Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/fq87kewMSw3CmsH-pyzzUH2zxS4.roa
File: fq87kewMSw3CmsH-pyzzUH2zxS4.roa (raw, json)
Hash identifier: VjnsdN9Q2tRqQuqIFH6WWT78xUh2Uztq9DtMeS9dZ5o=
Subject key identifier: 7E:AF:3B:91:EC:0C:4B:0D:C2:9A:C1:FE:A7:2C:F3:50:7D:B3:C5:2E
Certificate issuer: /CN=686f0a4da2373205ef3445d28e260c284684b74b
Certificate serial: 018B01062D96EFC1DF6C477581B7D12880BE
Authority key identifier: 68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/fq87kewMSw3CmsH-pyzzUH2zxS4.roa
Signing time: Thu 05 Oct 2023 18:07:43 +0000
ROA not before: Thu 05 Oct 2023 18:07:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49223
IP address blocks: 109.107.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:06:2d:96:ef:c1:df:6c:47:75:81:b7:d1:28:80:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686f0a4da2373205ef3445d28e260c284684b74b
Validity
Not Before: Oct 5 18:07:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7eaf3b91ec0c4b0dc29ac1fea72cf3507db3c52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:55:8b:64:46:ac:7d:b1:99:45:e7:58:6c:
78:4b:d4:21:44:32:a6:3a:8d:89:02:db:08:f5:a9:
ba:89:b8:c2:52:10:03:3e:eb:84:f2:8a:16:b3:b2:
c3:4a:a2:ed:ee:bb:a8:00:4b:c8:a0:86:3c:5b:4f:
8a:7f:ef:a7:c5:a1:0d:32:59:f7:2a:08:b7:0e:1e:
00:ac:17:18:8f:3b:92:73:60:34:8c:07:b2:7a:42:
b2:52:34:1c:bf:f9:1c:87:e9:0f:2a:ba:29:ca:83:
2c:46:a8:4d:02:2e:30:b3:20:a1:66:ab:01:10:a8:
8f:4c:12:21:fc:14:89:76:c7:e9:fe:47:0d:0c:a5:
c5:b1:02:6d:ef:aa:5e:53:4f:24:cc:28:ac:60:55:
0f:0e:f8:e2:ef:62:a0:26:df:69:33:2b:7c:3b:ca:
71:a5:f6:39:78:2e:ca:18:c1:01:c5:6c:ab:30:7e:
d5:ac:7a:81:e7:46:a2:0b:d1:a8:06:4d:f8:9d:99:
11:7a:c7:1b:a5:19:e6:b6:a9:cd:f4:e6:d4:3a:d1:
ad:07:23:8d:30:32:e1:f8:62:44:49:a0:f7:a8:5d:
d5:71:42:79:16:59:a5:21:62:cc:80:ba:5f:c7:68:
4c:44:82:4f:ed:5a:e4:96:00:b0:c1:8c:62:c5:22:
a0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:AF:3B:91:EC:0C:4B:0D:C2:9A:C1:FE:A7:2C:F3:50:7D:B3:C5:2E
X509v3 Authority Key Identifier:
keyid:68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/fq87kewMSw3CmsH-pyzzUH2zxS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.143.0/24
Signature Algorithm: sha256WithRSAEncryption
86:54:e3:e6:8e:c9:fb:52:aa:40:c2:84:76:4d:13:aa:80:30:
0d:e0:18:d2:1f:31:f3:7a:78:de:66:f0:3d:84:6f:51:97:a0:
d4:30:22:4a:90:c4:3b:23:ba:27:b7:51:4f:57:7b:ea:6f:43:
