Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/edq8hW4v0C1UFgzZciLDt4oNrjw.roa
File: edq8hW4v0C1UFgzZciLDt4oNrjw.roa (raw, json)
Hash identifier: S27+X53MkFZT7yUFqR5c54ab6Utg063PqQ6fRg6mENY=
Subject key identifier: 79:DA:BC:85:6E:2F:D0:2D:54:16:0C:D9:72:22:C3:B7:8A:0D:AE:3C
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0185C486B110AB7B9FC07C08F6B835E7F3F2
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/edq8hW4v0C1UFgzZciLDt4oNrjw.roa
Signing time: Wed 18 Jan 2023 10:57:19 +0000
ROA not before: Wed 18 Jan 2023 10:57:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.203.163.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c4:86:b1:10:ab:7b:9f:c0:7c:08:f6:b8:35:e7:f3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 18 10:57:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79dabc856e2fd02d54160cd97222c3b78a0dae3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:28:f0:06:f7:d5:81:9b:af:6e:a5:c7:ae:b1:
55:65:c3:e5:bf:69:af:a4:b9:06:90:e2:52:a1:7a:
6a:81:de:e0:3a:27:c4:88:9a:a9:38:eb:50:0e:7f:
43:02:a9:52:ed:5f:a3:d0:43:c5:75:8d:d6:c8:83:
82:49:24:c4:ab:17:b7:7d:59:9c:71:eb:27:23:c4:
e5:e2:d4:60:df:94:f0:73:9a:d2:f4:2c:5f:fc:5f:
74:d0:b3:b1:5a:1a:30:7c:d6:b0:fd:3e:fa:98:16:
d9:f1:c0:76:31:07:a2:39:4c:47:ac:2e:83:51:1c:
a4:95:67:e2:3e:e9:51:e1:50:98:e8:a1:04:48:8f:
4f:43:0f:17:e5:32:e3:f3:3b:31:bd:3c:0e:74:de:
16:6a:44:b2:9d:9a:be:04:e8:1c:35:75:13:65:b3:
99:b0:28:ea:6c:08:06:e9:d9:fb:97:cc:0d:88:f7:
aa:57:62:74:3d:c4:d2:b2:09:e8:28:96:89:90:a3:
7f:bd:1b:a4:6e:26:1e:97:d8:da:31:bc:17:90:d8:
2b:14:87:2b:c9:26:d4:d5:74:c1:31:00:ce:fe:21:
ae:19:cc:4a:c8:54:e8:c5:0c:dd:53:9b:f2:41:86:
f1:e4:13:94:d0:59:c0:6b:a8:a4:d7:2b:bf:fc:70:
c7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DA:BC:85:6E:2F:D0:2D:54:16:0C:D9:72:22:C3:B7:8A:0D:AE:3C
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/edq8hW4v0C1UFgzZciLDt4oNrjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.146.0/24
109.203.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:b0:13:ca:b9:17:32:3f:47:76:0d:dc:46:ea:0b:e2:48:13:
37:fe:d4:50:19:f3:b0:55:0c:e0:2d:f1:ab:4b:d8:ff:a6:bb:
2b:76:92:6c:57:72:b2:a6:b5:10:17:6a:aa:72:a1:fc:f2:5e:
1c:08:52:e3:f6:e3:48:d2:2a:09:05:13:30:a0:52:71:a4:fd:
e3:f4:8f:7f:5e:98:f2:16:77:60:8e:44:b3:a3:d2:12:66:b0:
aa:c1:63:3a:5a:6f:91:d4:14:da:20:a5:3f:34:5b:be:b0:71:
7c:a0:5d:8a:b4:88:5f:90:25:9d:5a:a4:e1:d9:8b:e3:7c:04:
aa:83:64:0c:16:b5:02:63:1e:b5:78:55:33:e0:2a:d4:8c:c8:
46:6d:d2:03:79:81:7a:e8:cf:94:3b:16:d8:64:1b:8b:c8:0f:
a0:c1:9c:55:5e:f8:74:09:42:99:57:52:be:db:98:02:bf:1d:
8e:7a:b0:8f:49:c8:99:6c:b1:c8:07:d4:e9:88:3a:95:64:2a:
b1:46:a3:d5:ed:1b:d9:55:5f:32:44:50:0f:7b:77:75:bc:f1:
b4:d2:2f:d7:28:d0:37:76:94:8e:04:e7:e9:18:1b:7d:75:52:
1b:f0:de:65:a3:cb:96:d6:87:3f:b0:28:ff:e1:f8:05:6e:8a:
81:f7:ee:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXEhrEQq3ufwHwI9rg15/PyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMTE4MTA1NzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWRhYmM4NTZlMmZkMDJkNTQxNjBjZDk3MjIyYzNiNzhhMGRhZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjijwBvfVgZuvbqXHrrFVZcPlv2mv
pLkGkOJSoXpqgd7gOifEiJqpOOtQDn9DAqlS7V+j0EPFdY3WyIOCSSTEqxe3fVmc
cesnI8Tl4tRg35Twc5rS9Cxf/F900LOxWhowfNaw/T76mBbZ8cB2MQeiOUxHrC6D
URyklWfiPulR4VCY6KEESI9PQw8X5TLj8zsxvTwOdN4WakSynZq+BOgcNXUTZbOZ
sCjqbAgG6dn7l8wNiPeqV2J0PcTSsgnoKJaJkKN/vRukbiYel9jaMbwXkNgrFIcr
ySbU1XTBMQDO/iGuGcxKyFToxQzdU5vyQYbx5BOU0FnAa6ik1yu//HDHHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHnavIVuL9AtVBYM2XIiw7eKDa48MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZWRxOGhXNHYwQzFVRmd6WmNpTER0NG9Ocmp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJTGSAwQA
bcujMA0GCSqGSIb3DQEBCwUAA4IBAQCpsBPKuRcyP0d2DdxG6gviSBM3/tRQGfOw
VQzgLfGrS9j/prsrdpJsV3KyprUQF2qqcqH88l4cCFLj9uNI0ioJBRMwoFJxpP3j
9I9/XpjyFndgjkSzo9ISZrCqwWM6Wm+R1BTaIKU/NFu+sHF8oF2KtIhfkCWdWqTh
2YvjfASqg2QMFrUCYx61eFUz4CrUjMhGbdIDeYF66M+UOxbYZBuLyA+gwZxVXvh0
CUKZV1K+25gCvx2OerCPSciZbLHIB9TpiDqVZCqxRqPV7RvZVV8yRFAPe3d1vPG0
0i/XKNA3dpSOBOfpGBt9dVIb8N5lo8uW1oc/sCj/4fgFboqB9+7q
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:39 2025 by rpki-client