Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/XsIYy4MTbh_T59p6EfDaz_hMt0g.roa
File: XsIYy4MTbh_T59p6EfDaz_hMt0g.roa (raw, json)
Hash identifier: qSKUfiDPJ68r/Jv+P56yxv4dOAKxkDw1ON1LW700BBQ=
Subject key identifier: 5E:C2:18:CB:83:13:6E:1F:D3:E7:DA:7A:11:F0:DA:CF:F8:4C:B7:48
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01843E5EC97AB12B4E7B9244C5FF1662287D
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/XsIYy4MTbh_T59p6EfDaz_hMt0g.roa
Signing time: Thu 03 Nov 2022 16:41:50 +0000
ROA not before: Thu 03 Nov 2022 16:41:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 147001
IP address blocks: 109.206.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:5e:c9:7a:b1:2b:4e:7b:92:44:c5:ff:16:62:28:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Nov 3 16:41:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ec218cb83136e1fd3e7da7a11f0dacff84cb748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7c:cd:90:10:3d:a1:ef:5c:5a:8f:5f:91:75:
d4:25:b0:e7:c9:f0:fd:f1:7e:ea:56:23:fd:13:1f:
f6:91:b4:77:b1:c9:91:91:e4:f2:4e:75:57:fe:09:
3b:60:48:7d:54:aa:b7:91:8f:8a:78:42:48:51:9c:
ca:fa:05:11:fe:e5:8c:c4:cb:b1:f7:a4:e9:f4:06:
a9:de:df:65:e1:07:57:70:ab:5a:1c:17:b6:c2:99:
42:77:ed:16:97:c0:c1:f6:0d:2e:47:8a:2a:ab:28:
66:23:f9:5e:9e:36:ac:3f:c6:66:77:9a:84:f3:9a:
5a:37:0e:cf:56:30:bd:98:c7:89:46:16:aa:fb:3a:
64:25:e2:fa:c6:fd:59:61:8d:39:cb:94:6c:aa:3a:
63:56:ec:a7:04:38:9c:03:2a:88:e7:9d:6b:e1:25:
e5:c0:4e:97:2d:f9:c1:e9:6f:02:8b:6d:14:56:79:
4c:c0:0d:af:47:68:73:68:43:9a:19:66:95:8a:8c:
0f:99:8b:9f:13:63:43:e4:58:a7:4d:03:8f:62:14:
c6:d4:6c:0b:fe:06:c9:44:8e:b8:2b:77:77:ab:08:
e0:98:14:b8:0a:8b:e3:ab:ef:6c:53:98:41:21:ce:
86:12:33:95:c4:d4:45:e0:8a:9a:57:76:84:a8:e5:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C2:18:CB:83:13:6E:1F:D3:E7:DA:7A:11:F0:DA:CF:F8:4C:B7:48
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/XsIYy4MTbh_T59p6EfDaz_hMt0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.244.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:60:9a:62:9d:3e:ed:16:96:8a:0a:84:ca:35:31:6b:34:63:
4d:62:ad:9f:55:2e:a6:c5:13:19:81:0e:69:8d:aa:3e:aa:bb:
cc:45:1d:69:e0:3a:d2:7b:14:17:81:22:91:f9:55:3c:e1:1b:
a2:21:3c:78:fb:0c:54:ec:1b:a4:8c:a4:a8:08:9a:66:c3:a9:
f7:b4:e6:ff:bb:5f:40:48:a0:7b:ff:8a:57:b0:ff:f4:84:5d:
09:bb:a8:0a:8f:0f:26:5a:c4:7b:8e:99:f6:2b:85:8f:d0:58:
b9:39:30:eb:cf:15:b7:2d:83:b8:bb:18:06:f7:f7:61:8a:dd:
6b:49:59:b0:0f:06:57:b9:4d:8a:ea:f6:46:34:92:20:b2:2f:
05:c8:2e:7c:19:06:0c:27:7b:df:7c:2a:a2:05:75:e3:72:4b:
b8:39:8c:1a:e9:41:fa:6a:c5:cd:ae:9e:94:6e:89:b2:c8:bb:
c3:e7:59:bf:a1:07:0a:19:9f:80:59:24:67:4c:91:63:93:7a:
38:f8:8c:55:1f:52:1b:4c:7f:99:83:b2:27:42:62:54:6b:a0:
96:93:7d:c3:f1:88:19:f9:3a:80:1d:19:d6:9c:b2:82:96:ba:
e1:4a:15:b0:75:d1:2e:2f:17:f2:b1:42:e5:d5:f7:b2:de:7e:
bf:52:a4:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ+Xsl6sStOe5JExf8WYih9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjIxMTAzMTY0MTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMyMThjYjgzMTM2ZTFmZDNlN2RhN2ExMWYwZGFjZmY4NGNiNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHzNkBA9oe9cWo9fkXXUJbDnyfD9
8X7qViP9Ex/2kbR3scmRkeTyTnVX/gk7YEh9VKq3kY+KeEJIUZzK+gUR/uWMxMux
96Tp9Aap3t9l4QdXcKtaHBe2wplCd+0Wl8DB9g0uR4oqqyhmI/lenjasP8Zmd5qE
85paNw7PVjC9mMeJRhaq+zpkJeL6xv1ZYY05y5RsqjpjVuynBDicAyqI551r4SXl
wE6XLfnB6W8Ci20UVnlMwA2vR2hzaEOaGWaViowPmYufE2ND5FinTQOPYhTG1GwL
/gbJRI64K3d3qwjgmBS4Covjq+9sU5hBIc6GEjOVxNRF4IqaV3aEqOVfJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7CGMuDE24f0+faehHw2s/4TLdIMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvWHNJWXk0TVRiaF9UNTlwNkVmRGF6X2hNdDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc70MA0G
CSqGSIb3DQEBCwUAA4IBAQBbYJpinT7tFpaKCoTKNTFrNGNNYq2fVS6mxRMZgQ5p
jao+qrvMRR1p4DrSexQXgSKR+VU84RuiITx4+wxU7BukjKSoCJpmw6n3tOb/u19A
SKB7/4pXsP/0hF0Ju6gKjw8mWsR7jpn2K4WP0Fi5OTDrzxW3LYO4uxgG9/dhit1r
SVmwDwZXuU2K6vZGNJIgsi8FyC58GQYMJ3vffCqiBXXjcku4OYwa6UH6asXNrp6U
bomyyLvD51m/oQcKGZ+AWSRnTJFjk3o4+IxVH1IbTH+Zg7InQmJUa6CWk33D8YgZ
+TqAHRnWnLKClrrhShWwddEuLxfysULl1fey3n6/UqRJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:53 2025 by rpki-client