c8:99:43:87:f7:05:35:9b:69:e1:00:e8:24:30:05:e6:2f:e0:
a3:ab:4c:cc:30:2f:4a:8d:50:f8:26:2c:ad:6e:38:fc:a4:6a:
1c:94:e3:b4:a0:da:8c:2e:37:d7:7a:dc:03:5f:16:92:2a:7d:
59:cc:e5:43:c1:95:f6:df:b1:fd:c9:4f:44:2a:e5:5c:a7:c7:
c3:e7:d5:e2:62:3c:9c:d6:de:39:39:1a:d8:a2:93:b9:44:ac:
6d:50:a2:23:c2:0a:9d:0d:cd:97:57:d7:9a:34:a7:b2:a3:f2:
53:3f:67:64:57:1d:3c:21:a5:ac:47:d5:8e:62:3a:2c:96:12:
ba:db:01:da:6c:63:52:b0:8b:ff:f2:bd:64:f2:c4:e8:46:a5:
df:50:d8:bd:ef:7d:bf:d5:8f:0e:ea:2f:ef:59:33:ba:4b:4b:
75:c2:ed:24:23:d5:a7:b1:6f:e5:fe:f1:14:6c:98:e8:72:5f:
53:3a:b4:39:d2:a9:45:25:97:95:6f:72:35:89:83:71:5c:fe:
6c:8a:16:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsBBi2W78HfbEd1gbfRKIC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmYwYTRkYTIzNzMyMDVlZjM0NDVkMjhlMjYwYzI4NDY4
NGI3NGIwHhcNMjMxMDA1MTgwNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWFmM2I5MWVjMGM0YjBkYzI5YWMxZmVhNzJjZjM1MDdkYjNjNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZBVi2RGrH2xmUXnWGx4S9QhRDKm
Oo2JAtsI9am6ibjCUhADPuuE8ooWs7LDSqLt7ruoAEvIoIY8W0+Kf++nxaENMln3
Kgi3Dh4ArBcYjzuSc2A0jAeyekKyUjQcv/kch+kPKropyoMsRqhNAi4wsyChZqsB
EKiPTBIh/BSJdsfp/kcNDKXFsQJt76peU08kzCisYFUPDvji72KgJt9pMyt8O8px
pfY5eC7KGMEBxWyrMH7VrHqB50aiC9GoBk34nZkRescbpRnmtqnN9ObUOtGtByON
MDLh+GJESaD3qF3VcUJ5FlmlIWLMgLpfx2hMRIJP7VrklgCwwYxixSKgewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6vO5HsDEsNwprB/qcs81B9s8UuMB8GA1UdIwQY
MBaAFGhvCk2iNzIF7zRF0o4mDChGhLdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUc4S1RhSTNNZ1h2TkVYU2ppWU1LRWFFdDBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hMjM5NmMtMmRmZC00NWY2LWFhMzQt
NTRjMWRjNTc0MTQ1LzEvZnE4N2tld01TdzNDbXNILXB5enpVSDJ6eFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hMjM5NmMtMmRmZC00NWY2LWFhMzQtNTRjMWRjNTc0MTQ1
LzEvYUc4S1RhSTNNZ1h2TkVYU2ppWU1LRWFFdDBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuPMA0G
CSqGSIb3DQEBCwUAA4IBAQCGVOPmjsn7UqpAwoR2TROqgDAN4BjSHzHzenjeZvA9
hG9Rl6DUMCJKkMQ7I7ont1FPV3vqb0PImUOH9wU1m2nhAOgkMAXmL+Cjq0zMMC9K
jVD4Jiytbjj8pGoclOO0oNqMLjfXetwDXxaSKn1ZzOVDwZX237H9yU9EKuVcp8fD
59XiYjyc1t45ORrYopO5RKxtUKIjwgqdDc2XV9eaNKeyo/JTP2dkVx08IaWsR9WO
YjoslhK62wHabGNSsIv/8r1k8sToRqXfUNi9732/1Y8O6i/vWTO6S0t1wu0kI9Wn
sW/l/vEUbJjocl9TOrQ50qlFJZeVb3I1iYNxXP5sihYz
-----END CERTIFICATE-----
Generated at Fri Nov 24 13:26:40 2023 by rpki-client on console-ams.rpki-client.org