Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/rLsdsTyzmVI6TpOOL_d_9P4-uqY.roa
File: rLsdsTyzmVI6TpOOL_d_9P4-uqY.roa (raw, json)
Hash identifier: AOTQhQV2Bzy97RFFVI9tOqA7mnn57InDXwucxQi20pU=
Subject key identifier: AC:BB:1D:B1:3C:B3:99:52:3A:4E:93:8E:2F:F7:7F:F4:FE:3E:BA:A6
Certificate issuer: /CN=f4e2e9b5fb967a7d3d78d0fbb930c080ec9d91e5
Certificate serial: 0185708CA02331AA1810153E85847FD87B55
Authority key identifier: F4:E2:E9:B5:FB:96:7A:7D:3D:78:D0:FB:B9:30:C0:80:EC:9D:91:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OLptfuWen09eND7uTDAgOydkeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/rLsdsTyzmVI6TpOOL_d_9P4-uqY.roa
Signing time: Mon 02 Jan 2023 03:35:42 +0000
ROA not before: Mon 02 Jan 2023 03:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15596
IP address blocks: 109.122.56.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a0:23:31:aa:18:10:15:3e:85:84:7f:d8:7b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e2e9b5fb967a7d3d78d0fbb930c080ec9d91e5
Validity
Not Before: Jan 2 03:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acbb1db13cb399523a4e938e2ff77ff4fe3ebaa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ce:35:4e:64:81:7c:02:65:d9:0b:02:05:3f:
fb:54:fd:8e:00:3f:72:52:68:9e:ca:2f:93:85:0c:
76:c1:c5:32:3d:38:8c:0a:a3:e2:f5:02:df:06:4e:
59:56:9f:43:2a:86:62:fa:fc:a2:a0:ff:64:ee:69:
28:73:ab:c1:e3:09:7e:e7:a7:ac:dd:39:21:cb:ed:
06:60:ba:fa:0e:34:5e:de:a9:c9:8b:86:80:21:37:
85:13:2f:df:48:49:9f:59:98:de:8c:85:f5:1a:95:
b8:d1:37:5d:83:28:0f:dd:50:5a:f4:0e:88:92:11:
0c:b7:05:93:01:33:df:b1:e6:9d:fb:aa:af:b9:2f:
21:2f:bd:62:c6:b9:42:b3:12:a8:4b:61:c0:b2:68:
e4:82:5e:d9:1f:1a:b4:58:a2:8c:5f:e7:dd:6c:f6:
95:f7:04:3f:56:ba:f9:d6:ef:c4:6c:a3:16:e3:00:
72:ea:b0:2e:15:cf:c8:57:b0:7d:db:41:5e:38:92:
69:fd:b0:af:e9:df:fc:1c:7a:c2:8d:5c:01:2d:89:
94:77:ba:76:4a:b4:4e:12:35:46:32:2e:39:a6:8c:
eb:76:96:9b:d2:8c:2c:ce:0c:ee:3b:6b:21:29:14:
9d:88:e6:eb:13:d7:4a:cd:b8:61:24:b6:6e:83:bd:
ca:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:BB:1D:B1:3C:B3:99:52:3A:4E:93:8E:2F:F7:7F:F4:FE:3E:BA:A6
X509v3 Authority Key Identifier:
keyid:F4:E2:E9:B5:FB:96:7A:7D:3D:78:D0:FB:B9:30:C0:80:EC:9D:91:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OLptfuWen09eND7uTDAgOydkeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/rLsdsTyzmVI6TpOOL_d_9P4-uqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/3debfc-df2e-49d4-bdc6-6d54bf44995e/1/9OLptfuWen09eND7uTDAgOydkeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.56.0/21
