Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DrBsd18NY9MqUKNZcMFgBKfVrAo.roa
File: DrBsd18NY9MqUKNZcMFgBKfVrAo.roa (raw, json)
Hash identifier: 5ij1c6mSXW8gokFsrVG9Ty66XoefPof0ibCEC6ICUiM=
Subject key identifier: 0E:B0:6C:77:5F:0D:63:D3:2A:50:A3:59:70:C1:60:04:A7:D5:AC:0A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F95102FFAD1FD2790358CD6D9E799
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DrBsd18NY9MqUKNZcMFgBKfVrAo.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210878
IP address blocks: 64.43.92.0/22 maxlen: 22
109.207.140.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:95:10:2f:fa:d1:fd:27:90:35:8c:d6:d9:e7:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eb06c775f0d63d32a50a35970c16004a7d5ac0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:e1:d5:37:5e:db:45:e9:b9:d3:38:e4:96:
86:30:50:aa:0c:11:8b:b4:4e:39:20:c0:7a:1b:c1:
96:72:ce:fa:9a:69:21:96:90:f9:5b:d4:79:83:2e:
38:cf:9d:4b:75:7f:f2:9d:9a:f0:82:13:d2:cc:54:
21:e5:dc:0e:04:55:b4:12:34:1a:b7:9a:cb:39:85:
f3:04:c3:1d:9e:5c:c9:27:77:00:11:36:1d:71:b1:
69:76:78:8b:af:fb:bb:d7:80:c4:a7:bf:79:6d:51:
f6:bb:d6:9d:0e:37:63:41:02:e1:84:d2:bf:37:c4:
1d:cf:ad:1e:04:61:85:51:3b:f2:8d:50:88:da:c8:
e7:21:ed:e9:c7:b0:a3:13:7c:64:f7:70:e4:91:61:
3f:f8:80:f9:3b:87:4a:de:22:7f:6d:c5:13:d8:c2:
13:56:3d:b4:c6:88:75:ab:d3:e8:79:56:27:be:b2:
b7:25:ed:36:7c:8a:bc:11:85:e0:5f:2b:be:b5:0c:
6c:0f:7f:f3:e1:74:a9:de:69:71:9f:a4:d4:15:82:
51:3c:34:a2:b9:04:66:61:0a:ec:27:9d:26:cc:86:
4b:f7:18:b5:b1:ae:1f:f5:2d:b5:1a:1f:7c:08:36:
62:72:2d:ab:44:d4:7b:4e:02:ef:b7:59:6a:cb:89:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B0:6C:77:5F:0D:63:D3:2A:50:A3:59:70:C1:60:04:A7:D5:AC:0A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DrBsd18NY9MqUKNZcMFgBKfVrAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.92.0/22
109.207.140.0/23
Signature Algorithm: sha256WithRSAEncryption
51:8a:d6:17:68:ce:71:23:9a:53:76:d6:55:e4:16:11:85:7f:
e1:a7:08:dd:2a:12:33:f5:89:87:a8:a1:1d:ef:06:c3:83:0b:
8a:2c:37:79:0b:b8:55:6e:6c:26:33:a4:b2:4d:64:0a:e2:3c:
62:db:e5:a6:de:28:11:c6:a2:13:3f:7d:b3:9d:18:7b:b3:04:
3b:0d:79:d2:93:3d:86:e9:17:85:1b:e7:07:25:0c:ba:61:a8:
45:4a:0e:42:9f:60:5c:42:93:e0:73:98:dd:23:82:47:c7:2c:
31:7e:a5:5e:8f:57:96:c0:33:8a:bc:6b:ad:cd:f2:04:9f:fd:
bc:73:95:8c:b9:79:4f:55:b4:15:5c:88:b0:6e:07:d3:0b:ac:
cd:e7:60:b6:41:24:7d:22:8d:d1:b5:1e:a9:39:80:30:33:74:
f7:a0:09:51:1d:2e:38:b5:8b:f4:92:a3:84:15:34:90:c2:20:
a0:ac:cf:ea:31:9d:6c:eb:cf:1f:e0:0b:89:71:18:0a:2f:88:
80:bb:27:90:bf:00:57:f0:53:fa:5e:d3:31:54:b4:14:f6:79:
6c:18:87:d8:49:88:d6:68:a0:36:a3:1c:af:eb:87:50:30:8c:
03:e7:57:c0:45:c5:31:fd:8d:20:b4:f0:7f:b8:2f:47:3d:b5:
b4:5a:d5:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj5UQL/rR/SeQNYzW2eeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIwNmM3NzVmMGQ2M2QzMmE1MGEzNTk3MGMxNjAwNGE3ZDVhYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfTh1Tde20XpudM45JaGMFCqDBGL
tE45IMB6G8GWcs76mmkhlpD5W9R5gy44z51LdX/ynZrwghPSzFQh5dwOBFW0EjQa
t5rLOYXzBMMdnlzJJ3cAETYdcbFpdniLr/u714DEp795bVH2u9adDjdjQQLhhNK/
N8Qdz60eBGGFUTvyjVCI2sjnIe3px7CjE3xk93DkkWE/+ID5O4dK3iJ/bcUT2MIT
Vj20xoh1q9PoeVYnvrK3Je02fIq8EYXgXyu+tQxsD3/z4XSp3mlxn6TUFYJRPDSi
uQRmYQrsJ50mzIZL9xi1sa4f9S21Gh98CDZici2rRNR7TgLvt1lqy4ntIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6wbHdfDWPTKlCjWXDBYASn1awKMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRHJCc2QxOE5ZOU1xVUtOWmNNRmdCS2ZWckFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQCtcAwQB
bc+MMA0GCSqGSIb3DQEBCwUAA4IBAQBRitYXaM5xI5pTdtZV5BYRhX/hpwjdKhIz
9YmHqKEd7wbDgwuKLDd5C7hVbmwmM6SyTWQK4jxi2+Wm3igRxqITP32znRh7swQ7
DXnSkz2G6ReFG+cHJQy6YahFSg5Cn2BcQpPgc5jdI4JHxywxfqVej1eWwDOKvGut
zfIEn/28c5WMuXlPVbQVXIiwbgfTC6zN52C2QSR9Io3RtR6pOYAwM3T3oAlRHS44
tYv0kqOEFTSQwiCgrM/qMZ1s688f4AuJcRgKL4iAuyeQvwBX8FP6XtMxVLQU9nls
GIfYSYjWaKA2oxyv64dQMIwD51fARcUx/Y0gtPB/uC9HPbW0WtV2
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:40 2025 by rpki-client