Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JMxqLtPGhyakdYzUuRYzwLUA_9M.roa
File: JMxqLtPGhyakdYzUuRYzwLUA_9M.roa (raw, json)
Hash identifier: TvbH1s6Db3ZV4mwtPriDOO41ycl4ZEdjdBiBB0jNTbg=
Subject key identifier: 24:CC:6A:2E:D3:C6:87:26:A4:75:8C:D4:B9:16:33:C0:B5:00:FF:D3
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018AF15F0929B564159A97BF61A88C40BF8C
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JMxqLtPGhyakdYzUuRYzwLUA_9M.roa
Signing time: Mon 02 Oct 2023 17:10:51 +0000
ROA not before: Mon 02 Oct 2023 17:10:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.152.0/22 maxlen: 24
185.34.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:5f:09:29:b5:64:15:9a:97:bf:61:a8:8c:40:bf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 2 17:10:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24cc6a2ed3c68726a4758cd4b91633c0b500ffd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:4f:cb:2d:89:ca:92:bf:f4:c5:9a:19:09:
46:88:10:d7:50:34:15:4d:47:1f:ac:2d:56:d0:b6:
42:d6:a7:2e:d7:0c:eb:73:4f:15:ea:07:e8:e0:e4:
74:21:dd:f0:ed:55:85:22:7e:bf:53:c5:8a:c5:93:
56:89:73:af:7d:7a:ce:98:0a:a1:92:c0:ab:13:59:
ff:17:df:57:35:da:fc:08:8e:4e:12:c6:26:75:df:
a4:21:4d:f5:d2:0d:ef:94:ac:85:3d:9c:26:9e:6b:
5e:9a:1b:bc:19:8f:7d:01:c2:d7:b3:8d:1b:f9:0e:
20:d7:90:e1:77:65:8e:a4:27:5f:c7:51:39:96:99:
71:e6:ff:54:e9:b9:cb:97:2a:0d:39:00:52:56:87:
1d:ff:c4:a1:5d:2b:d0:97:8f:12:79:97:6f:64:4f:
a3:99:44:96:8c:f5:03:14:d6:32:8e:46:56:bc:22:
44:d1:e3:28:63:54:f9:61:9e:a9:2d:12:ac:f5:6c:
0b:ac:d6:23:24:cf:c4:87:56:4d:c5:47:ae:ad:f2:
b9:53:de:66:e9:62:fe:35:be:c2:0f:16:ad:61:24:
89:09:8f:bc:56:ba:c5:71:96:17:70:05:1c:56:74:
ee:4a:6e:1d:58:3b:dc:76:b5:cf:ba:66:a8:5e:76:
9d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CC:6A:2E:D3:C6:87:26:A4:75:8C:D4:B9:16:33:C0:B5:00:FF:D3
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JMxqLtPGhyakdYzUuRYzwLUA_9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.152.0/22
109.203.168.0-109.203.191.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
28:1b:63:76:b1:72:c7:a1:8d:22:5e:f0:65:37:f1:23:57:5d:
71:d0:94:52:a2:79:75:db:b5:52:84:f0:ef:8a:b8:66:a2:27:
fc:d7:57:6f:bd:ba:d3:59:d0:f0:f1:ae:27:3d:cb:25:4c:a6:
c5:ff:0e:5d:34:97:86:27:32:ce:7d:9e:c7:c2:f8:79:0c:f5:
b5:2a:cb:ae:63:a4:d0:b4:f1:84:b7:c6:d1:86:0d:48:d0:73:
cb:ca:be:1c:1b:27:9b:da:cb:ca:0a:90:d5:ce:aa:3b:42:9d:
e3:01:89:e7:f1:a9:e5:09:4f:77:c9:a2:99:b2:e7:03:fe:fd:
81:dc:fb:b2:d7:21:b8:c4:11:c2:c8:3e:51:26:49:7c:eb:76:
88:5c:3b:26:27:a5:dc:a7:22:7f:7a:74:7f:fa:4a:9a:c8:8b:
5c:93:54:68:14:ac:55:68:75:32:94:36:d3:92:86:c9:f6:d5:
23:66:4d:f3:95:8f:85:03:e0:ae:81:a5:4a:3e:22:0b:f0:a8:
9f:7d:06:5a:3a:fb:8a:30:2a:bf:b0:bb:56:ea:1a:89:87:93:
ba:88:02:01:38:3a:15:90:2b:30:d2:22:a3:75:cb:3e:a3:35:
32:2d:ac:1c:85:c6:cb:bf:74:7b:98:9f:3a:3d:b1:35:5b:c1:
5e:48:7f:4b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrxXwkptWQVmpe/YaiMQL+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMDAyMTcxMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNjNmEyZWQzYzY4NzI2YTQ3NThjZDRiOTE2MzNjMGI1MDBmZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUFPyy2JypK/9MWaGQlGiBDXUDQV
TUcfrC1W0LZC1qcu1wzrc08V6gfo4OR0Id3w7VWFIn6/U8WKxZNWiXOvfXrOmAqh
ksCrE1n/F99XNdr8CI5OEsYmdd+kIU310g3vlKyFPZwmnmtemhu8GY99AcLXs40b
+Q4g15Dhd2WOpCdfx1E5lplx5v9U6bnLlyoNOQBSVocd/8ShXSvQl48SeZdvZE+j
mUSWjPUDFNYyjkZWvCJE0eMoY1T5YZ6pLRKs9WwLrNYjJM/Eh1ZNxUeurfK5U95m
6WL+Nb7CDxatYSSJCY+8VrrFcZYXcAUcVnTuSm4dWDvcdrXPumaoXnadOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCTMai7TxocmpHWM1LkWM8C1AP/TMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSk14cUx0UEdoeWFrZFl6VXVSWXp3TFVBXzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXkqYMAwD
BANty6gDBAZty4ADBAK5IqAwDQYJKoZIhvcNAQELBQADggEBACgbY3axcsehjSJe
8GU38SNXXXHQlFKieXXbtVKE8O+KuGaiJ/zXV2+9utNZ0PDxric9yyVMpsX/Dl00
l4YnMs59nsfC+HkM9bUqy65jpNC08YS3xtGGDUjQc8vKvhwbJ5vay8oKkNXOqjtC
neMBiefxqeUJT3fJopmy5wP+/YHc+7LXIbjEEcLIPlEmSXzrdohcOyYnpdynIn96
dH/6SprIi1yTVGgUrFVodTKUNtOShsn21SNmTfOVj4UD4K6BpUo+IgvwqJ99Blo6
+4owKr+wu1bqGomHk7qIAgE4OhWQKzDSIqN1yz6jNTItrByFxsu/dHuYnzo9sTVb
wV5If0s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:30 2025 by rpki-client