Signature Algorithm: sha256WithRSAEncryption
31:89:6d:52:88:35:ad:23:d3:43:5f:59:79:12:24:f8:e1:a0:
71:0b:f8:40:64:ec:3b:4a:ad:a5:ba:f7:7f:d8:de:d5:8f:f1:
1c:34:64:f7:6f:a4:12:48:69:54:a6:fc:b6:70:92:d6:b2:8e:
d2:36:24:4f:e3:4c:a9:63:9a:2a:f1:58:6a:2f:51:2b:3a:46:
df:79:3d:f3:a2:4d:18:53:44:47:26:ce:35:c1:05:7a:f1:8f:
b9:52:f5:1b:a1:bc:43:b1:78:41:82:a2:c5:63:34:26:ed:a9:
fe:fe:7c:79:a9:0d:2c:ec:57:e3:4d:c8:7a:d8:5c:59:fc:95:
50:66:e4:ea:ed:0c:ed:9a:68:0e:5e:75:ab:3b:53:9f:68:6a:
d6:e9:aa:81:19:62:bd:02:a8:88:d8:0c:d3:d3:9f:1e:22:ae:
d9:b6:16:84:3c:21:4a:4c:a1:bd:41:9c:94:1c:58:4d:ef:04:
03:fa:a7:21:b5:83:5e:4e:b8:74:11:7f:62:18:a9:bd:79:aa:
0b:dc:6b:43:e9:f9:a2:06:c0:81:c4:3d:60:f0:e0:6b:77:e6:
2c:f5:fb:cb:be:f5:01:97:aa:b6:52:cf:19:94:35:0d:4d:71:
f7:11:ba:b5:b6:0b:a2:53:6f:84:6c:a5:8f:b6:df:d7:8f:8a:
34:3a:da:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKAjMaoYEBU+hYR/2HtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTJlOWI1ZmI5NjdhN2QzZDc4ZDBmYmI5MzBjMDgwZWM5
ZDkxZTUwHhcNMjMwMTAyMDMzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2JiMWRiMTNjYjM5OTUyM2E0ZTkzOGUyZmY3N2ZmNGZlM2ViYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3841TmSBfAJl2QsCBT/7VP2OAD9y
Umieyi+ThQx2wcUyPTiMCqPi9QLfBk5ZVp9DKoZi+vyioP9k7mkoc6vB4wl+56es
3Tkhy+0GYLr6DjRe3qnJi4aAITeFEy/fSEmfWZjejIX1GpW40TddgygP3VBa9A6I
khEMtwWTATPfsead+6qvuS8hL71ixrlCsxKoS2HAsmjkgl7ZHxq0WKKMX+fdbPaV
9wQ/Vrr51u/EbKMW4wBy6rAuFc/IV7B920FeOJJp/bCv6d/8HHrCjVwBLYmUd7p2
SrROEjVGMi45pozrdpab0owszgzuO2shKRSdiObrE9dKzbhhJLZug73KrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKy7HbE8s5lSOk6Tji/3f/T+PrqmMB8GA1UdIwQY
MBaAFPTi6bX7lnp9PXjQ+7kwwIDsnZHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9McHRmdVdlbjA5ZU5EN3VUREFnT3lka2VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8zZGViZmMtZGYyZS00OWQ0LWJkYzYt
NmQ1NGJmNDQ5OTVlLzEvckxzZHNUeXptVkk2VHBPT0xfZF85UDQtdXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8zZGViZmMtZGYyZS00OWQ0LWJkYzYtNmQ1NGJmNDQ5OTVl
LzEvOU9McHRmdVdlbjA5ZU5EN3VUREFnT3lka2VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbXo4MA0G
CSqGSIb3DQEBCwUAA4IBAQAxiW1SiDWtI9NDX1l5EiT44aBxC/hAZOw7Sq2luvd/
2N7Vj/EcNGT3b6QSSGlUpvy2cJLWso7SNiRP40ypY5oq8VhqL1ErOkbfeT3zok0Y
U0RHJs41wQV68Y+5UvUbobxDsXhBgqLFYzQm7an+/nx5qQ0s7FfjTch62FxZ/JVQ
ZuTq7QztmmgOXnWrO1OfaGrW6aqBGWK9AqiI2AzT058eIq7ZthaEPCFKTKG9QZyU
HFhN7wQD+qchtYNeTrh0EX9iGKm9eaoL3GtD6fmiBsCBxD1g8OBrd+Ys9fvLvvUB
l6q2Us8ZlDUNTXH3Ebq1tguiU2+EbKWPtt/Xj4o0OtoO
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:21 2025 by rpki-client