Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/ZH0QvaHOPvJPYEbUbSGF-chYfuI.roa
File: ZH0QvaHOPvJPYEbUbSGF-chYfuI.roa (raw, json)
Hash identifier: GNpLUKAR49JusHGuTxHkn0FssgkY3qDBV+p8eW6v2dA=
Subject key identifier: 64:7D:10:BD:A1:CE:3E:F2:4F:60:46:D4:6D:21:85:F9:C8:58:7E:E2
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 0194228E2B47BD92C90B9427D3FD9BF4B047
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/ZH0QvaHOPvJPYEbUbSGF-chYfuI.roa
Signing time: Wed 01 Jan 2025 15:48:50 +0000
ROA not before: Wed 01 Jan 2025 15:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211432
IP address blocks: 109.105.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:2b:47:bd:92:c9:0b:94:27:d3:fd:9b:f4:b0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 15:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=647d10bda1ce3ef24f6046d46d2185f9c8587ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:b1:fc:05:cb:5f:8a:f2:07:f4:c9:68:26:
bc:ce:75:80:ef:95:08:9e:e8:27:e0:67:51:e7:54:
a3:26:30:66:3d:15:bf:d0:2a:1c:44:dd:88:95:1e:
9f:8d:2c:98:08:ac:d9:b2:f3:93:4c:f7:1d:89:65:
a7:1f:9f:30:2e:9c:5d:af:42:d1:68:7c:b0:3b:7f:
12:08:cb:8f:96:03:e5:77:57:6b:42:19:3d:4c:42:
55:29:6d:a3:af:9e:fa:90:29:5c:d2:2e:a3:58:c2:
98:18:b2:5c:e7:18:0d:88:30:47:a4:37:7d:11:22:
37:6d:91:99:82:75:c9:be:9c:33:94:20:15:d5:96:
3f:67:f5:14:ab:75:05:c0:5e:5f:f5:ca:56:16:3a:
52:83:95:39:f0:2b:7b:bd:20:b6:b7:f0:1f:6f:47:
2c:3a:6d:98:1a:66:1c:5e:b2:6c:92:e9:69:35:63:
6d:85:1e:bc:15:d6:c2:64:8a:a2:e5:38:91:1d:eb:
37:16:d9:3d:15:5b:48:0e:ee:b8:b4:ba:0d:c1:0a:
dd:98:e1:f2:ea:7c:46:a4:d9:e0:ef:16:e2:44:d2:
b2:90:e6:cd:35:4c:26:8c:45:6f:e2:8d:49:f4:90:
5a:67:70:34:e9:00:98:0b:b7:18:2c:b4:d1:63:4e:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7D:10:BD:A1:CE:3E:F2:4F:60:46:D4:6D:21:85:F9:C8:58:7E:E2
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/ZH0QvaHOPvJPYEbUbSGF-chYfuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.192.0/24
Signature Algorithm: sha256WithRSAEncryption
08:46:d3:56:bb:3a:91:b4:26:40:fb:da:51:3b:43:6b:21:cc:
53:37:ee:c2:63:d5:89:77:36:85:78:a9:9f:46:ba:23:98:47:
b1:35:61:88:b5:96:ff:7d:fc:81:72:7b:80:06:e0:9a:b3:5f:
58:2e:6c:af:d8:3e:d5:e5:d1:9f:64:49:eb:af:2f:6f:03:51:
e7:4c:1a:c4:dd:96:6f:a0:74:01:8f:e9:5a:f0:23:36:68:62:
a4:90:7d:c7:46:7d:51:91:6e:6f:fd:96:dd:aa:e9:2a:e0:ca:
2d:89:df:bb:8e:42:fd:c3:5a:c3:f8:69:7e:0f:f6:4a:7d:75:
a6:66:ff:66:72:77:19:a9:66:bd:f0:d8:64:5d:aa:5b:f9:0a:
bb:e5:e0:e1:61:0e:39:ac:28:02:b1:79:af:76:25:90:40:80:
50:ac:db:27:92:ea:08:1b:ff:73:9f:0e:eb:35:da:f5:52:c7:
04:06:2a:8a:6d:90:93:9a:4f:3b:cf:b2:60:83:95:90:ea:30:
c8:67:bc:02:29:a9:13:a3:de:39:93:1f:5c:22:e8:c8:6d:1f:
45:3e:79:2b:93:85:39:5e:07:7d:40:b2:7e:ca:2d:8d:27:d7:
0f:9f:c1:ab:26:bb:39:e2:01:b8:33:23:04:a0:28:f1:37:3f:
8d:59:ed:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijitHvZLJC5Qn0/2b9LBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjUwMTAxMTU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdkMTBiZGExY2UzZWYyNGY2MDQ2ZDQ2ZDIxODVmOWM4NTg3ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXax/AXLX4ryB/TJaCa8znWA75UI
nugn4GdR51SjJjBmPRW/0CocRN2IlR6fjSyYCKzZsvOTTPcdiWWnH58wLpxdr0LR
aHywO38SCMuPlgPld1drQhk9TEJVKW2jr576kClc0i6jWMKYGLJc5xgNiDBHpDd9
ESI3bZGZgnXJvpwzlCAV1ZY/Z/UUq3UFwF5f9cpWFjpSg5U58Ct7vSC2t/Afb0cs
Om2YGmYcXrJskulpNWNthR68FdbCZIqi5TiRHes3Ftk9FVtIDu64tLoNwQrdmOHy
6nxGpNng7xbiRNKykObNNUwmjEVv4o1J9JBaZ3A06QCYC7cYLLTRY06y9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGR9EL2hzj7yT2BG1G0hhfnIWH7iMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvWkgwUXZhSE9QdkpQWUViVWJTR0YtY2hZZnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnAMA0G
CSqGSIb3DQEBCwUAA4IBAQAIRtNWuzqRtCZA+9pRO0NrIcxTN+7CY9WJdzaFeKmf
RrojmEexNWGItZb/ffyBcnuABuCas19YLmyv2D7V5dGfZEnrry9vA1HnTBrE3ZZv
oHQBj+la8CM2aGKkkH3HRn1RkW5v/Zbdqukq4Motid+7jkL9w1rD+Gl+D/ZKfXWm
Zv9mcncZqWa98NhkXapb+Qq75eDhYQ45rCgCsXmvdiWQQIBQrNsnkuoIG/9znw7r
Ndr1UscEBiqKbZCTmk87z7Jgg5WQ6jDIZ7wCKakTo945kx9cIujIbR9FPnkrk4U5
Xgd9QLJ+yi2NJ9cPn8GrJrs54gG4MyMEoCjxNz+NWe2b
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:49:47 2025 by rpki-client