd:a6:a0:6c:62:71:f7:
e5:ac:7b:de:45:fe:ea:23:ac:6e:51:7c:24:1c:2a:76:1e:b4:
c7:ba:c0:b8:5e:a4:f0:29:8f:ce:74:7b:08:b5:8e:76:00:17:
0e:ba:e1:4c:e0:11:9a:18:35:80:43:bb:99:76:f5:8d:12:43:
65:c0:4f:e4:cd:11:6a:84:62:02:a2:95:fd:43:44:93:c5:e2:
c9:f6:28:73:3c:8a:9e:b2:fd:0e:fc:f1:f6:b7:02:6b:77:67:
80:dc:d0:62:3c:b5:82:63:b1:18:20:61:d2:71:16:c8:4a:71:
77:31:bc:ed:02:d3:a9:4f:24:65:5e:3b:96:f0:ff:77:94:38:
fa:0b:22:14:b8:aa:e7:e8:94:fd:1d:05:9c:1e:4f:84:de:05:
71:7d:4c:20:d1:68:01:8d:a0:56:50:b3:0c:42:31:d0:1f:1c:
c2:f9:28:11:84:f4:ab:87:46:4e:ce:8d:c1:e8:53:96:de:59:
59:db:7e:db:b3:94:06:d0:00:5e:35:b9:f4:6b:18:5e:45:da:
ec:e7:bf:ba:29:f6:ea:b7:2c:32:92:4f:4c:0a:2c:65:83:00:
e1:8f:99:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4zEB6fZ+MDKUcX1dW4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmYwYTRkYTIzNzMyMDVlZjM0NDVkMjhlMjYwYzI4NDY4
NGI3NGIwHhcNMjMwMTAxMjE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDljZTVlYTQwMjYxZDdiZWY3ZjY3ZWU0ZWVlZGU4MzVhMTM1OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOgXrSrBZy63KVG9qshXDTXaWicv
5KjHfMp9KBitGo71TcBtJc58mwbkiKotlknvsaqfiGKcb53DmJw7YO7XE49tI0t6
BYdrieEIsZ6Sgg/mtcucXmtpriMbZngZ1nS0b1R+MDb6/unGSOj0jy0V7G69Hg43
J/q/AwT8uPoLm4q9vxiKpwXZ64BV9I1bPvoc40S9DR5MdsMqD3dg+nvgTEXQM8zW
Kt3959Q+u9ZtabGKhqGnye/F170Sn1aXiSH1S6HNKm2w49eBdSe56D77X3EcFI/d
qsYnx63rtJKiwpab4afH51xIuFTmh2cwDyT59VKtP2y9CCQGDC3LR7pm/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSc5epAJh17739n7k7u3oNaE1kBMB8GA1UdIwQY
MBaAFGhvCk2iNzIF7zRF0o4mDChGhLdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUc4S1RhSTNNZ1h2TkVYU2ppWU1LRWFFdDBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hMjM5NmMtMmRmZC00NWY2LWFhMzQt
NTRjMWRjNTc0MTQ1LzEvVkp6bDZrQW1IWHZ2ZjJmdVR1N2VnMW9UV1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hMjM5NmMtMmRmZC00NWY2LWFhMzQtNTRjMWRjNTc0MTQ1
LzEvYUc4S1RhSTNNZ1h2TkVYU2ppWU1LRWFFdDBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuPMA0G
CSqGSIb3DQEBCwUAA4IBAQBsggA/HSE3X00ztaeuUTbywx3q5S1XPOz/khV8W92m
oGxicfflrHveRf7qI6xuUXwkHCp2HrTHusC4XqTwKY/OdHsItY52ABcOuuFM4BGa
GDWAQ7uZdvWNEkNlwE/kzRFqhGICopX9Q0STxeLJ9ihzPIqesv0O/PH2twJrd2eA
3NBiPLWCY7EYIGHScRbISnF3MbztAtOpTyRlXjuW8P93lDj6CyIUuKrn6JT9HQWc
Hk+E3gVxfUwg0WgBjaBWULMMQjHQHxzC+SgRhPSrh0ZOzo3B6FOW3llZ237bs5QG
0ABeNbn0axheRdrs57+6Kfbqtywykk9MCixlgwDhj5lv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org