Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OqFfPXGdhkZtdxhPtINNyla6zM0.roa
File: OqFfPXGdhkZtdxhPtINNyla6zM0.roa (raw, json)
Hash identifier: 2V07qCJ/k1K6pS16m/RMr+cxd47UBTPu11kSmCyBhNM=
Subject key identifier: 3A:A1:5F:3D:71:9D:86:46:6D:77:18:4F:B4:83:4D:CA:56:BA:CC:CD
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019427B551370505A49EC6E72260A073DBA4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OqFfPXGdhkZtdxhPtINNyla6zM0.roa
Signing time: Thu 02 Jan 2025 15:49:41 +0000
ROA not before: Thu 02 Jan 2025 15:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20057
IP address blocks: 109.121.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:51:37:05:05:a4:9e:c6:e7:22:60:a0:73:db:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 15:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa15f3d719d86466d77184fb4834dca56bacccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:5e:cf:ab:fc:b8:82:cd:ca:e6:d4:7a:47:
75:00:36:42:31:27:2d:9d:79:2d:e6:5d:46:3b:32:
98:9a:b6:85:c6:f6:da:c8:1b:23:be:85:c1:f2:7d:
c2:e2:af:a7:f3:6c:4c:9a:cb:81:b9:82:1b:9b:76:
1c:32:cc:73:72:26:29:cc:55:e1:fd:56:0f:6d:8c:
dd:df:d8:5b:05:97:0f:ad:a0:23:cc:31:42:ea:77:
59:e0:7d:6b:4a:3f:4e:45:ce:31:49:53:d0:a4:8e:
0a:94:e4:65:98:61:e9:09:59:ed:a2:59:8e:61:b4:
ca:83:74:07:56:3d:16:92:c0:43:71:19:9d:4f:41:
1f:27:4b:ae:d2:08:0d:fd:7c:3f:ed:96:ff:28:d3:
2d:2b:d0:ff:a4:25:84:ed:28:1d:b5:e1:6f:dc:17:
4f:f8:ef:02:dd:91:bb:d9:7f:26:24:2c:81:0d:a3:
51:cf:0a:da:50:38:4b:c5:e1:40:54:7b:6e:1f:3c:
fe:b4:d4:f6:aa:fb:44:c3:44:f0:ad:1e:8d:a6:50:
2c:09:67:86:c0:3b:06:04:70:07:e0:b3:5e:da:08:
ef:e3:fd:03:f1:c9:5c:1a:a1:73:f1:1b:89:90:da:
c0:cf:ca:30:50:f7:30:63:bf:2d:2e:38:e8:b7:e8:
fa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A1:5F:3D:71:9D:86:46:6D:77:18:4F:B4:83:4D:CA:56:BA:CC:CD
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/OqFfPXGdhkZtdxhPtINNyla6zM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.34.0/24
Signature Algorithm: sha256WithRSAEncryption
77:cb:42:8b:74:ac:10:f2:fd:45:fe:72:d1:08:79:ba:ac:8c:
27:29:da:53:9c:f2:23:47:30:f3:99:b0:53:e6:0e:ab:86:81:
33:42:ed:22:b7:06:ad:04:d1:6a:c5:50:92:2b:56:e1:42:c8:
04:69:01:90:2b:de:38:f0:48:96:10:ab:2f:94:7e:66:0d:41:
46:46:29:cc:bf:f6:55:37:1d:82:c2:83:10:d8:2c:80:09:81:
48:8d:d1:6d:d0:91:a0:22:93:5f:31:38:f7:13:98:5e:6f:3e:
11:e8:cb:c2:80:41:ab:73:cc:90:3d:90:5b:32:6d:b5:c4:77:
9b:a8:46:8d:38:17:9c:f6:d6:d0:2c:af:14:8f:98:98:53:86:
e9:f7:57:0c:2b:fa:e4:db:e5:3d:75:b6:b9:86:37:2d:bc:13:
79:d6:26:b5:30:4b:8a:71:0f:b0:b6:60:18:a5:5b:9f:a1:70:
3a:4a:f9:67:07:a9:60:b1:74:ba:86:5e:ed:b6:d0:8b:90:68:
48:75:4d:c0:d5:61:6c:c4:71:99:c4:8b:dd:da:e4:35:87:29:
13:bf:f2:e4:a8:de:11:b6:ae:59:d7:31:ae:a8:1b:41:f1:80:
70:1f:65:16:79:fc:9b:e5:6d:18:fe:b9:9d:4e:24:40:8d:fe:
95:9c:1e:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntVE3BQWknsbnImCgc9ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMTAyMTU0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWExNWYzZDcxOWQ4NjQ2NmQ3NzE4NGZiNDgzNGRjYTU2YmFjY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsldez6v8uILNyubUekd1ADZCMSct
nXkt5l1GOzKYmraFxvbayBsjvoXB8n3C4q+n82xMmsuBuYIbm3YcMsxzciYpzFXh
/VYPbYzd39hbBZcPraAjzDFC6ndZ4H1rSj9ORc4xSVPQpI4KlORlmGHpCVntolmO
YbTKg3QHVj0WksBDcRmdT0EfJ0uu0ggN/Xw/7Zb/KNMtK9D/pCWE7SgdteFv3BdP
+O8C3ZG72X8mJCyBDaNRzwraUDhLxeFAVHtuHzz+tNT2qvtEw0TwrR6NplAsCWeG
wDsGBHAH4LNe2gjv4/0D8clcGqFz8RuJkNrAz8owUPcwY78tLjjot+j6ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqhXz1xnYZGbXcYT7SDTcpWuszNMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvT3FGZlBYR2Roa1p0ZHhoUHRJTk55bGE2ek0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXkiMA0G
CSqGSIb3DQEBCwUAA4IBAQB3y0KLdKwQ8v1F/nLRCHm6rIwnKdpTnPIjRzDzmbBT
5g6rhoEzQu0itwatBNFqxVCSK1bhQsgEaQGQK9448EiWEKsvlH5mDUFGRinMv/ZV
Nx2CwoMQ2CyACYFIjdFt0JGgIpNfMTj3E5hebz4R6MvCgEGrc8yQPZBbMm21xHeb
qEaNOBec9tbQLK8Uj5iYU4bp91cMK/rk2+U9dba5hjctvBN51ia1MEuKcQ+wtmAY
pVufoXA6SvlnB6lgsXS6hl7tttCLkGhIdU3A1WFsxHGZxIvd2uQ1hykTv/LkqN4R
tq5Z1zGuqBtB8YBwH2UWefyb5W0Y/rmdTiRAjf6VnB7E
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:02:57 2025 by rpki-client